content/maven/dependency-check-report.html

<!DOCTYPE html>
<html>
    <head>
        <title>Dependency-Check Report</title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <link rel="shortcut icon" href="data:;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAVLSURBVFhHvZdvbFRFEMB3913v9Vr+FKUNRdtrewg1lQgRE0gMYkJSowYMwcSPkGDwg8ZigMR+UYzGaIuAEj+R+IfE+EUlRL+QYAwhGBMqkFQDpO1xd/YPBaSU9u767r0dZ5a513vtXVsq8Zcsb3bu9c3szuzsIMU8iEaj5fhYJlzRYCkZ7Utd+wbnQL+Nd0TeoyeAPLFgf/oiyTNxXw6g4WUhTz4JEtaiNXLCEE8l3seHJjlzsOJHfLxMsgHE4cje9B6eTUPxc0ZoxbFHG1qVFq9rCRsKjc+KFG3oFGQ6Kw6xJsCsDqDxNZYWbWSYVUFAJFkyaA2XWAxiHIlcGPukYg1rDCVDQKsOadmqBaxllY8CuKHBuqOlHlNKufFk/GdUmxxoeqTpMbBg1dGXRlZtqHc2R8rgedIXgk4eqNyXMblS1AE2vhWNP84qAxl2hewno6wyFHOAZOLAc6PRbU+kd2OyrmbVPTg3pjlQzDgazGmh40rKMY3LZrVBCi/Tl0z+gqJxYGV9fWNOWC0kF3Jm1/C2pZWwk6cG2olpOcDb7hsHgLQGcUWAGs0bV1K7EuSQFbbOLKmuPkOvkZ64mkzG8bXz5BirDBuP1fzQP6I+5yl9eAS9vxjYAVz9esx0P2a0ck+73VKGPFaR8Vtpx7k0ODiYZlVJmpcvfzirwi1SyUWsMiF5ZXX6A1zJzsq9mRO+A7T1lO2BIyZVN/6bJZFWnQO4Wl1dnerq6sqRbq401TWtw9qxjGT6zhfbs3+0Hrw+THPfgVhdA8Xdz3j84RpIdZOngrY1kUgMOR3lG1kVREkHhBp3smJ4wdLmf+TuoJOxuroW3NI6zN6L9B1W33MAV1+FW99mNIgUclBaYtCPObjx3lTqT5KxqJyk52y4nv5u4f7stzzNY+Hww0ncS0JXBIoDWryRN07JVlVTc9Xo74OQpV7F6ndk5CO7iVVEwDihVqxYYVtKrOc5bckIgHJIpnhl3MxfpWIuJZyWAMdo0Io1AOXMJFI0hm3VzrOiYG2BmsLEAz0Zd9DWzZmyHd/tLt+bOUmDthuzun3C8dryjqCDdzF5tqcPRr40f1AElcvl6lgmJkC5d1kWYS8bZ3HOVL0z0TcKiz70tBjAML4opVgsoeB2nIJyXfeKJfRxGo52j4ds+xwWmN9t1/7t8sDALX7vvqjdd31cChgi40YhZdXUSyiPGkAjPalUL43+/v6/e3p6btC4PHB5XsZ9sMqxZJAWbGIxwJz6gfkAWl5jcUYUbU1+3D60uIp0PPwiNR/wZAW3HERRh5Sy4C3LEhdoiAn368b6xhdoxKLRVn5nXmDpfZZFg7J00f5QgRYJlkV5GWyJVnk2yRpUKBaLFZ6QOYMFaAdW0x08xcXDr5E9E8V3wAmFD7NseO3pMf8uh1xuJYuzQuGjMJreT4rJc4/XrvZk6aZ0yZ47WPkm47M55mxnET23IrW1tRU8DUBFBlf2faYzcptGuefETRix9+NXDNhLHJmpPTenAON1xMyQRbZevaV5ooanwrbsdSz6kPF8kaEz7o9CqOEAvPO59yuFccBR4a/MjGnfNDp5M2IzgQnpd8QB41NBoxRvarWyVrgRe77Ad4vhHzX6H41S8l2eitO9ZR+/+dNDZ3lqbsW+VN/52x12YxlY04xbZd5IqUSbCd8BSiLby13AlTWwSnx6tvKNY10LzCmhm7E3kTiFYqAp/a/4lZCSUYIX6Frffmb86K6nxqJknDoZVD1Q48S0ajc1FBTXU8mFzVs/G77OmgdK0XLLZ7nNnGHuXvmn/w9yYrwzUvIefzAI8S83C2sS1J4rmAAAAABJRU5ErkJggg==" />
        <script type="text/javascript">
        /*! jQuery v3.4.1 | (c) JS Foundation and other contributors | jquery.org/license */
        !function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(C,e){"use strict";var t=[],E=C.document,r=Object.getPrototypeOf,s=t.slice,g=t.concat,u=t.push,i=t.indexOf,n={},o=n.toString,v=n.hasOwnProperty,a=v.toString,l=a.call(Object),y={},m=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType},x=function(e){return null!=e&&e===e.window},c={type:!0,src:!0,nonce:!0,noModule:!0};function b(e,t,n){var r,i,o=(n=n||E).createElement("script");if(o.text=e,t)for(r in c)(i=t[r]||t.getAttribute&&t.getAttribute(r))&&o.setAttribute(r,i);n.head.appendChild(o).parentNode.removeChild(o)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?n[o.call(e)]||"object":typeof e}var f="3.4.1",k=function(e,t){return new k.fn.init(e,t)},p=/^[\s\uFEFF\xA0]+|[\s\uFEFF\xA0]+$/g;function d(e){var t=!!e&&"length"in e&&e.length,n=w(e);return!m(e)&&!x(e)&&("array"===n||0===t||"number"==typeof t&&0<t&&t-1 in e)}k.fn=k.prototype={jquery:f,constructor:k,length:0,toArray:function(){return s.call(this)},get:function(e){return null==e?s.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=k.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return k.each(this,e)},map:function(n){return this.pushStack(k.map(this,function(e,t){return n.call(e,t,e)}))},slice:function(){return this.pushStack(s.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},eq:function(e){var t=this.length,n=+e+(e<0?t:0);return this.pushStack(0<=n&&n<t?[this[n]]:[])},end:function(){return this.prevObject||this.constructor()},push:u,sort:t.sort,splice:t.splice},k.extend=k.fn.extend=function(){var e,t,n,r,i,o,a=arguments[0]||{},s=1,u=arguments.length,l=!1;for("boolean"==typeof a&&(l=a,a=arguments[s]||{},s++),"object"==typeof a||m(a)||(a={}),s===u&&(a=this,s--);s<u;s++)if(null!=(e=arguments[s]))for(t in e)r=e[t],"__proto__"!==t&&a!==r&&(l&&r&&(k.isPlainObject(r)||(i=Array.isArray(r)))?(n=a[t],o=i&&!Array.isArray(n)?[]:i||k.isPlainObject(n)?n:{},i=!1,a[t]=k.extend(l,o,r)):void 0!==r&&(a[t]=r));return a},k.extend({expando:"jQuery"+(f+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,n;return!(!e||"[object Object]"!==o.call(e))&&(!(t=r(e))||"function"==typeof(n=v.call(t,"constructor")&&t.constructor)&&a.call(n)===l)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t){b(e,{nonce:t&&t.nonce})},each:function(e,t){var n,r=0;if(d(e)){for(n=e.length;r<n;r++)if(!1===t.call(e[r],r,e[r]))break}else for(r in e)if(!1===t.call(e[r],r,e[r]))break;return e},trim:function(e){return null==e?"":(e+"").replace(p,"")},makeArray:function(e,t){var n=t||[];return null!=e&&(d(Object(e))?k.merge(n,"string"==typeof e?[e]:e):u.call(n,e)),n},inArray:function(e,t,n){return null==t?-1:i.call(t,e,n)},merge:function(e,t){for(var n=+t.length,r=0,i=e.length;r<n;r++)e[i++]=t[r];return e.length=i,e},grep:function(e,t,n){for(var r=[],i=0,o=e.length,a=!n;i<o;i++)!t(e[i],i)!==a&&r.push(e[i]);return r},map:function(e,t,n){var r,i,o=0,a=[];if(d(e))for(r=e.length;o<r;o++)null!=(i=t(e[o],o,n))&&a.push(i);else for(o in e)null!=(i=t(e[o],o,n))&&a.push(i);return g.apply([],a)},guid:1,support:y}),"function"==typeof Symbol&&(k.fn[Symbol.iterator]=t[Symbol.iterator]),k.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){n["[object "+t+"]"]=t.toLowerCase()});var h=function(n){var e,d,b,o,i,h,f,g,w,u,l,T,C,a,E,v,s,c,y,k="sizzle"+1*new Date,m=n.document,S=0,r=0,p=ue(),x=ue(),N=ue(),A=ue(),D=function(e,t){return e===t&&(l=!0),0},j={}.hasOwnProperty,t=[],q=t.pop,L=t.push,H=t.push,O=t.slice,P=function(e,t){for(var n=0,r=e.length;n<r;n++)if(e[n]===t)return n;return-1},R="checked|selected|async|autofocus|autoplay|controls|defer|disabled|hidden|ismap|loop|multiple|open|readonly|required|scoped",M="[\\x20\\t\\r\\n\\f]",I="(?:\\\\.|[\\w-]|[^\0-\\xa0])+",W="\\["+M+"*("+I+")(?:"+M+"*([*^$|!~]?=)"+M+"*(?:'((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\"|("+I+"))|)"+M+"*\\]",$=":("+I+")(?:\\((('((?:\\\\.|[^\\\\'])*)'|\"((?:\\\\.|[^\\\\\"])*)\")|((?:\\\\.|[^\\\\()[\\]]|"+W+")*)|.*)\\)|)",F=new RegExp(M+"+","g"),B=new RegExp("^"+M+"+|((?:^|[^\\\\])(?:\\\\.)*)"+M+"+$","g"),_=new RegExp("^"+M+"*,"+M+"*"),z=new RegExp("^"+M+"*([>+~]|"+M+")"+M+"*"),U=new RegExp(M+"|>"),X=new RegExp($),V=new RegExp("^"+I+"$"),G={ID:new RegExp("^#("+I+")"),CLASS:new RegExp("^\\.("+I+")"),TAG:new RegExp("^("+I+"|[*])"),ATTR:new RegExp("^"+W),PSEUDO:new RegExp("^"+$),CHILD:new RegExp("^:(only|first|last|nth|nth-last)-(child|of-type)(?:\\("+M+"*(even|odd|(([+-]|)(\\d*)n|)"+M+"*(?:([+-]|)"+M+"*(\\d+)|))"+M+"*\\)|)","i"),bool:new RegExp("^(?:"+R+")$","i"),needsContext:new RegExp("^"+M+"*[>+~]|:(even|odd|eq|gt|lt|nth|first|last)(?:\\("+M+"*((?:-\\d)?\\d*)"+M+"*\\)|)(?=[^-]|$)","i")},Y=/HTML$/i,Q=/^(?:input|select|textarea|button)$/i,J=/^h\d$/i,K=/^[^{]+\{\s*\[native \w/,Z=/^(?:#([\w-]+)|(\w+)|\.([\w-]+))$/,ee=/[+~]/,te=new RegExp("\\\\([\\da-f]{1,6}"+M+"?|("+M+")|.)","ig"),ne=function(e,t,n){var r="0x"+t-65536;return r!=r||n?t:r<0?String.fromCharCode(r+65536):String.fromCharCode(r>>10|55296,1023&r|56320)},re=/([\0-\x1f\x7f]|^-?\d)|^-$|[^\0-\x1f\x7f-\uFFFF\w-]/g,ie=function(e,t){return t?"\0"===e?"\ufffd":e.slice(0,-1)+"\\"+e.charCodeAt(e.length-1).toString(16)+" ":"\\"+e},oe=function(){T()},ae=be(function(e){return!0===e.disabled&&"fieldset"===e.nodeName.toLowerCase()},{dir:"parentNode",next:"legend"});try{H.apply(t=O.call(m.childNodes),m.childNodes),t[m.childNodes.length].nodeType}catch(e){H={apply:t.length?function(e,t){L.apply(e,O.call(t))}:function(e,t){var n=e.length,r=0;while(e[n++]=t[r++]);e.length=n-1}}}function se(t,e,n,r){var i,o,a,s,u,l,c,f=e&&e.ownerDocument,p=e?e.nodeType:9;if(n=n||[],"string"!=typeof t||!t||1!==p&&9!==p&&11!==p)return n;if(!r&&((e?e.ownerDocument||e:m)!==C&&T(e),e=e||C,E)){if(11!==p&&(u=Z.exec(t)))if(i=u[1]){if(9===p){if(!(a=e.getElementById(i)))return n;if(a.id===i)return n.push(a),n}else if(f&&(a=f.getElementById(i))&&y(e,a)&&a.id===i)return n.push(a),n}else{if(u[2])return H.apply(n,e.getElementsByTagName(t)),n;if((i=u[3])&&d.getElementsByClassName&&e.getElementsByClassName)return H.apply(n,e.getElementsByClassName(i)),n}if(d.qsa&&!A[t+" "]&&(!v||!v.test(t))&&(1!==p||"object"!==e.nodeName.toLowerCase())){if(c=t,f=e,1===p&&U.test(t)){(s=e.getAttribute("id"))?s=s.replace(re,ie):e.setAttribute("id",s=k),o=(l=h(t)).length;while(o--)l[o]="#"+s+" "+xe(l[o]);c=l.join(","),f=ee.test(t)&&ye(e.parentNode)||e}try{return H.apply(n,f.querySelectorAll(c)),n}catch(e){A(t,!0)}finally{s===k&&e.removeAttribute("id")}}}return g(t.replace(B,"$1"),e,n,r)}function ue(){var r=[];return function e(t,n){return r.push(t+" ")>b.cacheLength&&delete e[r.shift()],e[t+" "]=n}}function le(e){return e[k]=!0,e}function ce(e){var t=C.createElement("fieldset");try{return!!e(t)}catch(e){return!1}finally{t.parentNode&&t.parentNode.removeChild(t),t=null}}function fe(e,t){var n=e.split("|"),r=n.length;while(r--)b.attrHandle[n[r]]=t}function pe(e,t){var n=t&&e,r=n&&1===e.nodeType&&1===t.nodeType&&e.sourceIndex-t.sourceIndex;if(r)return r;if(n)while(n=n.nextSibling)if(n===t)return-1;return e?1:-1}function de(t){return function(e){return"input"===e.nodeName.toLowerCase()&&e.type===t}}function he(n){return function(e){var t=e.nodeName.toLowerCase();return("input"===t||"button"===t)&&e.type===n}}function ge(t){return function(e){return"form"in e?e.parentNode&&!1===e.disabled?"label"in e?"label"in e.parentNode?e.parentNode.disabled===t:e.disabled===t:e.isDisabled===t||e.isDisabled!==!t&&ae(e)===t:e.disabled===t:"label"in e&&e.disabled===t}}function ve(a){return le(function(o){return o=+o,le(function(e,t){var n,r=a([],e.length,o),i=r.length;while(i--)e[n=r[i]]&&(e[n]=!(t[n]=e[n]))})})}function ye(e){return e&&"undefined"!=typeof e.getElementsByTagName&&e}for(e in d=se.support={},i=se.isXML=function(e){var t=e.namespaceURI,n=(e.ownerDocument||e).documentElement;return!Y.test(t||n&&n.nodeName||"HTML")},T=se.setDocument=function(e){var t,n,r=e?e.ownerDocument||e:m;return r!==C&&9===r.nodeType&&r.documentElement&&(a=(C=r).documentElement,E=!i(C),m!==C&&(n=C.defaultView)&&n.top!==n&&(n.addEventListener?n.addEventListener("unload",oe,!1):n.attachEvent&&n.attachEvent("onunload",oe)),d.attributes=ce(function(e){return e.className="i",!e.getAttribute("className")}),d.getElementsByTagName=ce(function(e){return e.appendChild(C.createComment("")),!e.getElementsByTagName("*").length}),d.getElementsByClassName=K.test(C.getElementsByClassName),d.getById=ce(function(e){return a.appendChild(e).id=k,!C.getElementsByName||!C.getElementsByName(k).length}),d.getById?(b.filter.ID=function(e){var t=e.replace(te,ne);return function(e){return e.getAttribute("id")===t}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n=t.getElementById(e);return n?[n]:[]}}):(b.filter.ID=function(e){var n=e.replace(te,ne);return function(e){var t="undefined"!=typeof e.getAttributeNode&&e.getAttributeNode("id");return t&&t.value===n}},b.find.ID=function(e,t){if("undefined"!=typeof t.getElementById&&E){var n,r,i,o=t.getElementById(e);if(o){if((n=o.getAttributeNode("id"))&&n.value===e)return[o];i=t.getElementsByName(e),r=0;while(o=i[r++])if((n=o.getAttributeNode("id"))&&n.value===e)return[o]}return[]}}),b.find.TAG=d.getElementsByTagName?function(e,t){return"undefined"!=typeof t.getElementsByTagName?t.getElementsByTagName(e):d.qsa?t.querySelectorAll(e):void 0}:function(e,t){var n,r=[],i=0,o=t.getElementsByTagName(e);if("*"===e){while(n=o[i++])1===n.nodeType&&r.push(n);return r}return o},b.find.CLASS=d.getElementsByClassName&&function(e,t){if("undefined"!=typeof t.getElementsByClassName&&E)return t.getElementsByClassName(e)},s=[],v=[],(d.qsa=K.test(C.querySelectorAll))&&(ce(function(e){a.appendChild(e).innerHTML="<a id='"+k+"'></a><select id='"+k+"-\r\\' msallowcapture=''><option selected=''></option></select>",e.querySelectorAll("[msallowcapture^='']").length&&v.push("[*^$]="+M+"*(?:''|\"\")"),e.querySelectorAll("[selected]").length||v.push("\\["+M+"*(?:value|"+R+")"),e.querySelectorAll("[id~="+k+"-]").length||v.push("~="),e.querySelectorAll(":checked").length||v.push(":checked"),e.querySelectorAll("a#"+k+"+*").length||v.push(".#.+[+~]")}),ce(function(e){e.innerHTML="<a href='' disabled='disabled'></a><select disabled='disabled'><option/></select>";var t=C.createElement("input");t.setAttribute("type","hidden"),e.appendChild(t).setAttribute("name","D"),e.querySelectorAll("[name=d]").length&&v.push("name"+M+"*[*^$|!~]?="),2!==e.querySelectorAll(":enabled").length&&v.push(":enabled",":disabled"),a.appendChild(e).disabled=!0,2!==e.querySelectorAll(":disabled").length&&v.push(":enabled",":disabled"),e.querySelectorAll("*,:x"),v.push(",.*:")})),(d.matchesSelector=K.test(c=a.matches||a.webkitMatchesSelector||a.mozMatchesSelector||a.oMatchesSelector||a.msMatchesSelector))&&ce(function(e){d.disconnectedMatch=c.call(e,"*"),c.call(e,"[s!='']:x"),s.push("!=",$)}),v=v.length&&new RegExp(v.join("|")),s=s.length&&new RegExp(s.join("|")),t=K.test(a.compareDocumentPosition),y=t||K.test(a.contains)?function(e,t){var n=9===e.nodeType?e.documentElement:e,r=t&&t.parentNode;return e===r||!(!r||1!==r.nodeType||!(n.contains?n.contains(r):e.compareDocumentPosition&&16&e.compareDocumentPosition(r)))}:function(e,t){if(t)while(t=t.parentNode)if(t===e)return!0;return!1},D=t?function(e,t){if(e===t)return l=!0,0;var n=!e.compareDocumentPosition-!t.compareDocumentPosition;return n||(1&(n=(e.ownerDocument||e)===(t.ownerDocument||t)?e.compareDocumentPosition(t):1)||!d.sortDetached&&t.compareDocumentPosition(e)===n?e===C||e.ownerDocument===m&&y(m,e)?-1:t===C||t.ownerDocument===m&&y(m,t)?1:u?P(u,e)-P(u,t):0:4&n?-1:1)}:function(e,t){if(e===t)return l=!0,0;var n,r=0,i=e.parentNode,o=t.parentNode,a=[e],s=[t];if(!i||!o)return e===C?-1:t===C?1:i?-1:o?1:u?P(u,e)-P(u,t):0;if(i===o)return pe(e,t);n=e;while(n=n.parentNode)a.unshift(n);n=t;while(n=n.parentNode)s.unshift(n);while(a[r]===s[r])r++;return r?pe(a[r],s[r]):a[r]===m?-1:s[r]===m?1:0}),C},se.matches=function(e,t){return se(e,null,null,t)},se.matchesSelector=function(e,t){if((e.ownerDocument||e)!==C&&T(e),d.matchesSelector&&E&&!A[t+" "]&&(!s||!s.test(t))&&(!v||!v.test(t)))try{var n=c.call(e,t);if(n||d.disconnectedMatch||e.document&&11!==e.document.nodeType)return n}catch(e){A(t,!0)}return 0<se(t,C,null,[e]).length},se.contains=function(e,t){return(e.ownerDocument||e)!==C&&T(e),y(e,t)},se.attr=function(e,t){(e.ownerDocument||e)!==C&&T(e);var n=b.attrHandle[t.toLowerCase()],r=n&&j.call(b.attrHandle,t.toLowerCase())?n(e,t,!E):void 0;return void 0!==r?r:d.attributes||!E?e.getAttribute(t):(r=e.getAttributeNode(t))&&r.specified?r.value:null},se.escape=function(e){return(e+"").replace(re,ie)},se.error=function(e){throw new Error("Syntax error, unrecognized expression: "+e)},se.uniqueSort=function(e){var t,n=[],r=0,i=0;if(l=!d.detectDuplicates,u=!d.sortStable&&e.slice(0),e.sort(D),l){while(t=e[i++])t===e[i]&&(r=n.push(i));while(r--)e.splice(n[r],1)}return u=null,e},o=se.getText=function(e){var t,n="",r=0,i=e.nodeType;if(i){if(1===i||9===i||11===i){if("string"==typeof e.textContent)return e.textContent;for(e=e.firstChild;e;e=e.nextSibling)n+=o(e)}else if(3===i||4===i)return e.nodeValue}else while(t=e[r++])n+=o(t);return n},(b=se.selectors={cacheLength:50,createPseudo:le,match:G,attrHandle:{},find:{},relative:{">":{dir:"parentNode",first:!0}," ":{dir:"parentNode"},"+":{dir:"previousSibling",first:!0},"~":{dir:"previousSibling"}},preFilter:{ATTR:function(e){return e[1]=e[1].replace(te,ne),e[3]=(e[3]||e[4]||e[5]||"").replace(te,ne),"~="===e[2]&&(e[3]=" "+e[3]+" "),e.slice(0,4)},CHILD:function(e){return e[1]=e[1].toLowerCase(),"nth"===e[1].slice(0,3)?(e[3]||se.error(e[0]),e[4]=+(e[4]?e[5]+(e[6]||1):2*("even"===e[3]||"odd"===e[3])),e[5]=+(e[7]+e[8]||"odd"===e[3])):e[3]&&se.error(e[0]),e},PSEUDO:function(e){var t,n=!e[6]&&e[2];return G.CHILD.test(e[0])?null:(e[3]?e[2]=e[4]||e[5]||"":n&&X.test(n)&&(t=h(n,!0))&&(t=n.indexOf(")",n.length-t)-n.length)&&(e[0]=e[0].slice(0,t),e[2]=n.slice(0,t)),e.slice(0,3))}},filter:{TAG:function(e){var t=e.replace(te,ne).toLowerCase();return"*"===e?function(){return!0}:function(e){return e.nodeName&&e.nodeName.toLowerCase()===t}},CLASS:function(e){var t=p[e+" "];return t||(t=new RegExp("(^|"+M+")"+e+"("+M+"|$)"))&&p(e,function(e){return t.test("string"==typeof e.className&&e.className||"undefined"!=typeof e.getAttribute&&e.getAttribute("class")||"")})},ATTR:function(n,r,i){return function(e){var t=se.attr(e,n);return null==t?"!="===r:!r||(t+="","="===r?t===i:"!="===r?t!==i:"^="===r?i&&0===t.indexOf(i):"*="===r?i&&-1<t.indexOf(i):"$="===r?i&&t.slice(-i.length)===i:"~="===r?-1<(" "+t.replace(F," ")+" ").indexOf(i):"|="===r&&(t===i||t.slice(0,i.length+1)===i+"-"))}},CHILD:function(h,e,t,g,v){var y="nth"!==h.slice(0,3),m="last"!==h.slice(-4),x="of-type"===e;return 1===g&&0===v?function(e){return!!e.parentNode}:function(e,t,n){var r,i,o,a,s,u,l=y!==m?"nextSibling":"previousSibling",c=e.parentNode,f=x&&e.nodeName.toLowerCase(),p=!n&&!x,d=!1;if(c){if(y){while(l){a=e;while(a=a[l])if(x?a.nodeName.toLowerCase()===f:1===a.nodeType)return!1;u=l="only"===h&&!u&&"nextSibling"}return!0}if(u=[m?c.firstChild:c.lastChild],m&&p){d=(s=(r=(i=(o=(a=c)[k]||(a[k]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===S&&r[1])&&r[2],a=s&&c.childNodes[s];while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if(1===a.nodeType&&++d&&a===e){i[h]=[S,s,d];break}}else if(p&&(d=s=(r=(i=(o=(a=e)[k]||(a[k]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]||[])[0]===S&&r[1]),!1===d)while(a=++s&&a&&a[l]||(d=s=0)||u.pop())if((x?a.nodeName.toLowerCase()===f:1===a.nodeType)&&++d&&(p&&((i=(o=a[k]||(a[k]={}))[a.uniqueID]||(o[a.uniqueID]={}))[h]=[S,d]),a===e))break;return(d-=v)===g||d%g==0&&0<=d/g}}},PSEUDO:function(e,o){var t,a=b.pseudos[e]||b.setFilters[e.toLowerCase()]||se.error("unsupported pseudo: "+e);return a[k]?a(o):1<a.length?(t=[e,e,"",o],b.setFilters.hasOwnProperty(e.toLowerCase())?le(function(e,t){var n,r=a(e,o),i=r.length;while(i--)e[n=P(e,r[i])]=!(t[n]=r[i])}):function(e){return a(e,0,t)}):a}},pseudos:{not:le(function(e){var r=[],i=[],s=f(e.replace(B,"$1"));return s[k]?le(function(e,t,n,r){var i,o=s(e,null,r,[]),a=e.length;while(a--)(i=o[a])&&(e[a]=!(t[a]=i))}):function(e,t,n){return r[0]=e,s(r,null,n,i),r[0]=null,!i.pop()}}),has:le(function(t){return function(e){return 0<se(t,e).length}}),contains:le(function(t){return t=t.replace(te,ne),function(e){return-1<(e.textContent||o(e)).indexOf(t)}}),lang:le(function(n){return V.test(n||"")||se.error("unsupported lang: "+n),n=n.replace(te,ne).toLowerCase(),function(e){var t;do{if(t=E?e.lang:e.getAttribute("xml:lang")||e.getAttribute("lang"))return(t=t.toLowerCase())===n||0===t.indexOf(n+"-")}while((e=e.parentNode)&&1===e.nodeType);return!1}}),target:function(e){var t=n.location&&n.location.hash;return t&&t.slice(1)===e.id},root:function(e){return e===a},focus:function(e){return e===C.activeElement&&(!C.hasFocus||C.hasFocus())&&!!(e.type||e.href||~e.tabIndex)},enabled:ge(!1),disabled:ge(!0),checked:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&!!e.checked||"option"===t&&!!e.selected},selected:function(e){return e.parentNode&&e.parentNode.selectedIndex,!0===e.selected},empty:function(e){for(e=e.firstChild;e;e=e.nextSibling)if(e.nodeType<6)return!1;return!0},parent:function(e){return!b.pseudos.empty(e)},header:function(e){return J.test(e.nodeName)},input:function(e){return Q.test(e.nodeName)},button:function(e){var t=e.nodeName.toLowerCase();return"input"===t&&"button"===e.type||"button"===t},text:function(e){var t;return"input"===e.nodeName.toLowerCase()&&"text"===e.type&&(null==(t=e.getAttribute("type"))||"text"===t.toLowerCase())},first:ve(function(){return[0]}),last:ve(function(e,t){return[t-1]}),eq:ve(function(e,t,n){return[n<0?n+t:n]}),even:ve(function(e,t){for(var n=0;n<t;n+=2)e.push(n);return e}),odd:ve(function(e,t){for(var n=1;n<t;n+=2)e.push(n);return e}),lt:ve(function(e,t,n){for(var r=n<0?n+t:t<n?t:n;0<=--r;)e.push(r);return e}),gt:ve(function(e,t,n){for(var r=n<0?n+t:n;++r<t;)e.push(r);return e})}}).pseudos.nth=b.pseudos.eq,{radio:!0,checkbox:!0,file:!0,password:!0,image:!0})b.pseudos[e]=de(e);for(e in{submit:!0,reset:!0})b.pseudos[e]=he(e);function me(){}function xe(e){for(var t=0,n=e.length,r="";t<n;t++)r+=e[t].value;return r}function be(s,e,t){var u=e.dir,l=e.next,c=l||u,f=t&&"parentNode"===c,p=r++;return e.first?function(e,t,n){while(e=e[u])if(1===e.nodeType||f)return s(e,t,n);return!1}:function(e,t,n){var r,i,o,a=[S,p];if(n){while(e=e[u])if((1===e.nodeType||f)&&s(e,t,n))return!0}else while(e=e[u])if(1===e.nodeType||f)if(i=(o=e[k]||(e[k]={}))[e.uniqueID]||(o[e.uniqueID]={}),l&&l===e.nodeName.toLowerCase())e=e[u]||e;else{if((r=i[c])&&r[0]===S&&r[1]===p)return a[2]=r[2];if((i[c]=a)[2]=s(e,t,n))return!0}return!1}}function we(i){return 1<i.length?function(e,t,n){var r=i.length;while(r--)if(!i[r](e,t,n))return!1;return!0}:i[0]}function Te(e,t,n,r,i){for(var o,a=[],s=0,u=e.length,l=null!=t;s<u;s++)(o=e[s])&&(n&&!n(o,r,i)||(a.push(o),l&&t.push(s)));return a}function Ce(d,h,g,v,y,e){return v&&!v[k]&&(v=Ce(v)),y&&!y[k]&&(y=Ce(y,e)),le(function(e,t,n,r){var i,o,a,s=[],u=[],l=t.length,c=e||function(e,t,n){for(var r=0,i=t.length;r<i;r++)se(e,t[r],n);return n}(h||"*",n.nodeType?[n]:n,[]),f=!d||!e&&h?c:Te(c,s,d,n,r),p=g?y||(e?d:l||v)?[]:t:f;if(g&&g(f,p,n,r),v){i=Te(p,u),v(i,[],n,r),o=i.length;while(o--)(a=i[o])&&(p[u[o]]=!(f[u[o]]=a))}if(e){if(y||d){if(y){i=[],o=p.length;while(o--)(a=p[o])&&i.push(f[o]=a);y(null,p=[],i,r)}o=p.length;while(o--)(a=p[o])&&-1<(i=y?P(e,a):s[o])&&(e[i]=!(t[i]=a))}}else p=Te(p===t?p.splice(l,p.length):p),y?y(null,t,p,r):H.apply(t,p)})}function Ee(e){for(var i,t,n,r=e.length,o=b.relative[e[0].type],a=o||b.relative[" "],s=o?1:0,u=be(function(e){return e===i},a,!0),l=be(function(e){return-1<P(i,e)},a,!0),c=[function(e,t,n){var r=!o&&(n||t!==w)||((i=t).nodeType?u(e,t,n):l(e,t,n));return i=null,r}];s<r;s++)if(t=b.relative[e[s].type])c=[be(we(c),t)];else{if((t=b.filter[e[s].type].apply(null,e[s].matches))[k]){for(n=++s;n<r;n++)if(b.relative[e[n].type])break;return Ce(1<s&&we(c),1<s&&xe(e.slice(0,s-1).concat({value:" "===e[s-2].type?"*":""})).replace(B,"$1"),t,s<n&&Ee(e.slice(s,n)),n<r&&Ee(e=e.slice(n)),n<r&&xe(e))}c.push(t)}return we(c)}return me.prototype=b.filters=b.pseudos,b.setFilters=new me,h=se.tokenize=function(e,t){var n,r,i,o,a,s,u,l=x[e+" "];if(l)return t?0:l.slice(0);a=e,s=[],u=b.preFilter;while(a){for(o in n&&!(r=_.exec(a))||(r&&(a=a.slice(r[0].length)||a),s.push(i=[])),n=!1,(r=z.exec(a))&&(n=r.shift(),i.push({value:n,type:r[0].replace(B," ")}),a=a.slice(n.length)),b.filter)!(r=G[o].exec(a))||u[o]&&!(r=u[o](r))||(n=r.shift(),i.push({value:n,type:o,matches:r}),a=a.slice(n.length));if(!n)break}return t?a.length:a?se.error(e):x(e,s).slice(0)},f=se.compile=function(e,t){var n,v,y,m,x,r,i=[],o=[],a=N[e+" "];if(!a){t||(t=h(e)),n=t.length;while(n--)(a=Ee(t[n]))[k]?i.push(a):o.push(a);(a=N(e,(v=o,m=0<(y=i).length,x=0<v.length,r=function(e,t,n,r,i){var o,a,s,u=0,l="0",c=e&&[],f=[],p=w,d=e||x&&b.find.TAG("*",i),h=S+=null==p?1:Math.random()||.1,g=d.length;for(i&&(w=t===C||t||i);l!==g&&null!=(o=d[l]);l++){if(x&&o){a=0,t||o.ownerDocument===C||(T(o),n=!E);while(s=v[a++])if(s(o,t||C,n)){r.push(o);break}i&&(S=h)}m&&((o=!s&&o)&&u--,e&&c.push(o))}if(u+=l,m&&l!==u){a=0;while(s=y[a++])s(c,f,t,n);if(e){if(0<u)while(l--)c[l]||f[l]||(f[l]=q.call(r));f=Te(f)}H.apply(r,f),i&&!e&&0<f.length&&1<u+y.length&&se.uniqueSort(r)}return i&&(S=h,w=p),c},m?le(r):r))).selector=e}return a},g=se.select=function(e,t,n,r){var i,o,a,s,u,l="function"==typeof e&&e,c=!r&&h(e=l.selector||e);if(n=n||[],1===c.length){if(2<(o=c[0]=c[0].slice(0)).length&&"ID"===(a=o[0]).type&&9===t.nodeType&&E&&b.relative[o[1].type]){if(!(t=(b.find.ID(a.matches[0].replace(te,ne),t)||[])[0]))return n;l&&(t=t.parentNode),e=e.slice(o.shift().value.length)}i=G.needsContext.test(e)?0:o.length;while(i--){if(a=o[i],b.relative[s=a.type])break;if((u=b.find[s])&&(r=u(a.matches[0].replace(te,ne),ee.test(o[0].type)&&ye(t.parentNode)||t))){if(o.splice(i,1),!(e=r.length&&xe(o)))return H.apply(n,r),n;break}}}return(l||f(e,c))(r,t,!E,n,!t||ee.test(e)&&ye(t.parentNode)||t),n},d.sortStable=k.split("").sort(D).join("")===k,d.detectDuplicates=!!l,T(),d.sortDetached=ce(function(e){return 1&e.compareDocumentPosition(C.createElement("fieldset"))}),ce(function(e){return e.innerHTML="<a href='#'></a>","#"===e.firstChild.getAttribute("href")})||fe("type|href|height|width",function(e,t,n){if(!n)return e.getAttribute(t,"type"===t.toLowerCase()?1:2)}),d.attributes&&ce(function(e){return e.innerHTML="<input/>",e.firstChild.setAttribute("value",""),""===e.firstChild.getAttribute("value")})||fe("value",function(e,t,n){if(!n&&"input"===e.nodeName.toLowerCase())return e.defaultValue}),ce(function(e){return null==e.getAttribute("disabled")})||fe(R,function(e,t,n){var r;if(!n)return!0===e[t]?t.toLowerCase():(r=e.getAttributeNode(t))&&r.specified?r.value:null}),se}(C);k.find=h,k.expr=h.selectors,k.expr[":"]=k.expr.pseudos,k.uniqueSort=k.unique=h.uniqueSort,k.text=h.getText,k.isXMLDoc=h.isXML,k.contains=h.contains,k.escapeSelector=h.escape;var T=function(e,t,n){var r=[],i=void 0!==n;while((e=e[t])&&9!==e.nodeType)if(1===e.nodeType){if(i&&k(e).is(n))break;r.push(e)}return r},S=function(e,t){for(var n=[];e;e=e.nextSibling)1===e.nodeType&&e!==t&&n.push(e);return n},N=k.expr.match.needsContext;function A(e,t){return e.nodeName&&e.nodeName.toLowerCase()===t.toLowerCase()}var D=/^<([a-z][^\/\0>:\x20\t\r\n\f]*)[\x20\t\r\n\f]*\/?>(?:<\/\1>|)$/i;function j(e,n,r){return m(n)?k.grep(e,function(e,t){return!!n.call(e,t,e)!==r}):n.nodeType?k.grep(e,function(e){return e===n!==r}):"string"!=typeof n?k.grep(e,function(e){return-1<i.call(n,e)!==r}):k.filter(n,e,r)}k.filter=function(e,t,n){var r=t[0];return n&&(e=":not("+e+")"),1===t.length&&1===r.nodeType?k.find.matchesSelector(r,e)?[r]:[]:k.find.matches(e,k.grep(t,function(e){return 1===e.nodeType}))},k.fn.extend({find:function(e){var t,n,r=this.length,i=this;if("string"!=typeof e)return this.pushStack(k(e).filter(function(){for(t=0;t<r;t++)if(k.contains(i[t],this))return!0}));for(n=this.pushStack([]),t=0;t<r;t++)k.find(e,i[t],n);return 1<r?k.uniqueSort(n):n},filter:function(e){return this.pushStack(j(this,e||[],!1))},not:function(e){return this.pushStack(j(this,e||[],!0))},is:function(e){return!!j(this,"string"==typeof e&&N.test(e)?k(e):e||[],!1).length}});var q,L=/^(?:\s*(<[\w\W]+>)[^>]*|#([\w-]+))$/;(k.fn.init=function(e,t,n){var r,i;if(!e)return this;if(n=n||q,"string"==typeof e){if(!(r="<"===e[0]&&">"===e[e.length-1]&&3<=e.length?[null,e,null]:L.exec(e))||!r[1]&&t)return!t||t.jquery?(t||n).find(e):this.constructor(t).find(e);if(r[1]){if(t=t instanceof k?t[0]:t,k.merge(this,k.parseHTML(r[1],t&&t.nodeType?t.ownerDocument||t:E,!0)),D.test(r[1])&&k.isPlainObject(t))for(r in t)m(this[r])?this[r](t[r]):this.attr(r,t[r]);return this}return(i=E.getElementById(r[2]))&&(this[0]=i,this.length=1),this}return e.nodeType?(this[0]=e,this.length=1,this):m(e)?void 0!==n.ready?n.ready(e):e(k):k.makeArray(e,this)}).prototype=k.fn,q=k(E);var H=/^(?:parents|prev(?:Until|All))/,O={children:!0,contents:!0,next:!0,prev:!0};function P(e,t){while((e=e[t])&&1!==e.nodeType);return e}k.fn.extend({has:function(e){var t=k(e,this),n=t.length;return this.filter(function(){for(var e=0;e<n;e++)if(k.contains(this,t[e]))return!0})},closest:function(e,t){var n,r=0,i=this.length,o=[],a="string"!=typeof e&&k(e);if(!N.test(e))for(;r<i;r++)for(n=this[r];n&&n!==t;n=n.parentNode)if(n.nodeType<11&&(a?-1<a.index(n):1===n.nodeType&&k.find.matchesSelector(n,e))){o.push(n);break}return this.pushStack(1<o.length?k.uniqueSort(o):o)},index:function(e){return e?"string"==typeof e?i.call(k(e),this[0]):i.call(this,e.jquery?e[0]:e):this[0]&&this[0].parentNode?this.first().prevAll().length:-1},add:function(e,t){return this.pushStack(k.uniqueSort(k.merge(this.get(),k(e,t))))},addBack:function(e){return this.add(null==e?this.prevObject:this.prevObject.filter(e))}}),k.each({parent:function(e){var t=e.parentNode;return t&&11!==t.nodeType?t:null},parents:function(e){return T(e,"parentNode")},parentsUntil:function(e,t,n){return T(e,"parentNode",n)},next:function(e){return P(e,"nextSibling")},prev:function(e){return P(e,"previousSibling")},nextAll:function(e){return T(e,"nextSibling")},prevAll:function(e){return T(e,"previousSibling")},nextUntil:function(e,t,n){return T(e,"nextSibling",n)},prevUntil:function(e,t,n){return T(e,"previousSibling",n)},siblings:function(e){return S((e.parentNode||{}).firstChild,e)},children:function(e){return S(e.firstChild)},contents:function(e){return"undefined"!=typeof e.contentDocument?e.contentDocument:(A(e,"template")&&(e=e.content||e),k.merge([],e.childNodes))}},function(r,i){k.fn[r]=function(e,t){var n=k.map(this,i,e);return"Until"!==r.slice(-5)&&(t=e),t&&"string"==typeof t&&(n=k.filter(t,n)),1<this.length&&(O[r]||k.uniqueSort(n),H.test(r)&&n.reverse()),this.pushStack(n)}});var R=/[^\x20\t\r\n\f]+/g;function M(e){return e}function I(e){throw e}function W(e,t,n,r){var i;try{e&&m(i=e.promise)?i.call(e).done(t).fail(n):e&&m(i=e.then)?i.call(e,t,n):t.apply(void 0,[e].slice(r))}catch(e){n.apply(void 0,[e])}}k.Callbacks=function(r){var e,n;r="string"==typeof r?(e=r,n={},k.each(e.match(R)||[],function(e,t){n[t]=!0}),n):k.extend({},r);var i,t,o,a,s=[],u=[],l=-1,c=function(){for(a=a||r.once,o=i=!0;u.length;l=-1){t=u.shift();while(++l<s.length)!1===s[l].apply(t[0],t[1])&&r.stopOnFalse&&(l=s.length,t=!1)}r.memory||(t=!1),i=!1,a&&(s=t?[]:"")},f={add:function(){return s&&(t&&!i&&(l=s.length-1,u.push(t)),function n(e){k.each(e,function(e,t){m(t)?r.unique&&f.has(t)||s.push(t):t&&t.length&&"string"!==w(t)&&n(t)})}(arguments),t&&!i&&c()),this},remove:function(){return k.each(arguments,function(e,t){var n;while(-1<(n=k.inArray(t,s,n)))s.splice(n,1),n<=l&&l--}),this},has:function(e){return e?-1<k.inArray(e,s):0<s.length},empty:function(){return s&&(s=[]),this},disable:function(){return a=u=[],s=t="",this},disabled:function(){return!s},lock:function(){return a=u=[],t||i||(s=t=""),this},locked:function(){return!!a},fireWith:function(e,t){return a||(t=[e,(t=t||[]).slice?t.slice():t],u.push(t),i||c()),this},fire:function(){return f.fireWith(this,arguments),this},fired:function(){return!!o}};return f},k.extend({Deferred:function(e){var o=[["notify","progress",k.Callbacks("memory"),k.Callbacks("memory"),2],["resolve","done",k.Callbacks("once memory"),k.Callbacks("once memory"),0,"resolved"],["reject","fail",k.Callbacks("once memory"),k.Callbacks("once memory"),1,"rejected"]],i="pending",a={state:function(){return i},always:function(){return s.done(arguments).fail(arguments),this},"catch":function(e){return a.then(null,e)},pipe:function(){var i=arguments;return k.Deferred(function(r){k.each(o,function(e,t){var n=m(i[t[4]])&&i[t[4]];s[t[1]](function(){var e=n&&n.apply(this,arguments);e&&m(e.promise)?e.promise().progress(r.notify).done(r.resolve).fail(r.reject):r[t[0]+"With"](this,n?[e]:arguments)})}),i=null}).promise()},then:function(t,n,r){var u=0;function l(i,o,a,s){return function(){var n=this,r=arguments,e=function(){var e,t;if(!(i<u)){if((e=a.apply(n,r))===o.promise())throw new TypeError("Thenable self-resolution");t=e&&("object"==typeof e||"function"==typeof e)&&e.then,m(t)?s?t.call(e,l(u,o,M,s),l(u,o,I,s)):(u++,t.call(e,l(u,o,M,s),l(u,o,I,s),l(u,o,M,o.notifyWith))):(a!==M&&(n=void 0,r=[e]),(s||o.resolveWith)(n,r))}},t=s?e:function(){try{e()}catch(e){k.Deferred.exceptionHook&&k.Deferred.exceptionHook(e,t.stackTrace),u<=i+1&&(a!==I&&(n=void 0,r=[e]),o.rejectWith(n,r))}};i?t():(k.Deferred.getStackHook&&(t.stackTrace=k.Deferred.getStackHook()),C.setTimeout(t))}}return k.Deferred(function(e){o[0][3].add(l(0,e,m(r)?r:M,e.notifyWith)),o[1][3].add(l(0,e,m(t)?t:M)),o[2][3].add(l(0,e,m(n)?n:I))}).promise()},promise:function(e){return null!=e?k.extend(e,a):a}},s={};return k.each(o,function(e,t){var n=t[2],r=t[5];a[t[1]]=n.add,r&&n.add(function(){i=r},o[3-e][2].disable,o[3-e][3].disable,o[0][2].lock,o[0][3].lock),n.add(t[3].fire),s[t[0]]=function(){return s[t[0]+"With"](this===s?void 0:this,arguments),this},s[t[0]+"With"]=n.fireWith}),a.promise(s),e&&e.call(s,s),s},when:function(e){var n=arguments.length,t=n,r=Array(t),i=s.call(arguments),o=k.Deferred(),a=function(t){return function(e){r[t]=this,i[t]=1<arguments.length?s.call(arguments):e,--n||o.resolveWith(r,i)}};if(n<=1&&(W(e,o.done(a(t)).resolve,o.reject,!n),"pending"===o.state()||m(i[t]&&i[t].then)))return o.then();while(t--)W(i[t],a(t),o.reject);return o.promise()}});var $=/^(Eval|Internal|Range|Reference|Syntax|Type|URI)Error$/;k.Deferred.exceptionHook=function(e,t){C.console&&C.console.warn&&e&&$.test(e.name)&&C.console.warn("jQuery.Deferred exception: "+e.message,e.stack,t)},k.readyException=function(e){C.setTimeout(function(){throw e})};var F=k.Deferred();function B(){E.removeEventListener("DOMContentLoaded",B),C.removeEventListener("load",B),k.ready()}k.fn.ready=function(e){return F.then(e)["catch"](function(e){k.readyException(e)}),this},k.extend({isReady:!1,readyWait:1,ready:function(e){(!0===e?--k.readyWait:k.isReady)||(k.isReady=!0)!==e&&0<--k.readyWait||F.resolveWith(E,[k])}}),k.ready.then=F.then,"complete"===E.readyState||"loading"!==E.readyState&&!E.documentElement.doScroll?C.setTimeout(k.ready):(E.addEventListener("DOMContentLoaded",B),C.addEventListener("load",B));var _=function(e,t,n,r,i,o,a){var s=0,u=e.length,l=null==n;if("object"===w(n))for(s in i=!0,n)_(e,t,s,n[s],!0,o,a);else if(void 0!==r&&(i=!0,m(r)||(a=!0),l&&(a?(t.call(e,r),t=null):(l=t,t=function(e,t,n){return l.call(k(e),n)})),t))for(;s<u;s++)t(e[s],n,a?r:r.call(e[s],s,t(e[s],n)));return i?e:l?t.call(e):u?t(e[0],n):o},z=/^-ms-/,U=/-([a-z])/g;function X(e,t){return t.toUpperCase()}function V(e){return e.replace(z,"ms-").replace(U,X)}var G=function(e){return 1===e.nodeType||9===e.nodeType||!+e.nodeType};function Y(){this.expando=k.expando+Y.uid++}Y.uid=1,Y.prototype={cache:function(e){var t=e[this.expando];return t||(t={},G(e)&&(e.nodeType?e[this.expando]=t:Object.defineProperty(e,this.expando,{value:t,configurable:!0}))),t},set:function(e,t,n){var r,i=this.cache(e);if("string"==typeof t)i[V(t)]=n;else for(r in t)i[V(r)]=t[r];return i},get:function(e,t){return void 0===t?this.cache(e):e[this.expando]&&e[this.expando][V(t)]},access:function(e,t,n){return void 0===t||t&&"string"==typeof t&&void 0===n?this.get(e,t):(this.set(e,t,n),void 0!==n?n:t)},remove:function(e,t){var n,r=e[this.expando];if(void 0!==r){if(void 0!==t){n=(t=Array.isArray(t)?t.map(V):(t=V(t))in r?[t]:t.match(R)||[]).length;while(n--)delete r[t[n]]}(void 0===t||k.isEmptyObject(r))&&(e.nodeType?e[this.expando]=void 0:delete e[this.expando])}},hasData:function(e){var t=e[this.expando];return void 0!==t&&!k.isEmptyObject(t)}};var Q=new Y,J=new Y,K=/^(?:\{[\w\W]*\}|\[[\w\W]*\])$/,Z=/[A-Z]/g;function ee(e,t,n){var r,i;if(void 0===n&&1===e.nodeType)if(r="data-"+t.replace(Z,"-$&").toLowerCase(),"string"==typeof(n=e.getAttribute(r))){try{n="true"===(i=n)||"false"!==i&&("null"===i?null:i===+i+""?+i:K.test(i)?JSON.parse(i):i)}catch(e){}J.set(e,t,n)}else n=void 0;return n}k.extend({hasData:function(e){return J.hasData(e)||Q.hasData(e)},data:function(e,t,n){return J.access(e,t,n)},removeData:function(e,t){J.remove(e,t)},_data:function(e,t,n){return Q.access(e,t,n)},_removeData:function(e,t){Q.remove(e,t)}}),k.fn.extend({data:function(n,e){var t,r,i,o=this[0],a=o&&o.attributes;if(void 0===n){if(this.length&&(i=J.get(o),1===o.nodeType&&!Q.get(o,"hasDataAttrs"))){t=a.length;while(t--)a[t]&&0===(r=a[t].name).indexOf("data-")&&(r=V(r.slice(5)),ee(o,r,i[r]));Q.set(o,"hasDataAttrs",!0)}return i}return"object"==typeof n?this.each(function(){J.set(this,n)}):_(this,function(e){var t;if(o&&void 0===e)return void 0!==(t=J.get(o,n))?t:void 0!==(t=ee(o,n))?t:void 0;this.each(function(){J.set(this,n,e)})},null,e,1<arguments.length,null,!0)},removeData:function(e){return this.each(function(){J.remove(this,e)})}}),k.extend({queue:function(e,t,n){var r;if(e)return t=(t||"fx")+"queue",r=Q.get(e,t),n&&(!r||Array.isArray(n)?r=Q.access(e,t,k.makeArray(n)):r.push(n)),r||[]},dequeue:function(e,t){t=t||"fx";var n=k.queue(e,t),r=n.length,i=n.shift(),o=k._queueHooks(e,t);"inprogress"===i&&(i=n.shift(),r--),i&&("fx"===t&&n.unshift("inprogress"),delete o.stop,i.call(e,function(){k.dequeue(e,t)},o)),!r&&o&&o.empty.fire()},_queueHooks:function(e,t){var n=t+"queueHooks";return Q.get(e,n)||Q.access(e,n,{empty:k.Callbacks("once memory").add(function(){Q.remove(e,[t+"queue",n])})})}}),k.fn.extend({queue:function(t,n){var e=2;return"string"!=typeof t&&(n=t,t="fx",e--),arguments.length<e?k.queue(this[0],t):void 0===n?this:this.each(function(){var e=k.queue(this,t,n);k._queueHooks(this,t),"fx"===t&&"inprogress"!==e[0]&&k.dequeue(this,t)})},dequeue:function(e){return this.each(function(){k.dequeue(this,e)})},clearQueue:function(e){return this.queue(e||"fx",[])},promise:function(e,t){var n,r=1,i=k.Deferred(),o=this,a=this.length,s=function(){--r||i.resolveWith(o,[o])};"string"!=typeof e&&(t=e,e=void 0),e=e||"fx";while(a--)(n=Q.get(o[a],e+"queueHooks"))&&n.empty&&(r++,n.empty.add(s));return s(),i.promise(t)}});var te=/[+-]?(?:\d*\.|)\d+(?:[eE][+-]?\d+|)/.source,ne=new RegExp("^(?:([+-])=|)("+te+")([a-z%]*)$","i"),re=["Top","Right","Bottom","Left"],ie=E.documentElement,oe=function(e){return k.contains(e.ownerDocument,e)},ae={composed:!0};ie.getRootNode&&(oe=function(e){return k.contains(e.ownerDocument,e)||e.getRootNode(ae)===e.ownerDocument});var se=function(e,t){return"none"===(e=t||e).style.display||""===e.style.display&&oe(e)&&"none"===k.css(e,"display")},ue=function(e,t,n,r){var i,o,a={};for(o in t)a[o]=e.style[o],e.style[o]=t[o];for(o in i=n.apply(e,r||[]),t)e.style[o]=a[o];return i};function le(e,t,n,r){var i,o,a=20,s=r?function(){return r.cur()}:function(){return k.css(e,t,"")},u=s(),l=n&&n[3]||(k.cssNumber[t]?"":"px"),c=e.nodeType&&(k.cssNumber[t]||"px"!==l&&+u)&&ne.exec(k.css(e,t));if(c&&c[3]!==l){u/=2,l=l||c[3],c=+u||1;while(a--)k.style(e,t,c+l),(1-o)*(1-(o=s()/u||.5))<=0&&(a=0),c/=o;c*=2,k.style(e,t,c+l),n=n||[]}return n&&(c=+c||+u||0,i=n[1]?c+(n[1]+1)*n[2]:+n[2],r&&(r.unit=l,r.start=c,r.end=i)),i}var ce={};function fe(e,t){for(var n,r,i,o,a,s,u,l=[],c=0,f=e.length;c<f;c++)(r=e[c]).style&&(n=r.style.display,t?("none"===n&&(l[c]=Q.get(r,"display")||null,l[c]||(r.style.display="")),""===r.style.display&&se(r)&&(l[c]=(u=a=o=void 0,a=(i=r).ownerDocument,s=i.nodeName,(u=ce[s])||(o=a.body.appendChild(a.createElement(s)),u=k.css(o,"display"),o.parentNode.removeChild(o),"none"===u&&(u="block"),ce[s]=u)))):"none"!==n&&(l[c]="none",Q.set(r,"display",n)));for(c=0;c<f;c++)null!=l[c]&&(e[c].style.display=l[c]);return e}k.fn.extend({show:function(){return fe(this,!0)},hide:function(){return fe(this)},toggle:function(e){return"boolean"==typeof e?e?this.show():this.hide():this.each(function(){se(this)?k(this).show():k(this).hide()})}});var pe=/^(?:checkbox|radio)$/i,de=/<([a-z][^\/\0>\x20\t\r\n\f]*)/i,he=/^$|^module$|\/(?:java|ecma)script/i,ge={option:[1,"<select multiple='multiple'>","</select>"],thead:[1,"<table>","</table>"],col:[2,"<table><colgroup>","</colgroup></table>"],tr:[2,"<table><tbody>","</tbody></table>"],td:[3,"<table><tbody><tr>","</tr></tbody></table>"],_default:[0,"",""]};function ve(e,t){var n;return n="undefined"!=typeof e.getElementsByTagName?e.getElementsByTagName(t||"*"):"undefined"!=typeof e.querySelectorAll?e.querySelectorAll(t||"*"):[],void 0===t||t&&A(e,t)?k.merge([e],n):n}function ye(e,t){for(var n=0,r=e.length;n<r;n++)Q.set(e[n],"globalEval",!t||Q.get(t[n],"globalEval"))}ge.optgroup=ge.option,ge.tbody=ge.tfoot=ge.colgroup=ge.caption=ge.thead,ge.th=ge.td;var me,xe,be=/<|&#?\w+;/;function we(e,t,n,r,i){for(var o,a,s,u,l,c,f=t.createDocumentFragment(),p=[],d=0,h=e.length;d<h;d++)if((o=e[d])||0===o)if("object"===w(o))k.merge(p,o.nodeType?[o]:o);else if(be.test(o)){a=a||f.appendChild(t.createElement("div")),s=(de.exec(o)||["",""])[1].toLowerCase(),u=ge[s]||ge._default,a.innerHTML=u[1]+k.htmlPrefilter(o)+u[2],c=u[0];while(c--)a=a.lastChild;k.merge(p,a.childNodes),(a=f.firstChild).textContent=""}else p.push(t.createTextNode(o));f.textContent="",d=0;while(o=p[d++])if(r&&-1<k.inArray(o,r))i&&i.push(o);else if(l=oe(o),a=ve(f.appendChild(o),"script"),l&&ye(a),n){c=0;while(o=a[c++])he.test(o.type||"")&&n.push(o)}return f}me=E.createDocumentFragment().appendChild(E.createElement("div")),(xe=E.createElement("input")).setAttribute("type","radio"),xe.setAttribute("checked","checked"),xe.setAttribute("name","t"),me.appendChild(xe),y.checkClone=me.cloneNode(!0).cloneNode(!0).lastChild.checked,me.innerHTML="<textarea>x</textarea>",y.noCloneChecked=!!me.cloneNode(!0).lastChild.defaultValue;var Te=/^key/,Ce=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,Ee=/^([^.]*)(?:\.(.+)|)/;function ke(){return!0}function Se(){return!1}function Ne(e,t){return e===function(){try{return E.activeElement}catch(e){}}()==("focus"===t)}function Ae(e,t,n,r,i,o){var a,s;if("object"==typeof t){for(s in"string"!=typeof n&&(r=r||n,n=void 0),t)Ae(e,s,n,r,t[s],o);return e}if(null==r&&null==i?(i=n,r=n=void 0):null==i&&("string"==typeof n?(i=r,r=void 0):(i=r,r=n,n=void 0)),!1===i)i=Se;else if(!i)return e;return 1===o&&(a=i,(i=function(e){return k().off(e),a.apply(this,arguments)}).guid=a.guid||(a.guid=k.guid++)),e.each(function(){k.event.add(this,t,i,r,n)})}function De(e,i,o){o?(Q.set(e,i,!1),k.event.add(e,i,{namespace:!1,handler:function(e){var t,n,r=Q.get(this,i);if(1&e.isTrigger&&this[i]){if(r.length)(k.event.special[i]||{}).delegateType&&e.stopPropagation();else if(r=s.call(arguments),Q.set(this,i,r),t=o(this,i),this[i](),r!==(n=Q.get(this,i))||t?Q.set(this,i,!1):n={},r!==n)return e.stopImmediatePropagation(),e.preventDefault(),n.value}else r.length&&(Q.set(this,i,{value:k.event.trigger(k.extend(r[0],k.Event.prototype),r.slice(1),this)}),e.stopImmediatePropagation())}})):void 0===Q.get(e,i)&&k.event.add(e,i,ke)}k.event={global:{},add:function(t,e,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Q.get(t);if(v){n.handler&&(n=(o=n).handler,i=o.selector),i&&k.find.matchesSelector(ie,i),n.guid||(n.guid=k.guid++),(u=v.events)||(u=v.events={}),(a=v.handle)||(a=v.handle=function(e){return"undefined"!=typeof k&&k.event.triggered!==e.type?k.event.dispatch.apply(t,arguments):void 0}),l=(e=(e||"").match(R)||[""]).length;while(l--)d=g=(s=Ee.exec(e[l])||[])[1],h=(s[2]||"").split(".").sort(),d&&(f=k.event.special[d]||{},d=(i?f.delegateType:f.bindType)||d,f=k.event.special[d]||{},c=k.extend({type:d,origType:g,data:r,handler:n,guid:n.guid,selector:i,needsContext:i&&k.expr.match.needsContext.test(i),namespace:h.join(".")},o),(p=u[d])||((p=u[d]=[]).delegateCount=0,f.setup&&!1!==f.setup.call(t,r,h,a)||t.addEventListener&&t.addEventListener(d,a)),f.add&&(f.add.call(t,c),c.handler.guid||(c.handler.guid=n.guid)),i?p.splice(p.delegateCount++,0,c):p.push(c),k.event.global[d]=!0)}},remove:function(e,t,n,r,i){var o,a,s,u,l,c,f,p,d,h,g,v=Q.hasData(e)&&Q.get(e);if(v&&(u=v.events)){l=(t=(t||"").match(R)||[""]).length;while(l--)if(d=g=(s=Ee.exec(t[l])||[])[1],h=(s[2]||"").split(".").sort(),d){f=k.event.special[d]||{},p=u[d=(r?f.delegateType:f.bindType)||d]||[],s=s[2]&&new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"),a=o=p.length;while(o--)c=p[o],!i&&g!==c.origType||n&&n.guid!==c.guid||s&&!s.test(c.namespace)||r&&r!==c.selector&&("**"!==r||!c.selector)||(p.splice(o,1),c.selector&&p.delegateCount--,f.remove&&f.remove.call(e,c));a&&!p.length&&(f.teardown&&!1!==f.teardown.call(e,h,v.handle)||k.removeEvent(e,d,v.handle),delete u[d])}else for(d in u)k.event.remove(e,d+t[l],n,r,!0);k.isEmptyObject(u)&&Q.remove(e,"handle events")}},dispatch:function(e){var t,n,r,i,o,a,s=k.event.fix(e),u=new Array(arguments.length),l=(Q.get(this,"events")||{})[s.type]||[],c=k.event.special[s.type]||{};for(u[0]=s,t=1;t<arguments.length;t++)u[t]=arguments[t];if(s.delegateTarget=this,!c.preDispatch||!1!==c.preDispatch.call(this,s)){a=k.event.handlers.call(this,s,l),t=0;while((i=a[t++])&&!s.isPropagationStopped()){s.currentTarget=i.elem,n=0;while((o=i.handlers[n++])&&!s.isImmediatePropagationStopped())s.rnamespace&&!1!==o.namespace&&!s.rnamespace.test(o.namespace)||(s.handleObj=o,s.data=o.data,void 0!==(r=((k.event.special[o.origType]||{}).handle||o.handler).apply(i.elem,u))&&!1===(s.result=r)&&(s.preventDefault(),s.stopPropagation()))}return c.postDispatch&&c.postDispatch.call(this,s),s.result}},handlers:function(e,t){var n,r,i,o,a,s=[],u=t.delegateCount,l=e.target;if(u&&l.nodeType&&!("click"===e.type&&1<=e.button))for(;l!==this;l=l.parentNode||this)if(1===l.nodeType&&("click"!==e.type||!0!==l.disabled)){for(o=[],a={},n=0;n<u;n++)void 0===a[i=(r=t[n]).selector+" "]&&(a[i]=r.needsContext?-1<k(i,this).index(l):k.find(i,this,null,[l]).length),a[i]&&o.push(r);o.length&&s.push({elem:l,handlers:o})}return l=this,u<t.length&&s.push({elem:l,handlers:t.slice(u)}),s},addProp:function(t,e){Object.defineProperty(k.Event.prototype,t,{enumerable:!0,configurable:!0,get:m(e)?function(){if(this.originalEvent)return e(this.originalEvent)}:function(){if(this.originalEvent)return this.originalEvent[t]},set:function(e){Object.defineProperty(this,t,{enumerable:!0,configurable:!0,writable:!0,value:e})}})},fix:function(e){return e[k.expando]?e:new k.Event(e)},special:{load:{noBubble:!0},click:{setup:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&De(t,"click",ke),!1},trigger:function(e){var t=this||e;return pe.test(t.type)&&t.click&&A(t,"input")&&De(t,"click"),!0},_default:function(e){var t=e.target;return pe.test(t.type)&&t.click&&A(t,"input")&&Q.get(t,"click")||A(t,"a")}},beforeunload:{postDispatch:function(e){void 0!==e.result&&e.originalEvent&&(e.originalEvent.returnValue=e.result)}}}},k.removeEvent=function(e,t,n){e.removeEventListener&&e.removeEventListener(t,n)},k.Event=function(e,t){if(!(this instanceof k.Event))return new k.Event(e,t);e&&e.type?(this.originalEvent=e,this.type=e.type,this.isDefaultPrevented=e.defaultPrevented||void 0===e.defaultPrevented&&!1===e.returnValue?ke:Se,this.target=e.target&&3===e.target.nodeType?e.target.parentNode:e.target,this.currentTarget=e.currentTarget,this.relatedTarget=e.relatedTarget):this.type=e,t&&k.extend(this,t),this.timeStamp=e&&e.timeStamp||Date.now(),this[k.expando]=!0},k.Event.prototype={constructor:k.Event,isDefaultPrevented:Se,isPropagationStopped:Se,isImmediatePropagationStopped:Se,isSimulated:!1,preventDefault:function(){var e=this.originalEvent;this.isDefaultPrevented=ke,e&&!this.isSimulated&&e.preventDefault()},stopPropagation:function(){var e=this.originalEvent;this.isPropagationStopped=ke,e&&!this.isSimulated&&e.stopPropagation()},stopImmediatePropagation:function(){var e=this.originalEvent;this.isImmediatePropagationStopped=ke,e&&!this.isSimulated&&e.stopImmediatePropagation(),this.stopPropagation()}},k.each({altKey:!0,bubbles:!0,cancelable:!0,changedTouches:!0,ctrlKey:!0,detail:!0,eventPhase:!0,metaKey:!0,pageX:!0,pageY:!0,shiftKey:!0,view:!0,"char":!0,code:!0,charCode:!0,key:!0,keyCode:!0,button:!0,buttons:!0,clientX:!0,clientY:!0,offsetX:!0,offsetY:!0,pointerId:!0,pointerType:!0,screenX:!0,screenY:!0,targetTouches:!0,toElement:!0,touches:!0,which:function(e){var t=e.button;return null==e.which&&Te.test(e.type)?null!=e.charCode?e.charCode:e.keyCode:!e.which&&void 0!==t&&Ce.test(e.type)?1&t?1:2&t?3:4&t?2:0:e.which}},k.event.addProp),k.each({focus:"focusin",blur:"focusout"},function(e,t){k.event.special[e]={setup:function(){return De(this,e,Ne),!1},trigger:function(){return De(this,e),!0},delegateType:t}}),k.each({mouseenter:"mouseover",mouseleave:"mouseout",pointerenter:"pointerover",pointerleave:"pointerout"},function(e,i){k.event.special[e]={delegateType:i,bindType:i,handle:function(e){var t,n=e.relatedTarget,r=e.handleObj;return n&&(n===this||k.contains(this,n))||(e.type=r.origType,t=r.handler.apply(this,arguments),e.type=i),t}}}),k.fn.extend({on:function(e,t,n,r){return Ae(this,e,t,n,r)},one:function(e,t,n,r){return Ae(this,e,t,n,r,1)},off:function(e,t,n){var r,i;if(e&&e.preventDefault&&e.handleObj)return r=e.handleObj,k(e.delegateTarget).off(r.namespace?r.origType+"."+r.namespace:r.origType,r.selector,r.handler),this;if("object"==typeof e){for(i in e)this.off(i,t,e[i]);return this}return!1!==t&&"function"!=typeof t||(n=t,t=void 0),!1===n&&(n=Se),this.each(function(){k.event.remove(this,e,n,t)})}});var je=/<(?!area|br|col|embed|hr|img|input|link|meta|param)(([a-z][^\/\0>\x20\t\r\n\f]*)[^>]*)\/>/gi,qe=/<script|<style|<link/i,Le=/checked\s*(?:[^=]|=\s*.checked.)/i,He=/^\s*<!(?:\[CDATA\[|--)|(?:\]\]|--)>\s*$/g;function Oe(e,t){return A(e,"table")&&A(11!==t.nodeType?t:t.firstChild,"tr")&&k(e).children("tbody")[0]||e}function Pe(e){return e.type=(null!==e.getAttribute("type"))+"/"+e.type,e}function Re(e){return"true/"===(e.type||"").slice(0,5)?e.type=e.type.slice(5):e.removeAttribute("type"),e}function Me(e,t){var n,r,i,o,a,s,u,l;if(1===t.nodeType){if(Q.hasData(e)&&(o=Q.access(e),a=Q.set(t,o),l=o.events))for(i in delete a.handle,a.events={},l)for(n=0,r=l[i].length;n<r;n++)k.event.add(t,i,l[i][n]);J.hasData(e)&&(s=J.access(e),u=k.extend({},s),J.set(t,u))}}function Ie(n,r,i,o){r=g.apply([],r);var e,t,a,s,u,l,c=0,f=n.length,p=f-1,d=r[0],h=m(d);if(h||1<f&&"string"==typeof d&&!y.checkClone&&Le.test(d))return n.each(function(e){var t=n.eq(e);h&&(r[0]=d.call(this,e,t.html())),Ie(t,r,i,o)});if(f&&(t=(e=we(r,n[0].ownerDocument,!1,n,o)).firstChild,1===e.childNodes.length&&(e=t),t||o)){for(s=(a=k.map(ve(e,"script"),Pe)).length;c<f;c++)u=e,c!==p&&(u=k.clone(u,!0,!0),s&&k.merge(a,ve(u,"script"))),i.call(n[c],u,c);if(s)for(l=a[a.length-1].ownerDocument,k.map(a,Re),c=0;c<s;c++)u=a[c],he.test(u.type||"")&&!Q.access(u,"globalEval")&&k.contains(l,u)&&(u.src&&"module"!==(u.type||"").toLowerCase()?k._evalUrl&&!u.noModule&&k._evalUrl(u.src,{nonce:u.nonce||u.getAttribute("nonce")}):b(u.textContent.replace(He,""),u,l))}return n}function We(e,t,n){for(var r,i=t?k.filter(t,e):e,o=0;null!=(r=i[o]);o++)n||1!==r.nodeType||k.cleanData(ve(r)),r.parentNode&&(n&&oe(r)&&ye(ve(r,"script")),r.parentNode.removeChild(r));return e}k.extend({htmlPrefilter:function(e){return e.replace(je,"<$1></$2>")},clone:function(e,t,n){var r,i,o,a,s,u,l,c=e.cloneNode(!0),f=oe(e);if(!(y.noCloneChecked||1!==e.nodeType&&11!==e.nodeType||k.isXMLDoc(e)))for(a=ve(c),r=0,i=(o=ve(e)).length;r<i;r++)s=o[r],u=a[r],void 0,"input"===(l=u.nodeName.toLowerCase())&&pe.test(s.type)?u.checked=s.checked:"input"!==l&&"textarea"!==l||(u.defaultValue=s.defaultValue);if(t)if(n)for(o=o||ve(e),a=a||ve(c),r=0,i=o.length;r<i;r++)Me(o[r],a[r]);else Me(e,c);return 0<(a=ve(c,"script")).length&&ye(a,!f&&ve(e,"script")),c},cleanData:function(e){for(var t,n,r,i=k.event.special,o=0;void 0!==(n=e[o]);o++)if(G(n)){if(t=n[Q.expando]){if(t.events)for(r in t.events)i[r]?k.event.remove(n,r):k.removeEvent(n,r,t.handle);n[Q.expando]=void 0}n[J.expando]&&(n[J.expando]=void 0)}}}),k.fn.extend({detach:function(e){return We(this,e,!0)},remove:function(e){return We(this,e)},text:function(e){return _(this,function(e){return void 0===e?k.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=e)})},null,e,arguments.length)},append:function(){return Ie(this,arguments,function(e){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||Oe(this,e).appendChild(e)})},prepend:function(){return Ie(this,arguments,function(e){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var t=Oe(this,e);t.insertBefore(e,t.firstChild)}})},before:function(){return Ie(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this)})},after:function(){return Ie(this,arguments,function(e){this.parentNode&&this.parentNode.insertBefore(e,this.nextSibling)})},empty:function(){for(var e,t=0;null!=(e=this[t]);t++)1===e.nodeType&&(k.cleanData(ve(e,!1)),e.textContent="");return this},clone:function(e,t){return e=null!=e&&e,t=null==t?e:t,this.map(function(){return k.clone(this,e,t)})},html:function(e){return _(this,function(e){var t=this[0]||{},n=0,r=this.length;if(void 0===e&&1===t.nodeType)return t.innerHTML;if("string"==typeof e&&!qe.test(e)&&!ge[(de.exec(e)||["",""])[1].toLowerCase()]){e=k.htmlPrefilter(e);try{for(;n<r;n++)1===(t=this[n]||{}).nodeType&&(k.cleanData(ve(t,!1)),t.innerHTML=e);t=0}catch(e){}}t&&this.empty().append(e)},null,e,arguments.length)},replaceWith:function(){var n=[];return Ie(this,arguments,function(e){var t=this.parentNode;k.inArray(this,n)<0&&(k.cleanData(ve(this)),t&&t.replaceChild(e,this))},n)}}),k.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(e,a){k.fn[e]=function(e){for(var t,n=[],r=k(e),i=r.length-1,o=0;o<=i;o++)t=o===i?this:this.clone(!0),k(r[o])[a](t),u.apply(n,t.get());return this.pushStack(n)}});var $e=new RegExp("^("+te+")(?!px)[a-z%]+$","i"),Fe=function(e){var t=e.ownerDocument.defaultView;return t&&t.opener||(t=C),t.getComputedStyle(e)},Be=new RegExp(re.join("|"),"i");function _e(e,t,n){var r,i,o,a,s=e.style;return(n=n||Fe(e))&&(""!==(a=n.getPropertyValue(t)||n[t])||oe(e)||(a=k.style(e,t)),!y.pixelBoxStyles()&&$e.test(a)&&Be.test(t)&&(r=s.width,i=s.minWidth,o=s.maxWidth,s.minWidth=s.maxWidth=s.width=a,a=n.width,s.width=r,s.minWidth=i,s.maxWidth=o)),void 0!==a?a+"":a}function ze(e,t){return{get:function(){if(!e())return(this.get=t).apply(this,arguments);delete this.get}}}!function(){function e(){if(u){s.style.cssText="position:absolute;left:-11111px;width:60px;margin-top:1px;padding:0;border:0",u.style.cssText="position:relative;display:block;box-sizing:border-box;overflow:scroll;margin:auto;border:1px;padding:1px;width:60%;top:1%",ie.appendChild(s).appendChild(u);var e=C.getComputedStyle(u);n="1%"!==e.top,a=12===t(e.marginLeft),u.style.right="60%",o=36===t(e.right),r=36===t(e.width),u.style.position="absolute",i=12===t(u.offsetWidth/3),ie.removeChild(s),u=null}}function t(e){return Math.round(parseFloat(e))}var n,r,i,o,a,s=E.createElement("div"),u=E.createElement("div");u.style&&(u.style.backgroundClip="content-box",u.cloneNode(!0).style.backgroundClip="",y.clearCloneStyle="content-box"===u.style.backgroundClip,k.extend(y,{boxSizingReliable:function(){return e(),r},pixelBoxStyles:function(){return e(),o},pixelPosition:function(){return e(),n},reliableMarginLeft:function(){return e(),a},scrollboxSize:function(){return e(),i}}))}();var Ue=["Webkit","Moz","ms"],Xe=E.createElement("div").style,Ve={};function Ge(e){var t=k.cssProps[e]||Ve[e];return t||(e in Xe?e:Ve[e]=function(e){var t=e[0].toUpperCase()+e.slice(1),n=Ue.length;while(n--)if((e=Ue[n]+t)in Xe)return e}(e)||e)}var Ye=/^(none|table(?!-c[ea]).+)/,Qe=/^--/,Je={position:"absolute",visibility:"hidden",display:"block"},Ke={letterSpacing:"0",fontWeight:"400"};function Ze(e,t,n){var r=ne.exec(t);return r?Math.max(0,r[2]-(n||0))+(r[3]||"px"):t}function et(e,t,n,r,i,o){var a="width"===t?1:0,s=0,u=0;if(n===(r?"border":"content"))return 0;for(;a<4;a+=2)"margin"===n&&(u+=k.css(e,n+re[a],!0,i)),r?("content"===n&&(u-=k.css(e,"padding"+re[a],!0,i)),"margin"!==n&&(u-=k.css(e,"border"+re[a]+"Width",!0,i))):(u+=k.css(e,"padding"+re[a],!0,i),"padding"!==n?u+=k.css(e,"border"+re[a]+"Width",!0,i):s+=k.css(e,"border"+re[a]+"Width",!0,i));return!r&&0<=o&&(u+=Math.max(0,Math.ceil(e["offset"+t[0].toUpperCase()+t.slice(1)]-o-u-s-.5))||0),u}function tt(e,t,n){var r=Fe(e),i=(!y.boxSizingReliable()||n)&&"border-box"===k.css(e,"boxSizing",!1,r),o=i,a=_e(e,t,r),s="offset"+t[0].toUpperCase()+t.slice(1);if($e.test(a)){if(!n)return a;a="auto"}return(!y.boxSizingReliable()&&i||"auto"===a||!parseFloat(a)&&"inline"===k.css(e,"display",!1,r))&&e.getClientRects().length&&(i="border-box"===k.css(e,"boxSizing",!1,r),(o=s in e)&&(a=e[s])),(a=parseFloat(a)||0)+et(e,t,n||(i?"border":"content"),o,r,a)+"px"}function nt(e,t,n,r,i){return new nt.prototype.init(e,t,n,r,i)}k.extend({cssHooks:{opacity:{get:function(e,t){if(t){var n=_e(e,"opacity");return""===n?"1":n}}}},cssNumber:{animationIterationCount:!0,columnCount:!0,fillOpacity:!0,flexGrow:!0,flexShrink:!0,fontWeight:!0,gridArea:!0,gridColumn:!0,gridColumnEnd:!0,gridColumnStart:!0,gridRow:!0,gridRowEnd:!0,gridRowStart:!0,lineHeight:!0,opacity:!0,order:!0,orphans:!0,widows:!0,zIndex:!0,zoom:!0},cssProps:{},style:function(e,t,n,r){if(e&&3!==e.nodeType&&8!==e.nodeType&&e.style){var i,o,a,s=V(t),u=Qe.test(t),l=e.style;if(u||(t=Ge(s)),a=k.cssHooks[t]||k.cssHooks[s],void 0===n)return a&&"get"in a&&void 0!==(i=a.get(e,!1,r))?i:l[t];"string"===(o=typeof n)&&(i=ne.exec(n))&&i[1]&&(n=le(e,t,i),o="number"),null!=n&&n==n&&("number"!==o||u||(n+=i&&i[3]||(k.cssNumber[s]?"":"px")),y.clearCloneStyle||""!==n||0!==t.indexOf("background")||(l[t]="inherit"),a&&"set"in a&&void 0===(n=a.set(e,n,r))||(u?l.setProperty(t,n):l[t]=n))}},css:function(e,t,n,r){var i,o,a,s=V(t);return Qe.test(t)||(t=Ge(s)),(a=k.cssHooks[t]||k.cssHooks[s])&&"get"in a&&(i=a.get(e,!0,n)),void 0===i&&(i=_e(e,t,r)),"normal"===i&&t in Ke&&(i=Ke[t]),""===n||n?(o=parseFloat(i),!0===n||isFinite(o)?o||0:i):i}}),k.each(["height","width"],function(e,u){k.cssHooks[u]={get:function(e,t,n){if(t)return!Ye.test(k.css(e,"display"))||e.getClientRects().length&&e.getBoundingClientRect().width?tt(e,u,n):ue(e,Je,function(){return tt(e,u,n)})},set:function(e,t,n){var r,i=Fe(e),o=!y.scrollboxSize()&&"absolute"===i.position,a=(o||n)&&"border-box"===k.css(e,"boxSizing",!1,i),s=n?et(e,u,n,a,i):0;return a&&o&&(s-=Math.ceil(e["offset"+u[0].toUpperCase()+u.slice(1)]-parseFloat(i[u])-et(e,u,"border",!1,i)-.5)),s&&(r=ne.exec(t))&&"px"!==(r[3]||"px")&&(e.style[u]=t,t=k.css(e,u)),Ze(0,t,s)}}}),k.cssHooks.marginLeft=ze(y.reliableMarginLeft,function(e,t){if(t)return(parseFloat(_e(e,"marginLeft"))||e.getBoundingClientRect().left-ue(e,{marginLeft:0},function(){return e.getBoundingClientRect().left}))+"px"}),k.each({margin:"",padding:"",border:"Width"},function(i,o){k.cssHooks[i+o]={expand:function(e){for(var t=0,n={},r="string"==typeof e?e.split(" "):[e];t<4;t++)n[i+re[t]+o]=r[t]||r[t-2]||r[0];return n}},"margin"!==i&&(k.cssHooks[i+o].set=Ze)}),k.fn.extend({css:function(e,t){return _(this,function(e,t,n){var r,i,o={},a=0;if(Array.isArray(t)){for(r=Fe(e),i=t.length;a<i;a++)o[t[a]]=k.css(e,t[a],!1,r);return o}return void 0!==n?k.style(e,t,n):k.css(e,t)},e,t,1<arguments.length)}}),((k.Tween=nt).prototype={constructor:nt,init:function(e,t,n,r,i,o){this.elem=e,this.prop=n,this.easing=i||k.easing._default,this.options=t,this.start=this.now=this.cur(),this.end=r,this.unit=o||(k.cssNumber[n]?"":"px")},cur:function(){var e=nt.propHooks[this.prop];return e&&e.get?e.get(this):nt.propHooks._default.get(this)},run:function(e){var t,n=nt.propHooks[this.prop];return this.options.duration?this.pos=t=k.easing[this.easing](e,this.options.duration*e,0,1,this.options.duration):this.pos=t=e,this.now=(this.end-this.start)*t+this.start,this.options.step&&this.options.step.call(this.elem,this.now,this),n&&n.set?n.set(this):nt.propHooks._default.set(this),this}}).init.prototype=nt.prototype,(nt.propHooks={_default:{get:function(e){var t;return 1!==e.elem.nodeType||null!=e.elem[e.prop]&&null==e.elem.style[e.prop]?e.elem[e.prop]:(t=k.css(e.elem,e.prop,""))&&"auto"!==t?t:0},set:function(e){k.fx.step[e.prop]?k.fx.step[e.prop](e):1!==e.elem.nodeType||!k.cssHooks[e.prop]&&null==e.elem.style[Ge(e.prop)]?e.elem[e.prop]=e.now:k.style(e.elem,e.prop,e.now+e.unit)}}}).scrollTop=nt.propHooks.scrollLeft={set:function(e){e.elem.nodeType&&e.elem.parentNode&&(e.elem[e.prop]=e.now)}},k.easing={linear:function(e){return e},swing:function(e){return.5-Math.cos(e*Math.PI)/2},_default:"swing"},k.fx=nt.prototype.init,k.fx.step={};var rt,it,ot,at,st=/^(?:toggle|show|hide)$/,ut=/queueHooks$/;function lt(){it&&(!1===E.hidden&&C.requestAnimationFrame?C.requestAnimationFrame(lt):C.setTimeout(lt,k.fx.interval),k.fx.tick())}function ct(){return C.setTimeout(function(){rt=void 0}),rt=Date.now()}function ft(e,t){var n,r=0,i={height:e};for(t=t?1:0;r<4;r+=2-t)i["margin"+(n=re[r])]=i["padding"+n]=e;return t&&(i.opacity=i.width=e),i}function pt(e,t,n){for(var r,i=(dt.tweeners[t]||[]).concat(dt.tweeners["*"]),o=0,a=i.length;o<a;o++)if(r=i[o].call(n,t,e))return r}function dt(o,e,t){var n,a,r=0,i=dt.prefilters.length,s=k.Deferred().always(function(){delete u.elem}),u=function(){if(a)return!1;for(var e=rt||ct(),t=Math.max(0,l.startTime+l.duration-e),n=1-(t/l.duration||0),r=0,i=l.tweens.length;r<i;r++)l.tweens[r].run(n);return s.notifyWith(o,[l,n,t]),n<1&&i?t:(i||s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l]),!1)},l=s.promise({elem:o,props:k.extend({},e),opts:k.extend(!0,{specialEasing:{},easing:k.easing._default},t),originalProperties:e,originalOptions:t,startTime:rt||ct(),duration:t.duration,tweens:[],createTween:function(e,t){var n=k.Tween(o,l.opts,e,t,l.opts.specialEasing[e]||l.opts.easing);return l.tweens.push(n),n},stop:function(e){var t=0,n=e?l.tweens.length:0;if(a)return this;for(a=!0;t<n;t++)l.tweens[t].run(1);return e?(s.notifyWith(o,[l,1,0]),s.resolveWith(o,[l,e])):s.rejectWith(o,[l,e]),this}}),c=l.props;for(!function(e,t){var n,r,i,o,a;for(n in e)if(i=t[r=V(n)],o=e[n],Array.isArray(o)&&(i=o[1],o=e[n]=o[0]),n!==r&&(e[r]=o,delete e[n]),(a=k.cssHooks[r])&&"expand"in a)for(n in o=a.expand(o),delete e[r],o)n in e||(e[n]=o[n],t[n]=i);else t[r]=i}(c,l.opts.specialEasing);r<i;r++)if(n=dt.prefilters[r].call(l,o,c,l.opts))return m(n.stop)&&(k._queueHooks(l.elem,l.opts.queue).stop=n.stop.bind(n)),n;return k.map(c,pt,l),m(l.opts.start)&&l.opts.start.call(o,l),l.progress(l.opts.progress).done(l.opts.done,l.opts.complete).fail(l.opts.fail).always(l.opts.always),k.fx.timer(k.extend(u,{elem:o,anim:l,queue:l.opts.queue})),l}k.Animation=k.extend(dt,{tweeners:{"*":[function(e,t){var n=this.createTween(e,t);return le(n.elem,e,ne.exec(t),n),n}]},tweener:function(e,t){m(e)?(t=e,e=["*"]):e=e.match(R);for(var n,r=0,i=e.length;r<i;r++)n=e[r],dt.tweeners[n]=dt.tweeners[n]||[],dt.tweeners[n].unshift(t)},prefilters:[function(e,t,n){var r,i,o,a,s,u,l,c,f="width"in t||"height"in t,p=this,d={},h=e.style,g=e.nodeType&&se(e),v=Q.get(e,"fxshow");for(r in n.queue||(null==(a=k._queueHooks(e,"fx")).unqueued&&(a.unqueued=0,s=a.empty.fire,a.empty.fire=function(){a.unqueued||s()}),a.unqueued++,p.always(function(){p.always(function(){a.unqueued--,k.queue(e,"fx").length||a.empty.fire()})})),t)if(i=t[r],st.test(i)){if(delete t[r],o=o||"toggle"===i,i===(g?"hide":"show")){if("show"!==i||!v||void 0===v[r])continue;g=!0}d[r]=v&&v[r]||k.style(e,r)}if((u=!k.isEmptyObject(t))||!k.isEmptyObject(d))for(r in f&&1===e.nodeType&&(n.overflow=[h.overflow,h.overflowX,h.overflowY],null==(l=v&&v.display)&&(l=Q.get(e,"display")),"none"===(c=k.css(e,"display"))&&(l?c=l:(fe([e],!0),l=e.style.display||l,c=k.css(e,"display"),fe([e]))),("inline"===c||"inline-block"===c&&null!=l)&&"none"===k.css(e,"float")&&(u||(p.done(function(){h.display=l}),null==l&&(c=h.display,l="none"===c?"":c)),h.display="inline-block")),n.overflow&&(h.overflow="hidden",p.always(function(){h.overflow=n.overflow[0],h.overflowX=n.overflow[1],h.overflowY=n.overflow[2]})),u=!1,d)u||(v?"hidden"in v&&(g=v.hidden):v=Q.access(e,"fxshow",{display:l}),o&&(v.hidden=!g),g&&fe([e],!0),p.done(function(){for(r in g||fe([e]),Q.remove(e,"fxshow"),d)k.style(e,r,d[r])})),u=pt(g?v[r]:0,r,p),r in v||(v[r]=u.start,g&&(u.end=u.start,u.start=0))}],prefilter:function(e,t){t?dt.prefilters.unshift(e):dt.prefilters.push(e)}}),k.speed=function(e,t,n){var r=e&&"object"==typeof e?k.extend({},e):{complete:n||!n&&t||m(e)&&e,duration:e,easing:n&&t||t&&!m(t)&&t};return k.fx.off?r.duration=0:"number"!=typeof r.duration&&(r.duration in k.fx.speeds?r.duration=k.fx.speeds[r.duration]:r.duration=k.fx.speeds._default),null!=r.queue&&!0!==r.queue||(r.queue="fx"),r.old=r.complete,r.complete=function(){m(r.old)&&r.old.call(this),r.queue&&k.dequeue(this,r.queue)},r},k.fn.extend({fadeTo:function(e,t,n,r){return this.filter(se).css("opacity",0).show().end().animate({opacity:t},e,n,r)},animate:function(t,e,n,r){var i=k.isEmptyObject(t),o=k.speed(e,n,r),a=function(){var e=dt(this,k.extend({},t),o);(i||Q.get(this,"finish"))&&e.stop(!0)};return a.finish=a,i||!1===o.queue?this.each(a):this.queue(o.queue,a)},stop:function(i,e,o){var a=function(e){var t=e.stop;delete e.stop,t(o)};return"string"!=typeof i&&(o=e,e=i,i=void 0),e&&!1!==i&&this.queue(i||"fx",[]),this.each(function(){var e=!0,t=null!=i&&i+"queueHooks",n=k.timers,r=Q.get(this);if(t)r[t]&&r[t].stop&&a(r[t]);else for(t in r)r[t]&&r[t].stop&&ut.test(t)&&a(r[t]);for(t=n.length;t--;)n[t].elem!==this||null!=i&&n[t].queue!==i||(n[t].anim.stop(o),e=!1,n.splice(t,1));!e&&o||k.dequeue(this,i)})},finish:function(a){return!1!==a&&(a=a||"fx"),this.each(function(){var e,t=Q.get(this),n=t[a+"queue"],r=t[a+"queueHooks"],i=k.timers,o=n?n.length:0;for(t.finish=!0,k.queue(this,a,[]),r&&r.stop&&r.stop.call(this,!0),e=i.length;e--;)i[e].elem===this&&i[e].queue===a&&(i[e].anim.stop(!0),i.splice(e,1));for(e=0;e<o;e++)n[e]&&n[e].finish&&n[e].finish.call(this);delete t.finish})}}),k.each(["toggle","show","hide"],function(e,r){var i=k.fn[r];k.fn[r]=function(e,t,n){return null==e||"boolean"==typeof e?i.apply(this,arguments):this.animate(ft(r,!0),e,t,n)}}),k.each({slideDown:ft("show"),slideUp:ft("hide"),slideToggle:ft("toggle"),fadeIn:{opacity:"show"},fadeOut:{opacity:"hide"},fadeToggle:{opacity:"toggle"}},function(e,r){k.fn[e]=function(e,t,n){return this.animate(r,e,t,n)}}),k.timers=[],k.fx.tick=function(){var e,t=0,n=k.timers;for(rt=Date.now();t<n.length;t++)(e=n[t])()||n[t]!==e||n.splice(t--,1);n.length||k.fx.stop(),rt=void 0},k.fx.timer=function(e){k.timers.push(e),k.fx.start()},k.fx.interval=13,k.fx.start=function(){it||(it=!0,lt())},k.fx.stop=function(){it=null},k.fx.speeds={slow:600,fast:200,_default:400},k.fn.delay=function(r,e){return r=k.fx&&k.fx.speeds[r]||r,e=e||"fx",this.queue(e,function(e,t){var n=C.setTimeout(e,r);t.stop=function(){C.clearTimeout(n)}})},ot=E.createElement("input"),at=E.createElement("select").appendChild(E.createElement("option")),ot.type="checkbox",y.checkOn=""!==ot.value,y.optSelected=at.selected,(ot=E.createElement("input")).value="t",ot.type="radio",y.radioValue="t"===ot.value;var ht,gt=k.expr.attrHandle;k.fn.extend({attr:function(e,t){return _(this,k.attr,e,t,1<arguments.length)},removeAttr:function(e){return this.each(function(){k.removeAttr(this,e)})}}),k.extend({attr:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return"undefined"==typeof e.getAttribute?k.prop(e,t,n):(1===o&&k.isXMLDoc(e)||(i=k.attrHooks[t.toLowerCase()]||(k.expr.match.bool.test(t)?ht:void 0)),void 0!==n?null===n?void k.removeAttr(e,t):i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:(e.setAttribute(t,n+""),n):i&&"get"in i&&null!==(r=i.get(e,t))?r:null==(r=k.find.attr(e,t))?void 0:r)},attrHooks:{type:{set:function(e,t){if(!y.radioValue&&"radio"===t&&A(e,"input")){var n=e.value;return e.setAttribute("type",t),n&&(e.value=n),t}}}},removeAttr:function(e,t){var n,r=0,i=t&&t.match(R);if(i&&1===e.nodeType)while(n=i[r++])e.removeAttribute(n)}}),ht={set:function(e,t,n){return!1===t?k.removeAttr(e,n):e.setAttribute(n,n),n}},k.each(k.expr.match.bool.source.match(/\w+/g),function(e,t){var a=gt[t]||k.find.attr;gt[t]=function(e,t,n){var r,i,o=t.toLowerCase();return n||(i=gt[o],gt[o]=r,r=null!=a(e,t,n)?o:null,gt[o]=i),r}});var vt=/^(?:input|select|textarea|button)$/i,yt=/^(?:a|area)$/i;function mt(e){return(e.match(R)||[]).join(" ")}function xt(e){return e.getAttribute&&e.getAttribute("class")||""}function bt(e){return Array.isArray(e)?e:"string"==typeof e&&e.match(R)||[]}k.fn.extend({prop:function(e,t){return _(this,k.prop,e,t,1<arguments.length)},removeProp:function(e){return this.each(function(){delete this[k.propFix[e]||e]})}}),k.extend({prop:function(e,t,n){var r,i,o=e.nodeType;if(3!==o&&8!==o&&2!==o)return 1===o&&k.isXMLDoc(e)||(t=k.propFix[t]||t,i=k.propHooks[t]),void 0!==n?i&&"set"in i&&void 0!==(r=i.set(e,n,t))?r:e[t]=n:i&&"get"in i&&null!==(r=i.get(e,t))?r:e[t]},propHooks:{tabIndex:{get:function(e){var t=k.find.attr(e,"tabindex");return t?parseInt(t,10):vt.test(e.nodeName)||yt.test(e.nodeName)&&e.href?0:-1}}},propFix:{"for":"htmlFor","class":"className"}}),y.optSelected||(k.propHooks.selected={get:function(e){var t=e.parentNode;return t&&t.parentNode&&t.parentNode.selectedIndex,null},set:function(e){var t=e.parentNode;t&&(t.selectedIndex,t.parentNode&&t.parentNode.selectedIndex)}}),k.each(["tabIndex","readOnly","maxLength","cellSpacing","cellPadding","rowSpan","colSpan","useMap","frameBorder","contentEditable"],function(){k.propFix[this.toLowerCase()]=this}),k.fn.extend({addClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){k(this).addClass(t.call(this,e,xt(this)))});if((e=bt(t)).length)while(n=this[u++])if(i=xt(n),r=1===n.nodeType&&" "+mt(i)+" "){a=0;while(o=e[a++])r.indexOf(" "+o+" ")<0&&(r+=o+" ");i!==(s=mt(r))&&n.setAttribute("class",s)}return this},removeClass:function(t){var e,n,r,i,o,a,s,u=0;if(m(t))return this.each(function(e){k(this).removeClass(t.call(this,e,xt(this)))});if(!arguments.length)return this.attr("class","");if((e=bt(t)).length)while(n=this[u++])if(i=xt(n),r=1===n.nodeType&&" "+mt(i)+" "){a=0;while(o=e[a++])while(-1<r.indexOf(" "+o+" "))r=r.replace(" "+o+" "," ");i!==(s=mt(r))&&n.setAttribute("class",s)}return this},toggleClass:function(i,t){var o=typeof i,a="string"===o||Array.isArray(i);return"boolean"==typeof t&&a?t?this.addClass(i):this.removeClass(i):m(i)?this.each(function(e){k(this).toggleClass(i.call(this,e,xt(this),t),t)}):this.each(function(){var e,t,n,r;if(a){t=0,n=k(this),r=bt(i);while(e=r[t++])n.hasClass(e)?n.removeClass(e):n.addClass(e)}else void 0!==i&&"boolean"!==o||((e=xt(this))&&Q.set(this,"__className__",e),this.setAttribute&&this.setAttribute("class",e||!1===i?"":Q.get(this,"__className__")||""))})},hasClass:function(e){var t,n,r=0;t=" "+e+" ";while(n=this[r++])if(1===n.nodeType&&-1<(" "+mt(xt(n))+" ").indexOf(t))return!0;return!1}});var wt=/\r/g;k.fn.extend({val:function(n){var r,e,i,t=this[0];return arguments.length?(i=m(n),this.each(function(e){var t;1===this.nodeType&&(null==(t=i?n.call(this,e,k(this).val()):n)?t="":"number"==typeof t?t+="":Array.isArray(t)&&(t=k.map(t,function(e){return null==e?"":e+""})),(r=k.valHooks[this.type]||k.valHooks[this.nodeName.toLowerCase()])&&"set"in r&&void 0!==r.set(this,t,"value")||(this.value=t))})):t?(r=k.valHooks[t.type]||k.valHooks[t.nodeName.toLowerCase()])&&"get"in r&&void 0!==(e=r.get(t,"value"))?e:"string"==typeof(e=t.value)?e.replace(wt,""):null==e?"":e:void 0}}),k.extend({valHooks:{option:{get:function(e){var t=k.find.attr(e,"value");return null!=t?t:mt(k.text(e))}},select:{get:function(e){var t,n,r,i=e.options,o=e.selectedIndex,a="select-one"===e.type,s=a?null:[],u=a?o+1:i.length;for(r=o<0?u:a?o:0;r<u;r++)if(((n=i[r]).selected||r===o)&&!n.disabled&&(!n.parentNode.disabled||!A(n.parentNode,"optgroup"))){if(t=k(n).val(),a)return t;s.push(t)}return s},set:function(e,t){var n,r,i=e.options,o=k.makeArray(t),a=i.length;while(a--)((r=i[a]).selected=-1<k.inArray(k.valHooks.option.get(r),o))&&(n=!0);return n||(e.selectedIndex=-1),o}}}}),k.each(["radio","checkbox"],function(){k.valHooks[this]={set:function(e,t){if(Array.isArray(t))return e.checked=-1<k.inArray(k(e).val(),t)}},y.checkOn||(k.valHooks[this].get=function(e){return null===e.getAttribute("value")?"on":e.value})}),y.focusin="onfocusin"in C;var Tt=/^(?:focusinfocus|focusoutblur)$/,Ct=function(e){e.stopPropagation()};k.extend(k.event,{trigger:function(e,t,n,r){var i,o,a,s,u,l,c,f,p=[n||E],d=v.call(e,"type")?e.type:e,h=v.call(e,"namespace")?e.namespace.split("."):[];if(o=f=a=n=n||E,3!==n.nodeType&&8!==n.nodeType&&!Tt.test(d+k.event.triggered)&&(-1<d.indexOf(".")&&(d=(h=d.split(".")).shift(),h.sort()),u=d.indexOf(":")<0&&"on"+d,(e=e[k.expando]?e:new k.Event(d,"object"==typeof e&&e)).isTrigger=r?2:3,e.namespace=h.join("."),e.rnamespace=e.namespace?new RegExp("(^|\\.)"+h.join("\\.(?:.*\\.|)")+"(\\.|$)"):null,e.result=void 0,e.target||(e.target=n),t=null==t?[e]:k.makeArray(t,[e]),c=k.event.special[d]||{},r||!c.trigger||!1!==c.trigger.apply(n,t))){if(!r&&!c.noBubble&&!x(n)){for(s=c.delegateType||d,Tt.test(s+d)||(o=o.parentNode);o;o=o.parentNode)p.push(o),a=o;a===(n.ownerDocument||E)&&p.push(a.defaultView||a.parentWindow||C)}i=0;while((o=p[i++])&&!e.isPropagationStopped())f=o,e.type=1<i?s:c.bindType||d,(l=(Q.get(o,"events")||{})[e.type]&&Q.get(o,"handle"))&&l.apply(o,t),(l=u&&o[u])&&l.apply&&G(o)&&(e.result=l.apply(o,t),!1===e.result&&e.preventDefault());return e.type=d,r||e.isDefaultPrevented()||c._default&&!1!==c._default.apply(p.pop(),t)||!G(n)||u&&m(n[d])&&!x(n)&&((a=n[u])&&(n[u]=null),k.event.triggered=d,e.isPropagationStopped()&&f.addEventListener(d,Ct),n[d](),e.isPropagationStopped()&&f.removeEventListener(d,Ct),k.event.triggered=void 0,a&&(n[u]=a)),e.result}},simulate:function(e,t,n){var r=k.extend(new k.Event,n,{type:e,isSimulated:!0});k.event.trigger(r,null,t)}}),k.fn.extend({trigger:function(e,t){return this.each(function(){k.event.trigger(e,t,this)})},triggerHandler:function(e,t){var n=this[0];if(n)return k.event.trigger(e,t,n,!0)}}),y.focusin||k.each({focus:"focusin",blur:"focusout"},function(n,r){var i=function(e){k.event.simulate(r,e.target,k.event.fix(e))};k.event.special[r]={setup:function(){var e=this.ownerDocument||this,t=Q.access(e,r);t||e.addEventListener(n,i,!0),Q.access(e,r,(t||0)+1)},teardown:function(){var e=this.ownerDocument||this,t=Q.access(e,r)-1;t?Q.access(e,r,t):(e.removeEventListener(n,i,!0),Q.remove(e,r))}}});var Et=C.location,kt=Date.now(),St=/\?/;k.parseXML=function(e){var t;if(!e||"string"!=typeof e)return null;try{t=(new C.DOMParser).parseFromString(e,"text/xml")}catch(e){t=void 0}return t&&!t.getElementsByTagName("parsererror").length||k.error("Invalid XML: "+e),t};var Nt=/\[\]$/,At=/\r?\n/g,Dt=/^(?:submit|button|image|reset|file)$/i,jt=/^(?:input|select|textarea|keygen)/i;function qt(n,e,r,i){var t;if(Array.isArray(e))k.each(e,function(e,t){r||Nt.test(n)?i(n,t):qt(n+"["+("object"==typeof t&&null!=t?e:"")+"]",t,r,i)});else if(r||"object"!==w(e))i(n,e);else for(t in e)qt(n+"["+t+"]",e[t],r,i)}k.param=function(e,t){var n,r=[],i=function(e,t){var n=m(t)?t():t;r[r.length]=encodeURIComponent(e)+"="+encodeURIComponent(null==n?"":n)};if(null==e)return"";if(Array.isArray(e)||e.jquery&&!k.isPlainObject(e))k.each(e,function(){i(this.name,this.value)});else for(n in e)qt(n,e[n],t,i);return r.join("&")},k.fn.extend({serialize:function(){return k.param(this.serializeArray())},serializeArray:function(){return this.map(function(){var e=k.prop(this,"elements");return e?k.makeArray(e):this}).filter(function(){var e=this.type;return this.name&&!k(this).is(":disabled")&&jt.test(this.nodeName)&&!Dt.test(e)&&(this.checked||!pe.test(e))}).map(function(e,t){var n=k(this).val();return null==n?null:Array.isArray(n)?k.map(n,function(e){return{name:t.name,value:e.replace(At,"\r\n")}}):{name:t.name,value:n.replace(At,"\r\n")}}).get()}});var Lt=/%20/g,Ht=/#.*$/,Ot=/([?&])_=[^&]*/,Pt=/^(.*?):[ \t]*([^\r\n]*)$/gm,Rt=/^(?:GET|HEAD)$/,Mt=/^\/\//,It={},Wt={},$t="*/".concat("*"),Ft=E.createElement("a");function Bt(o){return function(e,t){"string"!=typeof e&&(t=e,e="*");var n,r=0,i=e.toLowerCase().match(R)||[];if(m(t))while(n=i[r++])"+"===n[0]?(n=n.slice(1)||"*",(o[n]=o[n]||[]).unshift(t)):(o[n]=o[n]||[]).push(t)}}function _t(t,i,o,a){var s={},u=t===Wt;function l(e){var r;return s[e]=!0,k.each(t[e]||[],function(e,t){var n=t(i,o,a);return"string"!=typeof n||u||s[n]?u?!(r=n):void 0:(i.dataTypes.unshift(n),l(n),!1)}),r}return l(i.dataTypes[0])||!s["*"]&&l("*")}function zt(e,t){var n,r,i=k.ajaxSettings.flatOptions||{};for(n in t)void 0!==t[n]&&((i[n]?e:r||(r={}))[n]=t[n]);return r&&k.extend(!0,e,r),e}Ft.href=Et.href,k.extend({active:0,lastModified:{},etag:{},ajaxSettings:{url:Et.href,type:"GET",isLocal:/^(?:about|app|app-storage|.+-extension|file|res|widget):$/.test(Et.protocol),global:!0,processData:!0,async:!0,contentType:"application/x-www-form-urlencoded; charset=UTF-8",accepts:{"*":$t,text:"text/plain",html:"text/html",xml:"application/xml, text/xml",json:"application/json, text/javascript"},contents:{xml:/\bxml\b/,html:/\bhtml/,json:/\bjson\b/},responseFields:{xml:"responseXML",text:"responseText",json:"responseJSON"},converters:{"* text":String,"text html":!0,"text json":JSON.parse,"text xml":k.parseXML},flatOptions:{url:!0,context:!0}},ajaxSetup:function(e,t){return t?zt(zt(e,k.ajaxSettings),t):zt(k.ajaxSettings,e)},ajaxPrefilter:Bt(It),ajaxTransport:Bt(Wt),ajax:function(e,t){"object"==typeof e&&(t=e,e=void 0),t=t||{};var c,f,p,n,d,r,h,g,i,o,v=k.ajaxSetup({},t),y=v.context||v,m=v.context&&(y.nodeType||y.jquery)?k(y):k.event,x=k.Deferred(),b=k.Callbacks("once memory"),w=v.statusCode||{},a={},s={},u="canceled",T={readyState:0,getResponseHeader:function(e){var t;if(h){if(!n){n={};while(t=Pt.exec(p))n[t[1].toLowerCase()+" "]=(n[t[1].toLowerCase()+" "]||[]).concat(t[2])}t=n[e.toLowerCase()+" "]}return null==t?null:t.join(", ")},getAllResponseHeaders:function(){return h?p:null},setRequestHeader:function(e,t){return null==h&&(e=s[e.toLowerCase()]=s[e.toLowerCase()]||e,a[e]=t),this},overrideMimeType:function(e){return null==h&&(v.mimeType=e),this},statusCode:function(e){var t;if(e)if(h)T.always(e[T.status]);else for(t in e)w[t]=[w[t],e[t]];return this},abort:function(e){var t=e||u;return c&&c.abort(t),l(0,t),this}};if(x.promise(T),v.url=((e||v.url||Et.href)+"").replace(Mt,Et.protocol+"//"),v.type=t.method||t.type||v.method||v.type,v.dataTypes=(v.dataType||"*").toLowerCase().match(R)||[""],null==v.crossDomain){r=E.createElement("a");try{r.href=v.url,r.href=r.href,v.crossDomain=Ft.protocol+"//"+Ft.host!=r.protocol+"//"+r.host}catch(e){v.crossDomain=!0}}if(v.data&&v.processData&&"string"!=typeof v.data&&(v.data=k.param(v.data,v.traditional)),_t(It,v,t,T),h)return T;for(i in(g=k.event&&v.global)&&0==k.active++&&k.event.trigger("ajaxStart"),v.type=v.type.toUpperCase(),v.hasContent=!Rt.test(v.type),f=v.url.replace(Ht,""),v.hasContent?v.data&&v.processData&&0===(v.contentType||"").indexOf("application/x-www-form-urlencoded")&&(v.data=v.data.replace(Lt,"+")):(o=v.url.slice(f.length),v.data&&(v.processData||"string"==typeof v.data)&&(f+=(St.test(f)?"&":"?")+v.data,delete v.data),!1===v.cache&&(f=f.replace(Ot,"$1"),o=(St.test(f)?"&":"?")+"_="+kt+++o),v.url=f+o),v.ifModified&&(k.lastModified[f]&&T.setRequestHeader("If-Modified-Since",k.lastModified[f]),k.etag[f]&&T.setRequestHeader("If-None-Match",k.etag[f])),(v.data&&v.hasContent&&!1!==v.contentType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+$t+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=_t(Wt,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.timeout&&(d=C.setTimeout(function(){T.abort("timeout")},v.timeout));try{h=!1,c.send(a,l)}catch(e){if(h)throw e;l(-1,e)}}else l(-1,"No Transport");function l(e,t,n,r){var i,o,a,s,u,l=t;h||(h=!0,d&&C.clearTimeout(d),c=void 0,p=r||"",T.readyState=0<e?4:0,i=200<=e&&e<300||304===e,n&&(s=function(e,t,n){var r,i,o,a,s=e.contents,u=e.dataTypes;while("*"===u[0])u.shift(),void 0===r&&(r=e.mimeType||t.getResponseHeader("Content-Type"));if(r)for(i in s)if(s[i]&&s[i].test(r)){u.unshift(i);break}if(u[0]in n)o=u[0];else{for(i in n){if(!u[0]||e.converters[i+" "+u[0]]){o=i;break}a||(a=i)}o=o||a}if(o)return o!==u[0]&&u.unshift(o),n[o]}(v,T,n)),s=function(e,t,n,r){var i,o,a,s,u,l={},c=e.dataTypes.slice();if(c[1])for(a in e.converters)l[a.toLowerCase()]=e.converters[a];o=c.shift();while(o)if(e.responseFields[o]&&(n[e.responseFields[o]]=t),!u&&r&&e.dataFilter&&(t=e.dataFilter(t,e.dataType)),u=o,o=c.shift())if("*"===o)o=u;else if("*"!==u&&u!==o){if(!(a=l[u+" "+o]||l["* "+o]))for(i in l)if((s=i.split(" "))[1]===o&&(a=l[u+" "+s[0]]||l["* "+s[0]])){!0===a?a=l[i]:!0!==l[i]&&(o=s[0],c.unshift(s[1]));break}if(!0!==a)if(a&&e["throws"])t=a(t);else try{t=a(t)}catch(e){return{state:"parsererror",error:a?e:"No conversion from "+u+" to "+o}}}return{state:"success",data:t}}(v,s,T,i),i?(v.ifModified&&((u=T.getResponseHeader("Last-Modified"))&&(k.lastModified[f]=u),(u=T.getResponseHeader("etag"))&&(k.etag[f]=u)),204===e||"HEAD"===v.type?l="nocontent":304===e?l="notmodified":(l=s.state,o=s.data,i=!(a=s.error))):(a=l,!e&&l||(l="error",e<0&&(e=0))),T.status=e,T.statusText=(t||l)+"",i?x.resolveWith(y,[o,l,T]):x.rejectWith(y,[T,l,a]),T.statusCode(w),w=void 0,g&&m.trigger(i?"ajaxSuccess":"ajaxError",[T,v,i?o:a]),b.fireWith(y,[T,l]),g&&(m.trigger("ajaxComplete",[T,v]),--k.active||k.event.trigger("ajaxStop")))}return T},getJSON:function(e,t,n){return k.get(e,t,n,"json")},getScript:function(e,t){return k.get(e,void 0,t,"script")}}),k.each(["get","post"],function(e,i){k[i]=function(e,t,n,r){return m(t)&&(r=r||n,n=t,t=void 0),k.ajax(k.extend({url:e,type:i,dataType:r,data:t,success:n},k.isPlainObject(e)&&e))}}),k._evalUrl=function(e,t){return k.ajax({url:e,type:"GET",dataType:"script",cache:!0,async:!1,global:!1,converters:{"text script":function(){}},dataFilter:function(e){k.globalEval(e,t)}})},k.fn.extend({wrapAll:function(e){var t;return this[0]&&(m(e)&&(e=e.call(this[0])),t=k(e,this[0].ownerDocument).eq(0).clone(!0),this[0].parentNode&&t.insertBefore(this[0]),t.map(function(){var e=this;while(e.firstElementChild)e=e.firstElementChild;return e}).append(this)),this},wrapInner:function(n){return m(n)?this.each(function(e){k(this).wrapInner(n.call(this,e))}):this.each(function(){var e=k(this),t=e.contents();t.length?t.wrapAll(n):e.append(n)})},wrap:function(t){var n=m(t);return this.each(function(e){k(this).wrapAll(n?t.call(this,e):t)})},unwrap:function(e){return this.parent(e).not("body").each(function(){k(this).replaceWith(this.childNodes)}),this}}),k.expr.pseudos.hidden=function(e){return!k.expr.pseudos.visible(e)},k.expr.pseudos.visible=function(e){return!!(e.offsetWidth||e.offsetHeight||e.getClientRects().length)},k.ajaxSettings.xhr=function(){try{return new C.XMLHttpRequest}catch(e){}};var Ut={0:200,1223:204},Xt=k.ajaxSettings.xhr();y.cors=!!Xt&&"withCredentials"in Xt,y.ajax=Xt=!!Xt,k.ajaxTransport(function(i){var o,a;if(y.cors||Xt&&!i.crossDomain)return{send:function(e,t){var n,r=i.xhr();if(r.open(i.type,i.url,i.async,i.username,i.password),i.xhrFields)for(n in i.xhrFields)r[n]=i.xhrFields[n];for(n in i.mimeType&&r.overrideMimeType&&r.overrideMimeType(i.mimeType),i.crossDomain||e["X-Requested-With"]||(e["X-Requested-With"]="XMLHttpRequest"),e)r.setRequestHeader(n,e[n]);o=function(e){return function(){o&&(o=a=r.onload=r.onerror=r.onabort=r.ontimeout=r.onreadystatechange=null,"abort"===e?r.abort():"error"===e?"number"!=typeof r.status?t(0,"error"):t(r.status,r.statusText):t(Ut[r.status]||r.status,r.statusText,"text"!==(r.responseType||"text")||"string"!=typeof r.responseText?{binary:r.response}:{text:r.responseText},r.getAllResponseHeaders()))}},r.onload=o(),a=r.onerror=r.ontimeout=o("error"),void 0!==r.onabort?r.onabort=a:r.onreadystatechange=function(){4===r.readyState&&C.setTimeout(function(){o&&a()})},o=o("abort");try{r.send(i.hasContent&&i.data||null)}catch(e){if(o)throw e}},abort:function(){o&&o()}}}),k.ajaxPrefilter(function(e){e.crossDomain&&(e.contents.script=!1)}),k.ajaxSetup({accepts:{script:"text/javascript, application/javascript, application/ecmascript, application/x-ecmascript"},contents:{script:/\b(?:java|ecma)script\b/},converters:{"text script":function(e){return k.globalEval(e),e}}}),k.ajaxPrefilter("script",function(e){void 0===e.cache&&(e.cache=!1),e.crossDomain&&(e.type="GET")}),k.ajaxTransport("script",function(n){var r,i;if(n.crossDomain||n.scriptAttrs)return{send:function(e,t){r=k("<script>").attr(n.scriptAttrs||{}).prop({charset:n.scriptCharset,src:n.url}).on("load error",i=function(e){r.remove(),i=null,e&&t("error"===e.type?404:200,e.type)}),E.head.appendChild(r[0])},abort:function(){i&&i()}}});var Vt,Gt=[],Yt=/(=)\?(?=&|$)|\?\?/;k.ajaxSetup({jsonp:"callback",jsonpCallback:function(){var e=Gt.pop()||k.expando+"_"+kt++;return this[e]=!0,e}}),k.ajaxPrefilter("json jsonp",function(e,t,n){var r,i,o,a=!1!==e.jsonp&&(Yt.test(e.url)?"url":"string"==typeof e.data&&0===(e.contentType||"").indexOf("application/x-www-form-urlencoded")&&Yt.test(e.data)&&"data");if(a||"jsonp"===e.dataTypes[0])return r=e.jsonpCallback=m(e.jsonpCallback)?e.jsonpCallback():e.jsonpCallback,a?e[a]=e[a].replace(Yt,"$1"+r):!1!==e.jsonp&&(e.url+=(St.test(e.url)?"&":"?")+e.jsonp+"="+r),e.converters["script json"]=function(){return o||k.error(r+" was not called"),o[0]},e.dataTypes[0]="json",i=C[r],C[r]=function(){o=arguments},n.always(function(){void 0===i?k(C).removeProp(r):C[r]=i,e[r]&&(e.jsonpCallback=t.jsonpCallback,Gt.push(r)),o&&m(i)&&i(o[0]),o=i=void 0}),"script"}),y.createHTMLDocument=((Vt=E.implementation.createHTMLDocument("").body).innerHTML="<form></form><form></form>",2===Vt.childNodes.length),k.parseHTML=function(e,t,n){return"string"!=typeof e?[]:("boolean"==typeof t&&(n=t,t=!1),t||(y.createHTMLDocument?((r=(t=E.implementation.createHTMLDocument("")).createElement("base")).href=E.location.href,t.head.appendChild(r)):t=E),o=!n&&[],(i=D.exec(e))?[t.createElement(i[1])]:(i=we([e],t,o),o&&o.length&&k(o).remove(),k.merge([],i.childNodes)));var r,i,o},k.fn.load=function(e,t,n){var r,i,o,a=this,s=e.indexOf(" ");return-1<s&&(r=mt(e.slice(s)),e=e.slice(0,s)),m(t)?(n=t,t=void 0):t&&"object"==typeof t&&(i="POST"),0<a.length&&k.ajax({url:e,type:i||"GET",dataType:"html",data:t}).done(function(e){o=arguments,a.html(r?k("<div>").append(k.parseHTML(e)).find(r):e)}).always(n&&function(e,t){a.each(function(){n.apply(this,o||[e.responseText,t,e])})}),this},k.each(["ajaxStart","ajaxStop","ajaxComplete","ajaxError","ajaxSuccess","ajaxSend"],function(e,t){k.fn[t]=function(e){return this.on(t,e)}}),k.expr.pseudos.animated=function(t){return k.grep(k.timers,function(e){return t===e.elem}).length},k.offset={setOffset:function(e,t,n){var r,i,o,a,s,u,l=k.css(e,"position"),c=k(e),f={};"static"===l&&(e.style.position="relative"),s=c.offset(),o=k.css(e,"top"),u=k.css(e,"left"),("absolute"===l||"fixed"===l)&&-1<(o+u).indexOf("auto")?(a=(r=c.position()).top,i=r.left):(a=parseFloat(o)||0,i=parseFloat(u)||0),m(t)&&(t=t.call(e,n,k.extend({},s))),null!=t.top&&(f.top=t.top-s.top+a),null!=t.left&&(f.left=t.left-s.left+i),"using"in t?t.using.call(e,f):c.css(f)}},k.fn.extend({offset:function(t){if(arguments.length)return void 0===t?this:this.each(function(e){k.offset.setOffset(this,t,e)});var e,n,r=this[0];return r?r.getClientRects().length?(e=r.getBoundingClientRect(),n=r.ownerDocument.defaultView,{top:e.top+n.pageYOffset,left:e.left+n.pageXOffset}):{top:0,left:0}:void 0},position:function(){if(this[0]){var e,t,n,r=this[0],i={top:0,left:0};if("fixed"===k.css(r,"position"))t=r.getBoundingClientRect();else{t=this.offset(),n=r.ownerDocument,e=r.offsetParent||n.documentElement;while(e&&(e===n.body||e===n.documentElement)&&"static"===k.css(e,"position"))e=e.parentNode;e&&e!==r&&1===e.nodeType&&((i=k(e).offset()).top+=k.css(e,"borderTopWidth",!0),i.left+=k.css(e,"borderLeftWidth",!0))}return{top:t.top-i.top-k.css(r,"marginTop",!0),left:t.left-i.left-k.css(r,"marginLeft",!0)}}},offsetParent:function(){return this.map(function(){var e=this.offsetParent;while(e&&"static"===k.css(e,"position"))e=e.offsetParent;return e||ie})}}),k.each({scrollLeft:"pageXOffset",scrollTop:"pageYOffset"},function(t,i){var o="pageYOffset"===i;k.fn[t]=function(e){return _(this,function(e,t,n){var r;if(x(e)?r=e:9===e.nodeType&&(r=e.defaultView),void 0===n)return r?r[i]:e[t];r?r.scrollTo(o?r.pageXOffset:n,o?n:r.pageYOffset):e[t]=n},t,e,arguments.length)}}),k.each(["top","left"],function(e,n){k.cssHooks[n]=ze(y.pixelPosition,function(e,t){if(t)return t=_e(e,n),$e.test(t)?k(e).position()[n]+"px":t})}),k.each({Height:"height",Width:"width"},function(a,s){k.each({padding:"inner"+a,content:s,"":"outer"+a},function(r,o){k.fn[o]=function(e,t){var n=arguments.length&&(r||"boolean"!=typeof e),i=r||(!0===e||!0===t?"margin":"border");return _(this,function(e,t,n){var r;return x(e)?0===o.indexOf("outer")?e["inner"+a]:e.document.documentElement["client"+a]:9===e.nodeType?(r=e.documentElement,Math.max(e.body["scroll"+a],r["scroll"+a],e.body["offset"+a],r["offset"+a],r["client"+a])):void 0===n?k.css(e,t,i):k.style(e,t,n,i)},s,n?e:void 0,n)}})}),k.each("blur focus focusin focusout resize scroll click dblclick mousedown mouseup mousemove mouseover mouseout mouseenter mouseleave change select submit keydown keypress keyup contextmenu".split(" "),function(e,n){k.fn[n]=function(e,t){return 0<arguments.length?this.on(n,null,e,t):this.trigger(n)}}),k.fn.extend({hover:function(e,t){return this.mouseenter(e).mouseleave(t||e)}}),k.fn.extend({bind:function(e,t,n){return this.on(e,null,t,n)},unbind:function(e,t){return this.off(e,null,t)},delegate:function(e,t,n,r){return this.on(t,e,n,r)},undelegate:function(e,t,n){return 1===arguments.length?this.off(e,"**"):this.off(t,e||"**",n)}}),k.proxy=function(e,t){var n,r,i;if("string"==typeof t&&(n=e[t],t=e,e=n),m(e))return r=s.call(arguments,2),(i=function(){return e.apply(t||this,r.concat(s.call(arguments)))}).guid=e.guid=e.guid||k.guid++,i},k.holdReady=function(e){e?k.readyWait++:k.ready(!0)},k.isArray=Array.isArray,k.parseJSON=JSON.parse,k.nodeName=A,k.isFunction=m,k.isWindow=x,k.camelCase=V,k.type=w,k.now=Date.now,k.isNumeric=function(e){var t=k.type(e);return("number"===t||"string"===t)&&!isNaN(e-parseFloat(e))},"function"==typeof define&&define.amd&&define("jquery",[],function(){return k});var Qt=C.jQuery,Jt=C.$;return k.noConflict=function(e){return C.$===k&&(C.$=Jt),e&&C.jQuery===k&&(C.jQuery=Qt),k},e||(C.jQuery=C.$=k),k});
        </script>
        <script type="text/javascript">
            /*! jQuery Stupid Table Plugin by Joseph McCullough | https://github.com/joequery/Stupid-Table-Plugin/blob/master/LICENSE */
            (function(e){e.fn.stupidtable=function(j){return this.each(function(){var d=e(this);j=j||{};j=e.extend({},{"int":function(b,a){return parseInt(b,10)-parseInt(a,10)},"float":function(b,a){return parseFloat(b)-parseFloat(a)},string:function(b,a){return b<a?-1:b>a?1:0},"string-ins":function(b,a){b=b.toLowerCase();a=a.toLowerCase();return b<a?-1:b>a?1:0}},j);d.on("click","th",function(){var b=d.children("tbody").children("tr"),a=e(this),k=0,n=e.fn.stupidtable.dir;d.find("th").slice(0,a.index()).each(function(){var a=e(this).attr("colspan")||1;k+=parseInt(a,10)});var m=a.data("sort-dir")===n.ASC?n.DESC:n.ASC,p=m==n.DESC?a.data("sort-desc")||a.data("sort")||null:a.data("sort")||null;null!==p&&(d.trigger("beforetablesort",{column:k,direction:m}),d.css("display"),setTimeout(function(){var l=[],c=j[p];b.each(function(a,b){var c=e(b).children().eq(k),d=c.data("sort-value"),c="undefined"!==typeof d?d:c.text();l.push(c)});var f=[],g=0;if(a.data("sort-dir")&&!a.data("sort-desc"))for(c=l.length-1;0<=c;c--)f.push(c);else for(var h=l.slice(0).sort(c),c=0;c<l.length;c++){for(g=e.inArray(l[c],h);-1!=e.inArray(g,f);)g++;f.push(g)}d.find("th").data("sort-dir",null).removeClass("sorting-desc sorting-asc");a.data("sort-dir",m).addClass("sorting-"+m);g=b.slice(0);for(h=c=0;h<f.length;h++)c=f[h],g[c]=b[h];f=e(g);d.children("tbody").append(f);d.trigger("aftertablesort",{column:k,direction:m});d.css("display")},10))})})};e.fn.stupidtable.dir={ASC:"asc",DESC:"desc"}})(jQuery);
        </script>
        <script type="text/javascript">
            $(document).ready(function() {
                $(".expandable").click(function (event) {
                    e = event || window.event;
                    var h = e.target || e.srcElement;
                    var content = "#content" + h.id.substr(6);
                    var header = "#" + h.id;
                    $(content).slideToggle("fast");
                    var exprx = /expandable\b/;
                    if (exprx.exec($(header).attr("class"))) {
                        $(header).addClass("collapsed");
                        $(header).removeClass("expandable");
                    } else {
                        $(header).addClass("expandable");
                        $(header).removeClass("collapsed");
                    }
                    var essrx = /expandablesubsection/;
                    var cssrx = /collaspablesubsection/;
                    if (essrx.exec($(header).attr("class"))) {
                        $(header).addClass("collaspablesubsection");
                        $(header).removeClass("expandablesubsection");
                    } else if (cssrx.exec($(header).attr("class"))) {
                        $(header).addClass("expandablesubsection");
                        $(header).removeClass("collaspablesubsection");
                    }
                    return false;
                });
                var table = $("#summaryTable").stupidtable();
                table.bind('aftertablesort', function (event, data) {
                    var th = $(this).find('th');
                    th.find(".arrow").remove();
                    var arrow = data.direction === 'asc' ? '↑' : '↓';
                    th.eq(data.column).append('<span class="arrow">' + arrow +'</span>');
                });
            });

            $(function(){
                $('#modal-background, #modal-close').click(function () {
                    $('#modal-content,#modal-background').toggleClass('active');
                });
                $('#modal-text').bind('copy cut', function() {
                    setTimeout('$("#modal-content,#modal-background").toggleClass("active");',100);
                });
                $('#modal-text').keyup(function(e){
                    if(e.keyCode === 27) {
                        setTimeout('$("#modal-content,#modal-background").toggleClass("active");',100);
                    }
                });
                $('#modal-add-header').click(function () {
                    xml = '<?xml version="1.0" encoding="UTF-8"?>\n<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">\n   ';
                    xml += $("#modal-text").text().replace(/\n/g,'\n   ');
                    xml += '\n</suppressions>';
                    $('#modal-add-header').toggleClass('active');
                    $('#modal-text').text(xml).focus().select();
                });
            });
            function suppressSwitchTo(switchTo) {
                $('#modal-suppress-change-to-sha1').toggleClass('active');
                $('#modal-suppress-change-to-packageUrl').toggleClass('active');
                if (!$('#modal-add-header').hasClass('active')) {
                    $('#modal-add-header').toggleClass('active');
                }
                setCopyText($('#suppress-name').val(),
                            switchTo,
                            $('#suppress-'+switchTo).val(), 
                            $('#suppress-type').val(), 
                            $('#suppress-val').val());
            }
            function copyText(name, sha1, packageUrl, type, val) {
                $('#suppress-name').val(name);
                $('#suppress-type').val(type);
                $('#suppress-val').val(val);
                $('#suppress-sha1').val(sha1);
                $('#suppress-packageUrl').val(packageUrl);
                if (packageUrl=='') {
                    if ($('#modal-suppress-change-to-packageUrl').hasClass('active')) {
                        $('#modal-suppress-change-to-packageUrl').toggleClass('active');
                    }
                    if ($('#modal-suppress-change-to-sha1').hasClass('active')) {
                        $('#modal-suppress-change-to-sha1').toggleClass('active');
                    }
                    setCopyText(name, 'sha1', sha1, type, val);
                } else {
                    if ($('#modal-suppress-change-to-packageUrl').hasClass('active')) {
                        $('#modal-suppress-change-to-packageUrl').toggleClass('active');
                    }
                    if (!$('#modal-suppress-change-to-sha1').hasClass('active')) {
                        $('#modal-suppress-change-to-sha1').toggleClass('active');
                    }
                    setCopyText(name, 'packageUrl', packageUrl, type, val);
                }
            }
            function escapeRegExp(text) {
              return text.replace(/[-[\]{}()*+?.,\\^$|#\s]/g, '\\$&');
            }
            function setCopyText(name, matchType, matchValue, suppressType, suppressVal) {
                xml =  '<suppress>\n';
                xml += '   <notes><!'+'[CDATA[\n   file name: ' + name + '\n   ]]'+'></notes>\n';
                if (matchType=='packageUrl') {
                    v = matchValue.match(/^[^@]+/);
                    if (v && v[0]) {
                        xml += '   <'+matchType+' regex="true">^' + escapeRegExp(v[0]) + '@.*$</'+matchType+'>\n';
                    } else {
                        xml += '   <'+matchType+'>' + matchValue + '</'+matchType+'>\n';
                    }
                } else {
                    xml += '   <'+matchType+'>' + matchValue + '</'+matchType+'>\n';
                }
                if (suppressType=='cpe') {
                    v = suppressVal.match(/^cpe:\/a:[^:]+:[^:]+/);
                    if (v && v[0]) {
                        xml += '   <'+suppressType+'>' + v[0] + '</'+suppressType+'>\n';
                    } else {
                        xml += '   <'+suppressType+'>' + suppressVal + '</'+suppressType+'>\n';
                    }
                } else {
                    xml += '   <'+suppressType+'>' + suppressVal + '</'+suppressType+'>\n';
                }
                xml += '</suppress>';
                $('#modal-text').text(xml);
                $('#modal-content,#modal-background,#modal-add-header').addClass('active');
                $('#modal-text').focus();
                $('#modal-text').select();
            }
            function toggleDisplay(el, clzName, all, some) {
                $(clzName).toggle();
                if (el.innerHTML == all) {
                    el.innerHTML = some;
                } else {
                    el.innerHTML = all;
                }
                return false;
            }

        $( document ).ready(function() {
          $( "#modal-suppress-change-to-packageUrl" ).bind( "click", function( event ) {
            suppressSwitchTo('packageUrl')
          });
          $( "#modal-suppress-change-to-sha1" ).bind( "click", function( event ) {
            suppressSwitchTo('sha1')
          });
          $( "#scanInformationToggle" ).bind( "click", function( event ) {
            return toggleDisplay(event.target, '.scaninfo', 'show all', 'show less');
          });
          $( "#vulnerabilityDisplayToggle" ).bind( "click", function( event ) {
            return toggleDisplay(event.target, '.notvulnerable', 'Showing Vulnerable Dependencies (click to show all)', 'Showing All Dependencies (click to show less)');
          });
          $( ".versionToggle" ).bind( "click", function( event ) {
            var lnk = event.target;
            return toggleDisplay(this,lnk.getAttribute('data-toggle'), 'show all', 'show less');
          });          

          $( ".copybutton" ).bind( "click", function( event ) {
            var btn = event.target;
            copyText(btn.getAttribute('data-display-name'),
                     btn.getAttribute('data-sha1'),
                     btn.getAttribute('data-pkgurl'),
                     btn.getAttribute('data-type-to-suppress'),
                     btn.getAttribute('data-id-to-suppress'));
          });
        });


        </script>
        <style type="text/css">
            #modal-background {
                display: none;
                position: fixed;
                top: 0;
                left: 0;
                width: 100%;
                height: 100%;
                background-color: white;
                opacity: .50;
                -webkit-opacity: .5;
                -moz-opacity: .5;
                filter: alpha(opacity=50);
                z-index: 1000;
            }

            #modal-content {
                background-color: white;
                border-radius: 10px;
                -webkit-border-radius: 10px;
                -moz-border-radius: 10px;
                box-shadow: 0 0 20px 0 #222;
                -webkit-box-shadow: 0 0 20px 0 #222;
                -moz-box-shadow: 0 0 20px 0 #222;
                display: none;
                height: 240px;
                left: 50%;
                margin: -120px 0 0 -160px;
                padding: 10px;
                position: fixed;
                top: 50%;
                z-index: 1000;
            }
            #modal-add-header {
                display: none;
            }
            #modal-add-header.active {
                display: block;
            }
            #modal-background.active, #modal-content.active {
                display: block;
            }
            #modal-text {
                border: 0;
                overflow: hidden
            }
            #modal-text:focus {
                outline: none;
            }
            .suppresstype {
                display: none;
            }
            .suppresstype.active {
                display: block;
            }  
            .suppressedLabel {
                cursor: default;
                padding:1px;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .copybutton {
                padding:1px;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .copybutton:hover {
                padding:1px;
                background-color: #dddddd;
                border: 1px solid #444444;
                color:#444444;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button {
                padding:1px;
                float:left;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button:hover {
                padding:1px;
                float:left;
                background-color: #dddddd;
                border: 1px solid #333333;
                color:#333333;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button-right {
                padding:1px;
                float:right;
                background-color: #eeeeee;
                border: 1px solid #555555;
                color:#555555;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .modal-button-right:hover {
                padding:1px;
                float:right;
                background-color: #dddddd;
                border: 1px solid #333333;
                color:#333333;
                text-decoration:none;
                -moz-border-radius: 3px;
                -webkit-border-radius: 3px;
                -khtml-border-radius: 3px;
                -o-border-radius: 3px;
                border-radius: 3px;
            }
            .rounded-corners {
                -moz-border-radius: 20px;
                -webkit-border-radius: 20px;
                -khtml-border-radius: 20px;
                -o-border-radius: 20px;
                border-radius: 20px;
            }
            .hidden {
                display: none;
            }
            .expandable {
                cursor: pointer;
                background-image: url(data:image/gif;base64,R0lGODlhDAAMAIABAICAgP///yH5BAEAAAEALAAAAAAMAAwAAAIcjI8Hy22Q1FNwhnpxhW3d2XFWJn2PNiZbyERuAQA7);
                background-repeat: no-repeat;
                background-position: 98% 50%;
            }
            .collapsed {
                cursor: pointer;
                background-image: url(data:image/gif;base64,R0lGODlhDAAMAIABAICAgP///yH5BAEAAAEALAAAAAAMAAwAAAIajI8Hy22Q1IszQHphW3ZuXUUZ1ZXi8zFkUgAAOw==);
                background-repeat: no-repeat;
                background-position: 98% 50%;
            }
            .expandablesubsection {
                -moz-border-radius-bottomleft:15px; /* bottom left corner */
                -webkit-border-bottom-left-radius:15px; /* bottom left corner */
                border-bottom-left-radius: 15px;
                border-bottom: 1px solid #cccccc;
            }
            .collaspablesubsection {
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                border-bottom-left-radius: 0px;
                border-bottom: 0px solid #ffffff;
            }
            .standardsubsection {
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                border-bottom-left-radius: 0px;
                border-bottom: 0px solid #ffffff;
            }
            .content {
                margin-top:0px;
                margin-left:20px;
                margin-right:20px;
                margin-bottom:20px;
                background: #ffffff;
                padding: 20px;
            }

            .sectionheader {
                background-color: #cccccc;
                margin-top: 20px;
                margin-right: 20px;
                margin-left: 20px;
                margin-bottom: 0px;
                padding-top: 10px;
                padding-bottom: 10px;
                padding-left:20px;
                padding-right:20px;
                border-top: 1px solid #ccc;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 0px;

                /*
                -moz-border-radius: 15px;
                -webkit-border-radius: 15px;
                -o-border-radius: 15px;
                border-radius: 15px;
                */

                /* firefox's individual border radius properties */
                -moz-border-radius-topleft:15px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomleft:0px; /* bottom left corner */
                -moz-border-radius-bottomright:0px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:15px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-left-radius:0px; /* bottom left corner */
                -webkit-border-bottom-right-radius:0px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 15px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 0px;
                border-bottom-left-radius: 0px;
            }
            .sectioncontent {
                margin-top:0px;
                margin-left:20px;
                margin-right:20px;
                margin-bottom:10px;
                background: #ffffff;

                padding-top: 10px;
                padding-bottom: 20px;
                padding-left:20px;
                padding-right:20px;

                border-top: 0px;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 1px solid #ccc;

                -moz-border-radius-topleft:0px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomright:15px; /* bottom right corner */
                -moz-border-radius-bottomleft:15px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:0px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-right-radius:15px; /* bottom right corner */
                -webkit-border-bottom-left-radius:15px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 0px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 15px;
                border-bottom-left-radius: 15px;
            }

            .subsectionheader {
                background-color: #cccccc;
                margin-top: 20px;
                margin-right: 20px;
                margin-left: 0px;
                margin-bottom: 0px;
                padding-top: 10px;
                padding-bottom: 10px;
                padding-left:20px;
                padding-right:20px;
                border-top: 1px solid #ccc;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;

                /* firefox's individual border radius properties */
                -moz-border-radius-topleft:15px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomright:0px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:15px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-right-radius:0px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 15px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 0px;
            }
            .subsectioncontent {
                margin-top:0px;
                margin-left:0px;
                margin-right:20px;
                margin-bottom:10px;
                background: #ffffff;
                padding-top: 10px;
                padding-left: 20px;
                padding-right: 20px;
                padding-bottom: 20px;
                border-top: 0px;
                border-right: 1px solid #ccc;
                border-left: 1px solid #ccc;
                border-bottom: 1px solid #ccc;

                -moz-border-radius-topleft:0px; /* top left corner */
                -moz-border-radius-topright:0px; /* top right corner */
                -moz-border-radius-bottomleft:15px; /* bottom left corner */
                -moz-border-radius-bottomright:15px; /* bottom right corner */

                /* webkit's individual border radius properties */
                -webkit-border-top-left-radius:0px; /* top left corner */
                -webkit-border-top-right-radius:0px; /* top right corner */
                -webkit-border-bottom-left-radius:15px; /* bottom left corner */
                -webkit-border-bottom-right-radius:15px; /* bottom right corner */
                /* ie9+ */
                border-top-left-radius: 0px;
                border-top-right-radius: 0px;
                border-bottom-right-radius: 15px;
                border-bottom-left-radius: 15px;

            }
            .white {
                background-color: #ffffff;
            }
            .red {
                background-color: #DF0101;
            }
            .left {
                text-align: left;
            }
            .indent {
                margin-left:20px;
            }
            td{
                vertical-align:text-top;
                padding:6px;
                margin:0px;
            }
            th {
                text-align:left
                vertical-align:text-top;
                padding:6px;
                margin:0px;
                border-bottom:1px;
                border-color: black;
            }
            table {
                border: 0px;
            }
            table.lined tr:nth-child(even) {
                background-color: #f3f3f3;
            }
            .fullwidth {
                width:100%;
            }
            body {
                font: 13px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            ul {
                margin-top:3px;
                margin-bottom:3px;
            }
            .vulnerable {
                color: #000;
            }
            .notvulnerable {
                display:none;
            }
            .hidden {
                display:none;
            }
            .infolink {
                text-decoration:none;
                color: blue;
                float:right;
            }
            .infolink:hover {
                text-decoration:none;
                color: blue;
                float:right;
            }
            .disclaimer {
                color: #888888;
                font: 9px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            .sortable {
                cursor:pointer;
            }
            .sortable:hover {
                text-decoration:underline;
            }
            pre {
                white-space: pre-wrap;
                font: 13px "Droid Sans",Arial,"Helvetica Neue","Lucida Grande",sans-serif
            }
            .underline {
                text-decoration: underline;
            }
        </style>
    </head>
    <body>
        <div id="modal-background"></div>
        <div id="modal-content">
            <div>Press CTR-C to copy XML&nbsp;<a href="http://jeremylong.github.io/DependencyCheck/general/suppression.html" class="infolink" target="_blank" title="Help with suppressing false positives">[help]</a></div>
                <button id="modal-suppress-change-to-packageUrl" class="modal-button suppresstype" title="Supress by Maven Group Artifact Version">Suppress By GAV</button>
                <button id="modal-suppress-change-to-sha1" class="modal-button suppresstype" title="Supress by SHA1 hash">Suppress By SHA1</button><br/>
                <input type="hidden" id="suppress-name"/>
                <input type="hidden" id="suppress-type"/><input type="hidden" id="suppress-val"/>
                <input type="hidden" id="suppress-sha1"/><input type="hidden" id="suppress-packageUrl"/>
                <textarea id="modal-text" cols="50" rows="10" readonly></textarea><br/>
                <button id="modal-add-header" title="Add the parent XML nodes to create the complete XML file that can be used to suppress this finding" class="modal-button">Complete XML Doc</button><button id="modal-close" class="modal-button-right">Close</button>
        </div>
        <div class="wrapper">
            <svg xmlns:svg="http://www.w3.org/2000/svg" xmlns="http://www.w3.org/2000/svg" version="1.1" x="0" y="0" width="459.5" height="150" viewBox="0 0 459.5 150" enable-background="new 0 0 595.28 841.89" xml:space="preserve"><g transform="translate(-79.10464,-172.551)"><path d="m246.1 274.3c-2.6 0-5.3-0.2-6.6-0.5-0.6-0.1-0.9-0.4-0.9-1.1l0-20.4c0-0.7 0.3-1 0.9-1.1 1.3-0.2 4-0.5 6.6-0.5 6.1 0 9.8 3.2 9.8 9.7l0 4c0 6.5-3.7 9.7-9.8 9.7zm4.6-13.7c0-4.2-1.8-5.3-4.6-5.3-0.8 0-1.8 0-2.2 0.1l0 14.4c0.4 0 1.4 0.1 2.2 0.1 2.8 0 4.6-1.1 4.6-5.3l0-4zM273 273.9 273 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM285.2 266c-0.7 0-1.7-0.1-2.5-0.1l0 7.5c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.2-0.6-0.6l0-20.7c0-1 0.4-1.3 1.4-1.5 1.6-0.2 4-0.4 6.3-0.4 4.7 0 9.2 1.6 9.2 7.4l0 0.3c0 5.8-4.6 7.5-9.2 7.5zm3.9-7.7c0-2.2-1.4-3-3.9-3-0.4 0-2.1 0.1-2.5 0.1l0 6.3c0.3 0 2.2 0.1 2.5 0.1 2.7 0 3.9-1 3.9-3.1l0-0.3zM311 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM332.4 274l-3 0c-0.6 0-1.1-0.1-1.6-1l-7-12.1c-0.1-0.2-0.2-0.2-0.3-0.2-0.1 0-0.2 0.1-0.2 0.2l0 12.5c0 0.3-0.3 0.6-0.6 0.6l-3.6 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.1c0-0.6 0.5-1.2 1.2-1.2l3.1 0c0.6 0 0.9 0.3 1.3 1l7.3 12.7c0.1 0.2 0.2 0.2 0.2 0.2 0.1 0 0.2-0.1 0.2-0.3l0-13c0-0.3 0.3-0.6 0.6-0.6l3.6 0c0.3 0 0.6 0.2 0.6 0.6l0 21.1c0 0.6-0.6 1.2-1.2 1.2zM345.4 274.3c-2.6 0-5.3-0.2-6.6-0.5-0.6-0.1-0.9-0.4-0.9-1.1l0-20.4c0-0.7 0.3-1 0.9-1.1 1.3-0.2 4-0.5 6.6-0.5 6.1 0 9.8 3.2 9.8 9.7l0 4c0 6.5-3.7 9.7-9.8 9.7zm4.6-13.7c0-4.2-1.8-5.3-4.6-5.3-0.8 0-1.8 0-2.2 0.1l0 14.4c0.4 0 1.4 0.1 2.2 0.1 2.8 0 4.6-1.1 4.6-5.3l0-4zM372.3 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM393.7 274l-3 0c-0.6 0-1.1-0.1-1.6-1l-7-12.1c-0.1-0.2-0.2-0.2-0.3-0.2-0.1 0-0.2 0.1-0.2 0.2l0 12.5c0 0.3-0.3 0.6-0.6 0.6l-3.6 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.1c0-0.6 0.5-1.2 1.2-1.2l3.1 0c0.6 0 0.9 0.3 1.3 1l7.3 12.7c0.1 0.2 0.2 0.2 0.2 0.2 0.1 0 0.2-0.1 0.2-0.3l0-13c0-0.3 0.3-0.6 0.6-0.6l3.6 0c0.3 0 0.6 0.2 0.6 0.6l0 21.1c0 0.6-0.6 1.2-1.2 1.2zM412.4 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM433.6 251.8l-4.7 10.7c-0.6 1.4-1.3 2.1-2 2.4l0 8.6c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-8.6c-0.7-0.3-1.4-1-2-2.4l-4.7-10.7c0-0.1 0-0.2 0-0.2 0-0.2 0.2-0.5 0.5-0.5l4.4 0c0.3 0 0.5 0.2 0.6 0.5l3.3 8.7c0.2 0.4 0.2 0.5 0.5 0.5 0.2 0 0.3-0.1 0.5-0.5l3.3-8.7c0.1-0.3 0.3-0.5 0.6-0.5l4.4 0c0.3 0 0.5 0.2 0.5 0.5 0 0.1 0 0.2 0 0.2zM442 266.5l-6 0c-0.3 0-0.6-0.2-0.6-0.6l0-2.5c0-0.3 0.3-0.6 0.6-0.6l6 0c0.3 0 0.6 0.2 0.6 0.6l0 2.5c0 0.3-0.3 0.6-0.6 0.6z" style="fill:#231f20;opacity:0.5"/><path d="m459 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM480.6 274l-4 0M480.6 274l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-8.9-7.6 0 0 8.9c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.7c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 8.2 7.6 0 0-8.2c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 21.7c0 0.3-0.3 0.6-0.6 0.6zM498.9 273.9c-1.1 0.2-2.6 0.4-6 0.4-4 0-7.5-1-7.5-6.6l0-10.2c0-5.6 3.5-6.6 7.5-6.6 3.3 0 4.9 0.2 5.9 0.4 0.4 0.1 0.6 0.2 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-6.3 0c-1.4 0-2 0.5-2 2.1l0 2.8 8 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.3-0.3 0.6-0.6 0.6l-8 0 0 3.3c0 1.6 0.5 2.1 2 2.1l6.3 0c0.3 0 0.6 0.3 0.6 0.6l0 2.9c0 0.4-0.2 0.6-0.6 0.6zM516.6 273.8c-0.6 0.2-2.4 0.5-4.6 0.5-4.7 0-9.1-2.5-9.1-9.8l0-3.9c0-7.3 4.4-9.8 9.1-9.8 2.2 0 3.9 0.3 4.6 0.5 0.4 0.1 0.7 0.2 0.7 0.7l0 3c0 0.4-0.2 0.6-0.6 0.6 0 0-0.1 0-0.1 0-1.2-0.1-2.9-0.2-4.6-0.2-2.1 0-3.8 1.1-3.8 5.2l0 3.9c0 4.1 1.7 5.2 3.8 5.2 1.7 0 3.4-0.2 4.6-0.2 0 0 0.1 0 0.1 0 0.4 0 0.6 0.2 0.6 0.6l0 3c0 0.4-0.2 0.6-0.7 0.7zM538.5 251.9l-7.3 10.4 7.4 11.1c0.1 0.1 0.1 0.2 0.1 0.3 0 0.2-0.2 0.3-0.4 0.3l-5.3 0c-0.4 0-0.5-0.2-0.7-0.4l-6.3-10.2 0 10c0 0.3-0.3 0.6-0.6 0.6l-4 0c-0.3 0-0.6-0.3-0.6-0.6l0-21.7c0-0.3 0.3-0.6 0.6-0.6l4 0c0.3 0 0.6 0.2 0.6 0.6l0 9.8 6.8-10c0.2-0.2 0.3-0.4 0.7-0.4l4.7 0c0.3 0 0.5 0.2 0.5 0.3 0 0.1-0.1 0.3-0.2 0.4z" fill="#f78d0a"/><path d="m151.6 187.1 0-14.6c-36.7 5.4-65.9 33.9-72.2 70.4l14.7 0C100 214.5 122.8 192.2 151.6 187.1Z" style="fill:#231f20;opacity:0.5"/><path d="m151.6 200.4 0-13.3c-28.7 5.1-51.6 27.3-57.5 55.8l13.3 0c5.5-21.2 22.6-37.8 44.2-42.5z" style="fill:#231f20;opacity:0.3"/><path d="m193 237-10.9 10.9c0.3 0.6 0.7 1.2 1 1.9 1 2.5 1.5 5.3 1.5 8.2l0 0.2c0 3-0.5 5.8-1.5 8.2-1 2.5-2.4 4.6-4.2 6.4-1.8 1.8-3.9 3.2-6.4 4.2-2.5 1-5.3 1.5-8.3 1.5l-11.5 0 0-1-14.4 14.4 25.9 0c5.3 0 10.1-0.9 14.6-2.6 4.4-1.7 8.2-4.1 11.4-7.2 3.2-3 5.7-6.6 7.4-10.7 1.7-4.1 2.6-8.6 2.6-13.3l0-0.2c0-4.8-0.9-9.2-2.6-13.3-1.2-2.7-2.7-5.2-4.5-7.5z" fill="#f78d0a"/><path d="m152.7 237.6 11.5 0c3 0 5.8 0.5 8.3 1.5 2.5 1 4.7 2.4 6.4 4.2 1.3 1.3 2.3 2.9 3.2 4.6l10.9-10.9c-0.9-1.1-1.8-2.2-2.9-3.2-3.2-3-7-5.4-11.4-7.1-4.4-1.7-9.3-2.6-14.6-2.6l-26.4 0 0 67.7 0.5 0 14.4-14.4 0-39.8z" style="fill:#f78d0a;opacity:0.7"/><path d="m179.5 187.7 0 13.4c11.9 3.2 22.3 10.1 29.9 19.4l9.2-9.3c-10-11.7-23.6-20.1-39.2-23.5z" style="fill:#231f20;opacity:0.3"/><path d="m179.5 173 0 14.7c15.5 3.4 29.2 11.8 39.2 23.5l10.2-10.2c-12.6-14.3-29.8-24.5-49.4-28zM93.7 270.9l-14.6 0M93.7 270.9l-14.6 0c3.1 20.5 13.6 38.6 28.5 51.7l10.2-10.2C105.5 301.9 96.8 287.4 93.7 270.9Z" fill="#f78d0a"/><path d="m107 270.9-13.3 0c3.1 16.5 11.8 31 24.1 41.5l9.2-9.3c-9.9-8.1-17.1-19.3-20-32.2z" style="fill:#231f20;opacity:0.3"/></g></svg>
<p class="disclaimer">Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.</p>
<h3><a href="http://jeremylong.github.io/DependencyCheck/general/thereport.html" target="_blank">How&nbsp;to&nbsp;read&nbsp;the&nbsp;report</a> | 
<a href="http://jeremylong.github.io/DependencyCheck/general/suppression.html" target="_blank">Suppressing false positives</a> |
Getting Help: <a href="https://github.com/jeremylong/DependencyCheck/issues" target="_blank">github issues</a></h3>
<h2 class="">Project:&nbsp;Struts 2</h2><h4>org.apache.struts:struts2-parent:2.6-SNAPSHOT</h4><div class="">Scan Information (<a href="#" title="Click to toggle display" id="scanInformationToggle">show all</a>):<br/><ul class="indent"><li><i>dependency-check version</i>: 5.3.2</li><li><i>Report Generated On</i>: Mon, 20 Apr 2020 20:09:57 +0200</li><li><i>Dependencies Scanned</i>:&nbsp;168 (106 unique)</li><li><i>Vulnerable Dependencies</i>:&nbsp;<span id="vulnerableCount">8</span></li><li><i>Vulnerabilities Found</i>:&nbsp;20</li><li><i>Vulnerabilities Suppressed</i>:&nbsp;10</li><li class="scaninfo">...</li><li class="scaninfo hidden"><i>NVD CVE Checked</i>: 2020-04-20T20:09:46</li><li class="scaninfo hidden"><i>NVD CVE Modified</i>: 2020-04-20T18:03:43</li><li class="scaninfo hidden"><i>VersionCheckOn</i>: 2020-04-19T10:27:56</li></ul><br/><h2>Summary</h2>Display:&nbsp;<a href="#" title="Click to toggle display" id="vulnerabilityDisplayToggle">Showing Vulnerable Dependencies (click to show all)</a><br/><br/><table id="summaryTable" class="lined"><thead><tr style="text-align:left"><th class="sortable" data-sort="string" title="The name of the dependency">Dependency</th><th class="sortable" data-sort="string" title="The Common Platform Enumeration">Vulnerability&nbsp;IDs</th><th class="sortable" data-sort="string" title="The Build Coordinates">Package</th><th class="sortable" data-sort="int"    title="The highest CVE Severity">Highest&nbsp;Severity</th><th class="sortable" data-sort="int"    title="The number of Common Vulnerability and Exposure (CVE) entries">CVE&nbsp;Count</th><th class="sortable" data-sort="string" title="The confidence rating dependency-check has for the identified CPE">Confidence</th><th class="sortable" data-sort="int"    title="The count of evidence collected to identify the CPE">Evidence&nbsp;Count</th></tr></thead><tr class="notvulnerable"><td data-sort-value="ANIMAL-SNIFFER-ANNOTATIONS-1.9.JAR"><a href="#l1_c29299253a087898aaff7f4eac57effa46b1910a">animal-sniffer-annotations-1.9.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.9"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.9" target="_blank">pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.9</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>25</td></tr><tr class="notvulnerable"><td data-sort-value="AOPALLIANCE-1.0.JAR"><a href="#l2_0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8">aopalliance-1.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/aopalliance/aopalliance@1.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/aopalliance/aopalliance@1.0" target="_blank">pkg:maven/aopalliance/aopalliance@1.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>19</td></tr><tr class="notvulnerable"><td data-sort-value="ASM-3.3.1.JAR"><a href="#l3_1d5f20b4ea675e6fab6ab79f1cd60ec268ddc015">asm-3.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/asm/asm@3.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/asm/asm@3.3.1" target="_blank">pkg:maven/asm/asm@3.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>17</td></tr><tr class="notvulnerable"><td data-sort-value="ASM-7.3.1.JAR"><a href="#l4_7ec32f922315924e82bf58b36ee1b673b2a9b820">asm-7.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.ow2.asm/asm@7.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm@7.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>36</td></tr><tr class="notvulnerable"><td data-sort-value="ASM-ANALYSIS-7.3.1.JAR"><a href="#l5_045dfd299ea0c17d534499c4f06417ceccfa2d02">asm-analysis-7.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.ow2.asm/asm-analysis@7.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm-analysis@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm-analysis@7.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>42</td></tr><tr class="notvulnerable"><td data-sort-value="ASM-COMMONS-7.3.1.JAR"><a href="#l6_daaa79ef260eb67404b9a52bc319a024c7f49cfe">asm-commons-7.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.ow2.asm/asm-commons@7.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm-commons@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm-commons@7.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="ASM-TREE-7.3.1.JAR"><a href="#l7_587ce54d243145b2e89598bfcea7823ded73be5d">asm-tree-7.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.ow2.asm/asm-tree@7.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm-tree@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm-tree@7.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="ASPECTJWEAVER-1.8.9.JAR"><a href="#l8_db28774f477f07220eac18d5ec9c4e01f48589d7">aspectjweaver-1.8.9.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.aspectj/aspectjweaver@1.8.9"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.aspectj/aspectjweaver@1.8.9" target="_blank">pkg:maven/org.aspectj/aspectjweaver@1.8.9</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>28</td></tr><tr class=" vulnerable"><td data-sort-value="BOOTSTRAP.MIN.JS"><a href="#l9_253711c6d825de55a8360552573be950da180614">bootstrap.min.js</a></td><td data-sort-value=""></td><td data-sort-value="pkg:javascript/bootstrap@3.3.4"><a href="https://ossindex.sonatype.org/component/pkg:javascript/bootstrap@3.3.4" target="_blank">pkg:javascript/bootstrap@3.3.4</a></td><td data-sort-value="61.0">MEDIUM</td><td>4</td><td data-sort-value="0"></td><td>3</td></tr><tr class="notvulnerable"><td data-sort-value="BSH-2.0B4.JAR"><a href="#l10_a05f0a0feefa8d8467ac80e16e7de071489f0d9c">bsh-2.0b4.jar</a></td><td data-sort-value="cpe:2.3:a:beanshell:beanshell:2.0.b4:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Abeanshell&amp;cpe_product=cpe%3A%2F%3Abeanshell%3Abeanshell&amp;cpe_version=cpe%3A%2F%3Abeanshell%3Abeanshell%3A2.0.b4" target="_blank">cpe:2.3:a:beanshell:beanshell:2.0.b4:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.beanshell/bsh@2.0b4"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.beanshell/bsh@2.0b4" target="_blank">pkg:maven/org.beanshell/bsh@2.0b4</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>23</td></tr><tr class="notvulnerable"><td data-sort-value="CGLIB-2.2.2.JAR"><a href="#l11_a47a971686474124562bdd4a7ccbd8ac8c3e8b11">cglib-2.2.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/cglib/cglib@2.2.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/cglib/cglib@2.2.2" target="_blank">pkg:maven/cglib/cglib@2.2.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>19</td></tr><tr class="notvulnerable"><td data-sort-value="CLASSMATE-1.3.4.JAR"><a href="#l12_03d5f48f10bbe4eb7bd862f10c0583be2e0053c6">classmate-1.3.4.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.fasterxml/classmate@1.3.4"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml/classmate@1.3.4" target="_blank">pkg:maven/com.fasterxml/classmate@1.3.4</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>47</td></tr><tr class="notvulnerable"><td data-sort-value="CLASSWORLDS-1.1.JAR"><a href="#l13_60c708f55deeb7c5dfce8a7886ef09cbc1388eca">classworlds-1.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/classworlds/classworlds@1.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/classworlds/classworlds@1.1" target="_blank">pkg:maven/classworlds/classworlds@1.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>27</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-BEANUTILS-1.9.4.JAR"><a href="#l14_d52b9abcd97f38c81342bb7e7ae1eee9b73cba51">commons-beanutils-1.9.4.jar</a></td><td data-sort-value="cpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Acommons_beanutils&amp;cpe_version=cpe%3A%2F%3Aapache%3Acommons_beanutils%3A1.9.4" target="_blank">cpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/commons-beanutils/commons-beanutils@1.9.4"><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-beanutils/commons-beanutils@1.9.4" target="_blank">pkg:maven/commons-beanutils/commons-beanutils@1.9.4</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-COLLECTIONS-3.2.2.JAR"><a href="#l15_8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5">commons-collections-3.2.2.jar</a></td><td data-sort-value="cpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Acommons_collections&amp;cpe_version=cpe%3A%2F%3Aapache%3Acommons_collections%3A3.2.2" target="_blank">cpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/commons-collections/commons-collections@3.2.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-collections/commons-collections@3.2.2" target="_blank">pkg:maven/commons-collections/commons-collections@3.2.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-DIGESTER-2.1.JAR"><a href="#l16_73a8001e7a54a255eef0f03521ec1805dc738ca0">commons-digester-2.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/commons-digester/commons-digester@2.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-digester/commons-digester@2.1" target="_blank">pkg:maven/commons-digester/commons-digester@2.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>37</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-DIGESTER3-3.2.JAR"><a href="#l17_c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79">commons-digester3-3.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.commons/commons-digester3@3.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-digester3@3.2" target="_blank">pkg:maven/org.apache.commons/commons-digester3@3.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-FILEUPLOAD-1.4.JAR"><a href="#l18_f95188e3d372e20e7328706c37ef366e5d7859b0">commons-fileupload-1.4.jar</a></td><td data-sort-value="cpe:2.3:a:apache:commons_fileupload:1.4:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Acommons_fileupload&amp;cpe_version=cpe%3A%2F%3Aapache%3Acommons_fileupload%3A1.4" target="_blank">cpe:2.3:a:apache:commons_fileupload:1.4:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/commons-fileupload/commons-fileupload@1.4"><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-fileupload/commons-fileupload@1.4" target="_blank">pkg:maven/commons-fileupload/commons-fileupload@1.4</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-IO-2.6.JAR"><a href="#l19_815893df5f31da2ece4040fe0a12fd44b577afaf">commons-io-2.6.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/commons-io/commons-io@2.6"><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-io/commons-io@2.6" target="_blank">pkg:maven/commons-io/commons-io@2.6</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-JCI-FAM-1.1.JAR"><a href="#l20_32ae39163b0d71ad2487f71acf107a7ac2c67e5c">commons-jci-fam-1.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.commons/commons-jci-fam@1.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-jci-fam@1.1" target="_blank">pkg:maven/org.apache.commons/commons-jci-fam@1.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>34</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-LANG3-3.10.JAR"><a href="#l21_e155460aaf5b464062a09c3923f089ce99128a17">commons-lang3-3.10.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.commons/commons-lang3@3.10"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-lang3@3.10" target="_blank">pkg:maven/org.apache.commons/commons-lang3@3.10</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-LOGGING-1.2.JAR"><a href="#l22_4bfc12adfe4842bf07b657f0369c4cb522955686">commons-logging-1.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/commons-logging/commons-logging@1.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-logging/commons-logging@1.2" target="_blank">pkg:maven/commons-logging/commons-logging@1.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>36</td></tr><tr class="notvulnerable"><td data-sort-value="COMMONS-TEXT-1.8.JAR"><a href="#l23_879a6bde4c0537a25504c72ec7a94ba4099f469c">commons-text-1.8.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.commons/commons-text@1.8"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-text@1.8" target="_blank">pkg:maven/org.apache.commons/commons-text@1.8</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="DOMTT.JS"><a href="#l24_5584aa1028220f041ff7d89c48e9e8ffeaa05256">domTT.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="DWR-3.0.2-RELEASE.JAR"><a href="#l25_3b3fd5901f4304021074e6c12f3bebf870524ca8">dwr-3.0.2-RELEASE.jar</a></td><td data-sort-value="cpe:2.3:a:directwebremoting:direct_web_remoting:3.0.2:release:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Adirectwebremoting&amp;cpe_product=cpe%3A%2F%3Adirectwebremoting%3Adirect_web_remoting&amp;cpe_version=cpe%3A%2F%3Adirectwebremoting%3Adirect_web_remoting%3A3.0.2" target="_blank">cpe:2.3:a:directwebremoting:direct_web_remoting:3.0.2:release:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.directwebremoting/dwr@3.0.2-RELEASE"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.directwebremoting/dwr@3.0.2-RELEASE" target="_blank">pkg:maven/org.directwebremoting/dwr@3.0.2-RELEASE</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="1">High</td><td>21</td></tr><tr class="notvulnerable"><td data-sort-value="DWR-3.0.2-RELEASE.JAR: DWRACTIONUTIL.JS"><a href="#l26_1a376c4c0d20b1ecbdbeaeba716ca8c08abe74b6">dwr-3.0.2-RELEASE.jar: DWRActionUtil.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="DWR-3.0.2-RELEASE.JAR: DWR-BAYEUX.JS"><a href="#l27_eaabe3b2ef0a2cd47e845bbf416c2297da9f40c1">dwr-3.0.2-RELEASE.jar: dwr-bayeux.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="DWR-3.0.2-RELEASE.JAR: ENGINE.JS"><a href="#l28_244eb828dcf0d621deb664b7f90963bc82a4fcfb">dwr-3.0.2-RELEASE.jar: engine.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="DWR-3.0.2-RELEASE.JAR: UTIL.JS"><a href="#l29_1c5a03a0b276cf94dc8dfd2ed884a2bdbe963abd">dwr-3.0.2-RELEASE.jar: util.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="FREEMARKER-2.3.30.JAR"><a href="#l30_86d70d335c7821178f62b554aa3a4bc538a94f1a">freemarker-2.3.30.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.freemarker/freemarker@2.3.30"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.freemarker/freemarker@2.3.30" target="_blank">pkg:maven/org.freemarker/freemarker@2.3.30</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>44</td></tr><tr class="notvulnerable"><td data-sort-value="GOOGLE-COLLECTIONS-1.0.JAR"><a href="#l31_9ffe71ac6dcab6bc03ea13f5c2e7b2804e69b357">google-collections-1.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.google.collections/google-collections@1.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.collections/google-collections@1.0" target="_blank">pkg:maven/com.google.collections/google-collections@1.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="GOOGLE-GXP-0.2.4-BETA.JAR"><a href="#l32_b80c7c780973ffd5eac63de301eb6a05035aeb46">google-gxp-0.2.4-beta.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.google.gxp/google-gxp@0.2.4-beta"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.gxp/google-gxp@0.2.4-beta" target="_blank">pkg:maven/com.google.gxp/google-gxp@0.2.4-beta</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>30</td></tr><tr class=" vulnerable"><td data-sort-value="GUAVA-19.0.JAR"><a href="#l33_6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9">guava-19.0.jar</a></td><td data-sort-value="cpe:2.3:a:google:guava:19.0:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Agoogle&amp;cpe_product=cpe%3A%2F%3Agoogle%3Aguava&amp;cpe_version=cpe%3A%2F%3Agoogle%3Aguava%3A19.0" target="_blank">cpe:2.3:a:google:guava:19.0:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/com.google.guava/guava@19.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@19.0" target="_blank">pkg:maven/com.google.guava/guava@19.0</a></td><td data-sort-value="59.0">MEDIUM</td><td>1</td><td data-sort-value="0">Highest</td><td>22</td></tr><tr class="notvulnerable"><td data-sort-value="GUICE-4.1.0-NO_AOP.JAR"><a href="#l34_faf9ee8ac09eafd1128091426dd367a8c0085d55">guice-4.1.0-no_aop.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.google.inject/guice@4.1.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.inject/guice@4.1.0" target="_blank">pkg:maven/com.google.inject/guice@4.1.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>28</td></tr><tr class="notvulnerable"><td data-sort-value="HAMCREST-CORE-1.3.JAR"><a href="#l35_42a25dc3219429f0e5d060061f71acb49bf010a0">hamcrest-core-1.3.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.hamcrest/hamcrest-core@1.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hamcrest/hamcrest-core@1.3" target="_blank">pkg:maven/org.hamcrest/hamcrest-core@1.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>26</td></tr><tr class="notvulnerable"><td data-sort-value="HIBERNATE-VALIDATOR-6.1.2.FINAL.JAR"><a href="#l36_7710ee9f1aa2210d401947d1298c8bdcbeff2f1e">hibernate-validator-6.1.2.Final.jar</a></td><td data-sort-value="cpe:2.3:a:hibernate:hibernate-validator:6.1.2:*:*:*:*:*:*:*cpe:2.3:a:redhat:hibernate_validator:6.1.2:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Ahibernate&amp;cpe_product=cpe%3A%2F%3Ahibernate%3Ahibernate-validator&amp;cpe_version=cpe%3A%2F%3Ahibernate%3Ahibernate-validator%3A6.1.2" target="_blank">cpe:2.3:a:hibernate:hibernate-validator:6.1.2:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aredhat&amp;cpe_product=cpe%3A%2F%3Aredhat%3Ahibernate_validator&amp;cpe_version=cpe%3A%2F%3Aredhat%3Ahibernate_validator%3A6.1.2" target="_blank">cpe:2.3:a:redhat:hibernate_validator:6.1.2:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final" target="_blank">pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>36</td></tr><tr class="notvulnerable"><td data-sort-value="INPUTTRANSFERSELECT.JS"><a href="#l37_94316238b9eb45a97e2547fa66881cca27a5b6ee">inputtransferselect.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="JACKSON-CORE-2.10.3.JAR"><a href="#l38_f7ee7b55c7d292ac72fbaa7648c089f069c938d2">jackson-core-2.10.3.jar</a></td><td data-sort-value="cpe:2.3:a:fasterxml:jackson:2.10.3:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson%3A2.10.3" target="_blank">cpe:2.3:a:fasterxml:jackson:2.10.3:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>45</td></tr><tr class="notvulnerable"><td data-sort-value="JACKSON-DATABIND-2.10.3.JAR"><a href="#l39_aae92628b5447fa25af79871ca98668da6edd439">jackson-databind-2.10.3.jar</a></td><td data-sort-value="cpe:2.3:a:fasterxml:jackson:2.10.3:*:*:*:*:*:*:*cpe:2.3:a:fasterxml:jackson-databind:2.10.3:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson%3A2.10.3" target="_blank">cpe:2.3:a:fasterxml:jackson:2.10.3:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson-databind&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson-databind%3A2.10.3" target="_blank">cpe:2.3:a:fasterxml:jackson-databind:2.10.3:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>39</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.ACTIVATION-API-1.2.1.JAR"><a href="#l40_562a587face36ec7eff2db7f2fc95425c6602bc1">jakarta.activation-api-1.2.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.activation/jakarta.activation-api@1.2.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.activation/jakarta.activation-api@1.2.1" target="_blank">pkg:maven/jakarta.activation/jakarta.activation-api@1.2.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>32</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.VALIDATION-API-2.0.2.JAR"><a href="#l41_5eacc6522521f7eacb081f95cee1e231648461e7">jakarta.validation-api-2.0.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2" target="_blank">pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="JAKARTA.XML.BIND-API-2.3.2.JAR"><a href="#l42_8d49996a4338670764d7ca4b85a1c4ccf7fe665d">jakarta.xml.bind-api-2.3.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@2.3.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@2.3.2" target="_blank">pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@2.3.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="JAVASSIST-3.24.1-GA.JAR"><a href="#l43_921b466d6a14a8edbe25923c973fd767fc71c045">javassist-3.24.1-GA.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.javassist/javassist@3.24.1-GA"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.javassist/javassist@3.24.1-GA" target="_blank">pkg:maven/org.javassist/javassist@3.24.1-GA</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>26</td></tr><tr class="notvulnerable"><td data-sort-value="JAVAX.EL-3.0.1-B11.JAR"><a href="#l44_cca8438407af01056d83830ba7392efc18544347">javax.el-3.0.1-b11.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.glassfish/javax.el@3.0.1-b11"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish/javax.el@3.0.1-b11" target="_blank">pkg:maven/org.glassfish/javax.el@3.0.1-b11</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>40</td></tr><tr class="notvulnerable"><td data-sort-value="JAVAX.INJECT-1.JAR"><a href="#l45_6975da39a7040257bd51d21a231b76c915872d38">javax.inject-1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/javax.inject/javax.inject@1"><a href="https://ossindex.sonatype.org/component/pkg:maven/javax.inject/javax.inject@1" target="_blank">pkg:maven/javax.inject/javax.inject@1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>19</td></tr><tr class="notvulnerable"><td data-sort-value="JBOSS-LOGGING-3.3.2.FINAL.JAR"><a href="#l46_3789d00e859632e6c6206adc0c71625559e6e3b0">jboss-logging-3.3.2.Final.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.jboss.logging/jboss-logging@3.3.2.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.jboss.logging/jboss-logging@3.3.2.Final" target="_blank">pkg:maven/org.jboss.logging/jboss-logging@3.3.2.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>45</td></tr><tr class="notvulnerable"><td data-sort-value="JCL-OVER-SLF4J-1.7.6.JAR"><a href="#l47_ab1648fe1dd6f1e5c2ec6d12f394672bb8c1036a">jcl-over-slf4j-1.7.6.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.slf4j/jcl-over-slf4j@1.7.6"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/jcl-over-slf4j@1.7.6" target="_blank">pkg:maven/org.slf4j/jcl-over-slf4j@1.7.6</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>25</td></tr><tr class="notvulnerable"><td data-sort-value="JCOMMANDER-1.48.JAR"><a href="#l48_bfcb96281ea3b59d626704f74bc6d625ff51cbce">jcommander-1.48.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.beust/jcommander@1.48"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.beust/jcommander@1.48" target="_blank">pkg:maven/com.beust/jcommander@1.48</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>20</td></tr><tr class="notvulnerable"><td data-sort-value="JCOMMANDER-1.72.JAR"><a href="#l49_6375e521c1e11d6563d4f25a07ce124ccf8cd171">jcommander-1.72.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.beust/jcommander@1.72"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.beust/jcommander@1.72" target="_blank">pkg:maven/com.beust/jcommander@1.72</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>23</td></tr><tr class=" vulnerable"><td data-sort-value="JQUERY-1.3.2.MIN.JS"><a href="#l50_3dc9f7c2642efff4482e68c9d9df874bf98f5bcb">jquery-1.3.2.min.js</a></td><td data-sort-value=""></td><td data-sort-value="pkg:javascript/jquery@1.3.2.min"><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@1.3.2.min" target="_blank">pkg:javascript/jquery@1.3.2.min</a></td><td data-sort-value="61.0">MEDIUM</td><td>4</td><td data-sort-value="0"></td><td>3</td></tr><tr class=" vulnerable"><td data-sort-value="JQUERY-2.1.4.MIN.JS"><a href="#l51_43dc554608df885a59ddeece1598c6ace434d747">jquery-2.1.4.min.js</a></td><td data-sort-value=""></td><td data-sort-value="pkg:javascript/jquery@2.1.4.min"><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@2.1.4.min" target="_blank">pkg:javascript/jquery@2.1.4.min</a></td><td data-sort-value="61.0">medium</td><td>3</td><td data-sort-value="0"></td><td>3</td></tr><tr class="notvulnerable"><td data-sort-value="JQUERY-UI-1.7.1.CUSTOM.MIN.JS"><a href="#l52_787cc9fd60ba3088b95f15e75d8803e490753db9">jquery-ui-1.7.1.custom.min.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="JSHINT.CONF.JS"><a href="#l53_5a88e8d212d51cdc3ac0305978dfc483ce25fa25">jshint.conf.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="JSON-SIMPLE-3.0.2.JAR"><a href="#l54_2337afdb06134a12fc0239299c3ceb2e9c209516">json-simple-3.0.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.github.cliftonlabs/json-simple@3.0.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.github.cliftonlabs/json-simple@3.0.2" target="_blank">pkg:maven/com.github.cliftonlabs/json-simple@3.0.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>23</td></tr><tr class="notvulnerable"><td data-sort-value="JUNEAU-MARSHALL-8.1.3.JAR"><a href="#l55_f1e06cee7b3da2ba627166690765b0d6e6a3c104">juneau-marshall-8.1.3.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.juneau/juneau-marshall@8.1.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.juneau/juneau-marshall@8.1.3" target="_blank">pkg:maven/org.apache.juneau/juneau-marshall@8.1.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>32</td></tr><tr class="notvulnerable"><td data-sort-value="JUNIT-4.13.JAR"><a href="#l56_e49ccba652b735c93bd6e6f59760d8254cf597dd">junit-4.13.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/junit/junit@4.13"><a href="https://ossindex.sonatype.org/component/pkg:maven/junit/junit@4.13" target="_blank">pkg:maven/junit/junit@4.13</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>28</td></tr><tr class="notvulnerable"><td data-sort-value="LOG4J-CORE-2.13.1.JAR"><a href="#l57_533f6ae0bb0ce091493f2eeab0c1df4327e46ef1">log4j-core-2.13.1.jar</a></td><td data-sort-value="cpe:2.3:a:apache:log4j:2.13.1:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Alog4j&amp;cpe_version=cpe%3A%2F%3Aapache%3Alog4j%3A2.13.1" target="_blank">cpe:2.3:a:apache:log4j:2.13.1:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>50</td></tr><tr class="notvulnerable"><td data-sort-value="OGNL-3.2.14.JAR"><a href="#l58_18178dd7cfcb8b81c262c072b60a5bf701073917">ognl-3.2.14.jar</a></td><td data-sort-value="cpe:2.3:a:ognl_project:ognl:3.2.14:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aognl_project&amp;cpe_product=cpe%3A%2F%3Aognl_project%3Aognl&amp;cpe_version=cpe%3A%2F%3Aognl_project%3Aognl%3A3.2.14" target="_blank">cpe:2.3:a:ognl_project:ognl:3.2.14:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/ognl/ognl@3.2.14"><a href="https://ossindex.sonatype.org/component/pkg:maven/ognl/ognl@3.2.14" target="_blank">pkg:maven/ognl/ognl@3.2.14</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>20</td></tr><tr class="notvulnerable"><td data-sort-value="OPTIONTRANSFERSELECT.JS"><a href="#l59_51fd3c3d66bed260a48bcc1bc9f56c799acab501">optiontransferselect.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="ORG.APACHE.FELIX.FRAMEWORK-6.0.3.JAR"><a href="#l60_18d02dd467607cb61a8cf77c1847a733a417da76">org.apache.felix.framework-6.0.3.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.felix/org.apache.felix.framework@6.0.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.framework@6.0.3" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.framework@6.0.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>39</td></tr><tr class="notvulnerable"><td data-sort-value="ORG.APACHE.FELIX.MAIN-6.0.3.JAR"><a href="#l61_9a6cbba44a72bb04411edf8b154c862e27209e8a">org.apache.felix.main-6.0.3.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.felix/org.apache.felix.main@6.0.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.main@6.0.3" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.main@6.0.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>35</td></tr><tr class="notvulnerable"><td data-sort-value="ORG.APACHE.FELIX.SHELL-1.4.3.JAR"><a href="#l62_649b5b55c6c5388654eee75706f1258e1e307ddb">org.apache.felix.shell-1.4.3.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.felix/org.apache.felix.shell@1.4.3"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.shell@1.4.3" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.shell@1.4.3</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>35</td></tr><tr class="notvulnerable"><td data-sort-value="ORG.APACHE.FELIX.SHELL.TUI-1.4.1.JAR"><a href="#l63_7184b6c9089ffcfb0da269a2cd50ce386f5dc335">org.apache.felix.shell.tui-1.4.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.felix/org.apache.felix.shell.tui@1.4.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.shell.tui@1.4.1" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.shell.tui@1.4.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="ORG.OSGI.COMPENDIUM-4.0.0.JAR"><a href="#l64_70d04381dfa21ddb4f1fd82e1f62623632890b48">org.osgi.compendium-4.0.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.osgi/org.osgi.compendium@4.0.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.osgi/org.osgi.compendium@4.0.0" target="_blank">pkg:maven/org.osgi/org.osgi.compendium@4.0.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>15</td></tr><tr class="notvulnerable"><td data-sort-value="ORG.OSGI.CORE-4.3.1.JAR"><a href="#l65_5458ffe2ba049e76c29f2df2dc3ffccddf8b839e">org.osgi.core-4.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/%0A%20%20%20%20org.osgi%0A%20%20/%0A%20%20%20%20org.osgi.core%0A%20%20@%0A%20%20%20%204.3.1%0A%20%20pkg:maven/org.osgi/org.osgi.core@4.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/%0A%20%20%20%20org.osgi%0A%20%20/%0A%20%20%20%20org.osgi.core%0A%20%20@%0A%20%20%20%204.3.1%0A%20%20" target="_blank">pkg:maven/%0A%20%20%20%20org.osgi%0A%20%20/%0A%20%20%20%20org.osgi.core%0A%20%20@%0A%20%20%20%204.3.1%0A%20%20</a><br/><a href="https://ossindex.sonatype.org/component/pkg:maven/org.osgi/org.osgi.core@4.3.1" target="_blank">pkg:maven/org.osgi/org.osgi.core@4.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>28</td></tr><tr class=" vulnerable"><td data-sort-value="OVAL-1.90.JAR"><a href="#l66_1827d5ad7c049ba0618c8c8f36ecced1db3e75b0">oval-1.90.jar</a></td><td data-sort-value="cpe:2.3:a:apache:groovy:1.90:*:*:*:*:*:*:*cpe:2.3:a:apache:log4j:1.90:*:*:*:*:*:*:*cpe:2.3:a:jruby:jruby:1.90:*:*:*:*:*:*:*cpe:2.3:a:xstream_project:xstream:1.90:*:*:*:*:*:*:*">cpe:2.3:a:apache:groovy:1.90:*:*:*:*:*:*:*<br/>cpe:2.3:a:apache:log4j:1.90:*:*:*:*:*:*:*<br/>cpe:2.3:a:jruby:jruby:1.90:*:*:*:*:*:*:*<br/>cpe:2.3:a:xstream_project:xstream:1.90:*:*:*:*:*:*:*</td><td data-sort-value="pkg:maven/net.sf.oval/oval@1.90"><a href="https://ossindex.sonatype.org/component/pkg:maven/net.sf.oval/oval@1.90" target="_blank">pkg:maven/net.sf.oval/oval@1.90</a></td><td data-sort-value="98.0">CRITICAL</td><td>2</td><td data-sort-value="3">Low</td><td>45</td></tr><tr class="notvulnerable"><td data-sort-value="PLEXUS-CONTAINER-DEFAULT-1.0-ALPHA-10.JAR"><a href="#l67_575e5663d175c8f112f654bc2f2a3db4077c74e0">plexus-container-default-1.0-alpha-10.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.codehaus.plexus/plexus-container-default@1.0-alpha-10"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.plexus/plexus-container-default@1.0-alpha-10" target="_blank">pkg:maven/org.codehaus.plexus/plexus-container-default@1.0-alpha-10</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>26</td></tr><tr class="notvulnerable"><td data-sort-value="PLEXUS-UTILS-1.2.JAR"><a href="#l68_9756b92f7f380e4372d1e34f7d194bc0a5767849">plexus-utils-1.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.codehaus.plexus/plexus-utils@1.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.plexus/plexus-utils@1.2" target="_blank">pkg:maven/org.codehaus.plexus/plexus-utils@1.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>26</td></tr><tr class="notvulnerable"><td data-sort-value="PORTLET-API-2.0.JAR"><a href="#l69_1cd72f2a37fcf8ab9893a9468d7ba71c85fe2653">portlet-api-2.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/javax.portlet/portlet-api@2.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/javax.portlet/portlet-api@2.0" target="_blank">pkg:maven/javax.portlet/portlet-api@2.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>21</td></tr><tr class="notvulnerable"><td data-sort-value="PRETTIFY.JS"><a href="#l70_a4e5934397f97f79b8066984475c90af8a970a36">prettify.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="SHELL.JS"><a href="#l71_23878d8bd360f9e2cda65720df197367b8a43b6d">shell.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="SITEMESH-2.4.2.JAR"><a href="#l72_4cb3b08c96553b0f4595a80917838ca302f67f3f">sitemesh-2.4.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/opensymphony/sitemesh@2.4.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/opensymphony/sitemesh@2.4.2" target="_blank">pkg:maven/opensymphony/sitemesh@2.4.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>27</td></tr><tr class="notvulnerable"><td data-sort-value="SLF4J-API-1.7.30.JAR"><a href="#l73_b5a4b6d16ab13e34a88fae84c35cd5d68cac922c">slf4j-api-1.7.30.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.slf4j/slf4j-api@1.7.30"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/slf4j-api@1.7.30" target="_blank">pkg:maven/org.slf4j/slf4j-api@1.7.30</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="SLF4J-SIMPLE-1.7.30.JAR"><a href="#l74_e606eac955f55ecf1d8edcccba04eb8ac98088dd">slf4j-simple-1.7.30.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.slf4j/slf4j-simple@1.7.30"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/slf4j-simple@1.7.30" target="_blank">pkg:maven/org.slf4j/slf4j-simple@1.7.30</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>29</td></tr><tr class="notvulnerable"><td data-sort-value="SNAKEYAML-1.21.JAR"><a href="#l75_18775fdda48574784f40b47bf478ab0593f92e4d">snakeyaml-1.21.jar</a></td><td data-sort-value="cpe:2.3:a:snakeyaml_project:snakeyaml:1.21:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Asnakeyaml_project&amp;cpe_product=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml&amp;cpe_version=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml%3A1.21" target="_blank">cpe:2.3:a:snakeyaml_project:snakeyaml:1.21:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.yaml/snakeyaml@1.21"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.yaml/snakeyaml@1.21" target="_blank">pkg:maven/org.yaml/snakeyaml@1.21</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>26</td></tr><tr class="notvulnerable"><td data-sort-value="SPRING-CORE-4.3.26.RELEASE.JAR"><a href="#l76_a8b090664504b833e2d5d1e6863138cee1239681">spring-core-4.3.26.RELEASE.jar</a></td><td data-sort-value="cpe:2.3:a:pivotal_software:spring_framework:4.3.26:release:*:*:*:*:*:*cpe:2.3:a:springsource:spring_framework:4.3.26:release:*:*:*:*:*:*cpe:2.3:a:vmware:springsource_spring_framework:4.3.26:release:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A4.3.26" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:4.3.26:release:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A4.3.26" target="_blank">cpe:2.3:a:springsource:spring_framework:4.3.26:release:*:*:*:*:*:*</a><br/>cpe:2.3:a:vmware:springsource_spring_framework:4.3.26:release:*:*:*:*:*:*</td><td data-sort-value="pkg:maven/org.springframework/spring-core@4.3.26.RELEASE"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-core@4.3.26.RELEASE</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>28</td></tr><tr class="notvulnerable"><td data-sort-value="STAX2-API-4.2.JAR"><a href="#l77_13c2b30926bca0429c704c4b4ca0b5d0432b69cd">stax2-api-4.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.codehaus.woodstox/stax2-api@4.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.woodstox/stax2-api@4.2" target="_blank">pkg:maven/org.codehaus.woodstox/stax2-api@4.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>48</td></tr><tr class="notvulnerable"><td data-sort-value="STRUTS-ANNOTATIONS-1.0.7.JAR"><a href="#l78_3fe2a1266e5224b66ade1cc57b92b178023a4ae9">struts-annotations-1.0.7.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.struts/struts-annotations@1.0.7"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts-annotations@1.0.7" target="_blank">pkg:maven/org.apache.struts/struts-annotations@1.0.7</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="STRUTS2-CORE-2.6-SNAPSHOT.JAR"><a href="#l79_64a03701b6797529aaa7cb200f803b7b26c6bb3f">struts2-core-2.6-SNAPSHOT.jar</a></td><td data-sort-value="cpe:2.3:a:apache:struts:2.6:snapshot:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Astruts&amp;cpe_version=cpe%3A%2F%3Aapache%3Astruts%3A2.6" target="_blank">cpe:2.3:a:apache:struts:2.6:snapshot:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.struts/struts2-core@2.6-20200419.094131-295pkg:maven/org.apache.struts/struts2-core@2.6-SNAPSHOT"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-core@2.6-20200419.094131-295" target="_blank">pkg:maven/org.apache.struts/struts2-core@2.6-20200419.094131-295</a><br/><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-core@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-core@2.6-SNAPSHOT</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>38</td></tr><tr class="notvulnerable"><td data-sort-value="STRUTS2-TILES-PLUGIN-2.6-SNAPSHOT.JAR"><a href="#l80_d5c25e6adc63008d8c1e5c16031dcc18f66309bb">struts2-tiles-plugin-2.6-SNAPSHOT.jar</a></td><td data-sort-value="cpe:2.3:a:apache:struts:2.6:snapshot:*:*:*:*:*:*cpe:2.3:a:apache:tiles:2.6:snapshot:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Astruts&amp;cpe_version=cpe%3A%2F%3Aapache%3Astruts%3A2.6" target="_blank">cpe:2.3:a:apache:struts:2.6:snapshot:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A2.6" target="_blank">cpe:2.3:a:apache:tiles:2.6:snapshot:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-SNAPSHOT"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294" target="_blank">pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294</a><br/><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-SNAPSHOT</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>39</td></tr><tr class="notvulnerable"><td data-sort-value="TESTNG-6.9.10.JAR"><a href="#l81_6feb3e964aeb7097aff30c372aac3ec0f8d87ede">testng-6.9.10.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.testng/testng@6.9.10"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.testng/testng@6.9.10" target="_blank">pkg:maven/org.testng/testng@6.9.10</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>25</td></tr><tr class=" vulnerable"><td data-sort-value="TESTNG-6.9.10.JAR: JQUERY-1.7.1.MIN.JS"><a href="#l82_9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f">testng-6.9.10.jar: jquery-1.7.1.min.js</a></td><td data-sort-value=""></td><td data-sort-value="pkg:javascript/jquery@1.7.1.min"><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@1.7.1.min" target="_blank">pkg:javascript/jquery@1.7.1.min</a></td><td data-sort-value="61.0">medium</td><td>4</td><td data-sort-value="0"></td><td>3</td></tr><tr class="notvulnerable"><td data-sort-value="TESTNG-6.9.10.JAR: TESTNG-REPORTS.JS"><a href="#l83_f40c090d15e2e6eb179b4eb3919c365afe882ade">testng-6.9.10.jar: testng-reports.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="TESTNG-7.1.0.JAR"><a href="#l84_b0bcea778fb2899aeb4014c558babea8833d180a">testng-7.1.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.testng/testng@7.1.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.testng/testng@7.1.0" target="_blank">pkg:maven/org.testng/testng@7.1.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>17</td></tr><tr class=" vulnerable"><td data-sort-value="TESTNG-7.1.0.JAR: JQUERY-3.4.1.MIN.JS"><a href="#l85_b15f7cfa79519756dff1ad22553fd0ed09024343">testng-7.1.0.jar: jquery-3.4.1.min.js</a></td><td data-sort-value=""></td><td data-sort-value="pkg:javascript/jquery@3.4.1.min"><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@3.4.1.min" target="_blank">pkg:javascript/jquery@3.4.1.min</a></td><td data-sort-value="-10">medium</td><td>1</td><td data-sort-value="0"></td><td>3</td></tr><tr class="notvulnerable"><td data-sort-value="TESTNG-7.1.0.JAR: TESTNG-REPORTS.JS"><a href="#l86_bf41ae73b80f698412d8aea58d3007ba9d8f589f">testng-7.1.0.jar: testng-reports.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="TILES-AUTOTAG-CORE-RUNTIME-1.2.JAR"><a href="#l87_0100bd3cae1a5debf9afb4ef5c8b36c508d06326">tiles-autotag-core-runtime-1.2.jar</a></td><td data-sort-value="cpe:2.3:a:apache:tiles:1.2:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A1.2" target="_blank">cpe:2.3:a:apache:tiles:1.2:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.tiles/tiles-autotag-core-runtime@1.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-autotag-core-runtime@1.2" target="_blank">pkg:maven/org.apache.tiles/tiles-autotag-core-runtime@1.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>34</td></tr><tr class="notvulnerable"><td data-sort-value="TILES-CORE-3.0.8.JAR"><a href="#l88_01f71d0545540ad4bd7b4d883b2ff763cffde237">tiles-core-3.0.8.jar</a></td><td data-sort-value="cpe:2.3:a:apache:tiles:3.0.8:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A3.0.8" target="_blank">cpe:2.3:a:apache:tiles:3.0.8:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.tiles/tiles-core@3.0.8"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-core@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-core@3.0.8</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>31</td></tr><tr class=" vulnerable"><td data-sort-value="TILES-OGNL-3.0.8.JAR"><a href="#l89_138753498a27322b35eedfa808428fb24a97c2c2">tiles-ognl-3.0.8.jar</a></td><td data-sort-value="cpe:2.3:a:apache:tiles:3.0.8:*:*:*:*:*:*:*cpe:2.3:a:ognl_project:ognl:3.0.8:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A3.0.8" target="_blank">cpe:2.3:a:apache:tiles:3.0.8:*:*:*:*:*:*:*</a><br/><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aognl_project&amp;cpe_product=cpe%3A%2F%3Aognl_project%3Aognl&amp;cpe_version=cpe%3A%2F%3Aognl_project%3Aognl%3A3.0.8" target="_blank">cpe:2.3:a:ognl_project:ognl:3.0.8:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.tiles/tiles-ognl@3.0.8"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-ognl@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-ognl@3.0.8</a></td><td data-sort-value="53.0">MEDIUM</td><td>1</td><td data-sort-value="0">Highest</td><td>33</td></tr><tr class="notvulnerable"><td data-sort-value="TILES-REQUEST-API-1.0.7.JAR"><a href="#l90_c649a9be6df263c888a2195447cd602d530cc233">tiles-request-api-1.0.7.jar</a></td><td data-sort-value="cpe:2.3:a:apache:tiles:1.0.7:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A1.0.7" target="_blank">cpe:2.3:a:apache:tiles:1.0.7:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.tiles/tiles-request-api@1.0.7"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-request-api@1.0.7" target="_blank">pkg:maven/org.apache.tiles/tiles-request-api@1.0.7</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>33</td></tr><tr class="notvulnerable"><td data-sort-value="TOMCAT-JULI-8.5.53.JAR"><a href="#l91_057d37b5d7ed1270910ae59575b7c724bdf2d9f1">tomcat-juli-8.5.53.jar</a></td><td data-sort-value="cpe:2.3:a:apache_software_foundation:tomcat:8.5.53:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache_software_foundation&amp;cpe_product=cpe%3A%2F%3Aapache_software_foundation%3Atomcat&amp;cpe_version=cpe%3A%2F%3Aapache_software_foundation%3Atomcat%3A8.5.53" target="_blank">cpe:2.3:a:apache_software_foundation:tomcat:8.5.53:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/org.apache.tomcat/tomcat-juli@8.5.53"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat/tomcat-juli@8.5.53" target="_blank">pkg:maven/org.apache.tomcat/tomcat-juli@8.5.53</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>22</td></tr><tr class="notvulnerable"><td data-sort-value="UTILS.JS"><a href="#l92_61201962d41fec8139c940c5a1468796d49a6139">utils.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="VALIDATION-API-2.0.1.FINAL.JAR"><a href="#l93_cb855558e6271b1b32e716d24cb85c7f583ce09e">validation-api-2.0.1.Final.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/javax.validation/validation-api@2.0.1.Final"><a href="https://ossindex.sonatype.org/component/pkg:maven/javax.validation/validation-api@2.0.1.Final" target="_blank">pkg:maven/javax.validation/validation-api@2.0.1.Final</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>23</td></tr><tr class="notvulnerable"><td data-sort-value="VALIDATION.JS"><a href="#l94_affda7d0fecb0d16b9ebfc119833ec50ee920b4b">validation.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="VALIDATION.JS"><a href="#l95_c4c980b34207fbca373f2032c770371606220da2">validation.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="VELOCITY-ENGINE-CORE-2.2.JAR"><a href="#l96_68d899cb70cd27d495562fa808feb2da4926d38f">velocity-engine-core-2.2.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.velocity/velocity-engine-core@2.2"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity/velocity-engine-core@2.2" target="_blank">pkg:maven/org.apache.velocity/velocity-engine-core@2.2</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>38</td></tr><tr class="notvulnerable"><td data-sort-value="VELOCITY-TOOLS-GENERIC-3.0.JAR"><a href="#l97_e789f6ec06f9a69ccb8956f407fb685b2938e74b">velocity-tools-generic-3.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.0" target="_blank">pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="VELOCITY-TOOLS-VIEW-3.0.JAR"><a href="#l98_2f72ca8eb2bcb8af2c5fab826d64add20ab70a2e">velocity-tools-view-3.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.velocity.tools/velocity-tools-view@3.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity.tools/velocity-tools-view@3.0" target="_blank">pkg:maven/org.apache.velocity.tools/velocity-tools-view@3.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="VELOCITY-TOOLS-VIEW-JSP-3.0.JAR"><a href="#l99_27f6a21c7973ffb75001b3e9ac4731facf5757b4">velocity-tools-view-jsp-3.0.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/org.apache.velocity.tools/velocity-tools-view-jsp@3.0"><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity.tools/velocity-tools-view-jsp@3.0" target="_blank">pkg:maven/org.apache.velocity.tools/velocity-tools-view-jsp@3.0</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>31</td></tr><tr class="notvulnerable"><td data-sort-value="WEBCONSOLE.JS"><a href="#l100_5618fb1f032d4972287158e5754570992448695d">webconsole.js</a></td><td data-sort-value=""></td><td data-sort-value=""></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>0</td></tr><tr class="notvulnerable"><td data-sort-value="WOODSTOX-CORE-6.1.1.JAR"><a href="#l101_989bb31963ed1758b95c7c4381a91592a9a8df61">woodstox-core-6.1.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.fasterxml.woodstox/woodstox-core@6.1.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.woodstox/woodstox-core@6.1.1" target="_blank">pkg:maven/com.fasterxml.woodstox/woodstox-core@6.1.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>41</td></tr><tr class="notvulnerable"><td data-sort-value="WOODSTOX-CORE-6.1.1.JAR (SHADED: COM.SUN.XML.BIND.JAXB:ISORELAX:20090621)"><a href="#l102_314ec72948d5c1fc71d553cbbd7a130caa6f9f13">woodstox-core-6.1.1.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621" target="_blank">pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>12</td></tr><tr class="notvulnerable"><td data-sort-value="WOODSTOX-CORE-6.1.1.JAR (SHADED: NET.JAVA.DEV.MSV:XSDLIB:2013.6.1)"><a href="#l103_47f218a999411ed028f089d59ebef8f14e0fe914">woodstox-core-6.1.1.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/net.java.dev.msv/xsdlib@2013.6.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/net.java.dev.msv/xsdlib@2013.6.1" target="_blank">pkg:maven/net.java.dev.msv/xsdlib@2013.6.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>9</td></tr><tr class="notvulnerable"><td data-sort-value="XMLPULL-1.1.3.1.JAR"><a href="#l104_2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa">xmlpull-1.1.3.1.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/xmlpull/xmlpull@1.1.3.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/xmlpull/xmlpull@1.1.3.1" target="_blank">pkg:maven/xmlpull/xmlpull@1.1.3.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>17</td></tr><tr class="notvulnerable"><td data-sort-value="XPP3_MIN-1.1.4C.JAR"><a href="#l105_19d4e90b43059058f6e056f794f0ea4030d60b86">xpp3_min-1.1.4c.jar</a></td><td data-sort-value=""></td><td data-sort-value="pkg:maven/xpp3/xpp3_min@1.1.4c"><a href="https://ossindex.sonatype.org/component/pkg:maven/xpp3/xpp3_min@1.1.4c" target="_blank">pkg:maven/xpp3/xpp3_min@1.1.4c</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0"></td><td>23</td></tr><tr class="notvulnerable"><td data-sort-value="XSTREAM-1.4.11.1.JAR"><a href="#l106_6c120c45a8c480bb2fea5b56502e3993ddd74fd2">xstream-1.4.11.1.jar</a></td><td data-sort-value="cpe:2.3:a:xstream_project:xstream:1.4.11.1:*:*:*:*:*:*:*"><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Axstream_project&amp;cpe_product=cpe%3A%2F%3Axstream_project%3Axstream&amp;cpe_version=cpe%3A%2F%3Axstream_project%3Axstream%3A1.4.11.1" target="_blank">cpe:2.3:a:xstream_project:xstream:1.4.11.1:*:*:*:*:*:*:*</a></td><td data-sort-value="pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1"><a href="https://ossindex.sonatype.org/component/pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1" target="_blank">pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1</a></td><td data-sort-value="-10">&nbsp;</td><td>0</td><td data-sort-value="0">Highest</td><td>59</td></tr></table><h2>Dependencies</h2> <h3 class="subsectionheader standardsubsection notvulnerable"><a name="l1_c29299253a087898aaff7f4eac57effa46b1910a"></a>animal-sniffer-annotations-1.9.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/codehaus/mojo/animal-sniffer-annotations/1.9/animal-sniffer-annotations-1.9.jar<br/><b>MD5:</b>&nbsp;41f47a4c81b5a9f76bc7f12af69e4fbe<br/><b>SHA1:</b>&nbsp;c29299253a087898aaff7f4eac57effa46b1910a<br/><b>SHA256:</b>cd96feeb47f34b2559704715db7b179a03a3721f9dc4092c345c718e29b42de4<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header1" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content1" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>mojo</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.codehaus.mojo</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>animal-sniffer-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.mojo</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>animal_sniffer</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Animal Sniffer Annotations</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>animal-sniffer-annotations</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>codehaus.mojo</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>animal-sniffer-annotations</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>mojo</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>mojo</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.mojo</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>codehaus.mojo</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>animal-sniffer-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>animal_sniffer</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>animal-sniffer-annotations</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Animal Sniffer Annotations</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>animal-sniffer-annotations</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>mojo</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>ignorejrerequirement</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.9</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.9</td><td>High</td></tr></table></div><h4 id="header2" class="subsectionheader white">Identifiers</h4><div id="content2" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.9" target="_blank">pkg:maven/org.codehaus.mojo/animal-sniffer-annotations@1.9</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l2_0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8"></a>aopalliance-1.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>AOP Alliance</pre></p><p><b>License:</b><pre class="indent">Public Domain</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar<br/><b>MD5:</b>&nbsp;04177054e180d09e3998808efa0401c7<br/><b>SHA1:</b>&nbsp;0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8<br/><b>SHA256:</b>0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header3" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content3" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>aopalliance</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>aopalliance</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>AOP alliance</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://aopalliance.sourceforge.net</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>aopalliance</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>aopalliance</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>aop</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>intercept</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>aopalliance</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>aopalliance</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>aopalliance</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>aopalliance</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>AOP alliance</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>aopalliance</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>aop</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://aopalliance.sourceforge.net</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>intercept</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.0</td><td>Highest</td></tr></table></div><h4 id="header4" class="subsectionheader white">Identifiers</h4><div id="content4" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/aopalliance/aopalliance@1.0" target="_blank">pkg:maven/aopalliance/aopalliance@1.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l3_1d5f20b4ea675e6fab6ab79f1cd60ec268ddc015"></a>asm-3.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/asm/asm/3.3.1/asm-3.3.1.jar<br/><b>MD5:</b>&nbsp;1ad1e8959324b0f680b8e62406955642<br/><b>SHA1:</b>&nbsp;1d5f20b4ea675e6fab6ab79f1cd60ec268ddc015<br/><b>SHA256:</b>c2b39275f8e951bc74750080a1266cdabc39399bc5e13d642bf2d346449df7f3<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header5" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content5" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>ASM Core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>asm</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>France Telecom R&amp;D</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>asm</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>asm-parent</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>ASM Core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>asm</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>ASM</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>asm-parent</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.3.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.3.1</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.3.1</td><td>High</td></tr></table></div><h4 id="header6" class="subsectionheader white">Identifiers</h4><div id="content6" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/asm/asm@3.3.1" target="_blank">pkg:maven/asm/asm@3.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l4_7ec32f922315924e82bf58b36ee1b673b2a9b820"></a>asm-7.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>ASM, a very small and fast Java bytecode manipulation framework</pre></p><p><b>License:</b><pre class="indent">BSD-3-Clause: https://asm.ow2.io/license.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/ow2/asm/asm/7.3.1/asm-7.3.1.jar<br/><b>MD5:</b>&nbsp;542c066ed00a4fa9857e9343e2c595b9<br/><b>SHA1:</b>&nbsp;7ec32f922315924e82bf58b36ee1b673b2a9b820<br/><b>SHA256:</b>2f67e11ceec819ebd88ddee5300aba699b1cbab2e20c22e97cf027d3be93959b<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header7" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content7" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.ow2.asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>OW2</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>asm</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>asm</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>asm</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>org.objectweb.asm</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>ASM, a very small and fast Java bytecode manipulation framework</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>OW2</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>asm</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>asm</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>7.3.1</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>7.3.1</td><td>Low</td></tr></table></div><h4 id="header8" class="subsectionheader white">Identifiers</h4><div id="content8" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm@7.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l5_045dfd299ea0c17d534499c4f06417ceccfa2d02"></a>asm-analysis-7.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework</pre></p><p><b>License:</b><pre class="indent">BSD-3-Clause: https://asm.ow2.io/license.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/ow2/asm/asm-analysis/7.3.1/asm-analysis-7.3.1.jar<br/><b>MD5:</b>&nbsp;b5b082ef17f6d6bb3d8ed9c129161bdb<br/><b>SHA1:</b>&nbsp;045dfd299ea0c17d534499c4f06417ceccfa2d02<br/><b>SHA256:</b>46b8a8efd4b94facb5ab4b35afe30ee0546ae7a43d2c64e6def56c2f168fefa5<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header9" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content9" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.ow2.asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>asm-analysis</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>OW2</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tree</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>asm-analysis</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.tree.analysis</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-requires</td><td>org.objectweb.asm.tree;transitive=true</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>analysis</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>asm-analysis</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tree</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>asm-analysis</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.tree.analysis</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>module-requires</td><td>org.objectweb.asm.tree;transitive=true</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>analysis</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>OW2</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>asm-analysis</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>asm-analysis</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>org.objectweb.asm.tree.analysis</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>7.3.1</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>7.3.1</td><td>Low</td></tr></table></div><h4 id="header10" class="subsectionheader white">Identifiers</h4><div id="content10" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm-analysis@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm-analysis@7.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l6_daaa79ef260eb67404b9a52bc319a024c7f49cfe"></a>asm-commons-7.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework</pre></p><p><b>License:</b><pre class="indent">BSD-3-Clause: https://asm.ow2.io/license.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/ow2/asm/asm-commons/7.3.1/asm-commons-7.3.1.jar<br/><b>MD5:</b>&nbsp;be985ed0af52424f8f5d27ec71c249ab<br/><b>SHA1:</b>&nbsp;daaa79ef260eb67404b9a52bc319a024c7f49cfe<br/><b>SHA256:</b>87cd8bb3c6bf6bcbb33fca48060c5065f66ebf6a3d7de9bf18bff51bcf156ebc<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header11" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content11" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.ow2.asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>asm-commons</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>OW2</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>asm-commons</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>asm-commons</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-requires</td><td>org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>asm-commons</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>asm-commons</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.commons</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>OW2</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>asm-commons</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>org.objectweb.asm.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>module-requires</td><td>org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>7.3.1</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>7.3.1</td><td>Low</td></tr></table></div><h4 id="header12" class="subsectionheader white">Identifiers</h4><div id="content12" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm-commons@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm-commons@7.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l7_587ce54d243145b2e89598bfcea7823ded73be5d"></a>asm-tree-7.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Tree API of ASM, a very small and fast Java bytecode manipulation framework</pre></p><p><b>License:</b><pre class="indent">BSD-3-Clause: https://asm.ow2.io/license.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/ow2/asm/asm-tree/7.3.1/asm-tree-7.3.1.jar<br/><b>MD5:</b>&nbsp;3ef0bd9837a905e0b2d443de9199a409<br/><b>SHA1:</b>&nbsp;587ce54d243145b2e89598bfcea7823ded73be5d<br/><b>SHA256:</b>f91a4a8aa868c5c4665bb4fd134019a91f9f8b9216527fba295e3c8b5422b78b<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header13" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content13" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.ow2.asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>asm-tree</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.tree</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>OW2</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tree</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>module-requires</td><td>org.objectweb.asm;transitive=true</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>asm-tree</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>asm-tree</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>asm-tree</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.objectweb.asm.tree</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>asm</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.ow2.org/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Tree API of ASM, a very small and fast Java bytecode manipulation framework</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>objectweb</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tree</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>module-requires</td><td>org.objectweb.asm;transitive=true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>org.objectweb.asm.tree</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>asm-tree</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>OW2</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://asm.ow2.io/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>asm-tree</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>ow2</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.ow2</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://asm.ow2.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>ow2.asm</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>7.3.1</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>7.3.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>7.3.1</td><td>Low</td></tr></table></div><h4 id="header14" class="subsectionheader white">Identifiers</h4><div id="content14" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.ow2.asm/asm-tree@7.3.1" target="_blank">pkg:maven/org.ow2.asm/asm-tree@7.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l8_db28774f477f07220eac18d5ec9c4e01f48589d7"></a>aspectjweaver-1.8.9.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The AspectJ weaver introduces advices to java classes</pre></p><p><b>License:</b><pre class="indent">Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/aspectj/aspectjweaver/1.8.9/aspectjweaver-1.8.9.jar<br/><b>MD5:</b>&nbsp;304a51bce49f52a26bb79f3fd0b58325<br/><b>SHA1:</b>&nbsp;db28774f477f07220eac18d5ec9c4e01f48589d7<br/><b>SHA256:</b>5e41d39eca300e2d8e6067f5660d70dcc66ec2da9cbd46a3d5985e609d1e6ecf<br/><b>Referenced In Project/Scope:</b>Struts 2 Core:compile</p><h4 id="header15" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content15" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>AspectJ weaver</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>aspectj.org</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>aspectjweaver</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>weaver</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>aspectj.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.aspectj</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>name</td><td>org/aspectj/weaver/</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>aspectj</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.aspectj.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>aspectjweaver</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>aspectj</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>AspectJ weaver</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>weaver</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.aspectj.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>org.aspectj.weaver</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>AspectJ Weaver Classes</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>aspectjweaver</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>aspectj</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>name</td><td>org/aspectj/weaver/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>can-redefine-classes</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>aspectjweaver</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>aspectj</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.8.9</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.8.9</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.8.9</td><td>High</td></tr></table></div><h4 id="header16" class="subsectionheader white">Identifiers</h4><div id="content16" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.aspectj/aspectjweaver@1.8.9" target="_blank">pkg:maven/org.aspectj/aspectjweaver@1.8.9</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l9_253711c6d825de55a8360552573be950da180614"></a>bootstrap.min.js</h3><div class="subsectioncontent"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/apps/showcase/src/main/webapp/js/bootstrap.min.js<br/><b>MD5:</b>&nbsp;8c237312864d2e4c4f03544cd4f9b195<br/><b>SHA1:</b>&nbsp;253711c6d825de55a8360552573be950da180614<br/><b>SHA256:</b>d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp</p><h4 id="header17" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content17" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>bootstrap</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>bootstrap</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.3.4</td><td>High</td></tr></table></div><h4 id="header18" class="subsectionheader white">Identifiers</h4><div id="content18" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:javascript/bootstrap@3.3.4" target="_blank">pkg:javascript/bootstrap@3.3.4</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div><h4 id="header19" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content19" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14040">CVE-2018-14040</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="bootstrap.min.js" data-sha1="253711c6d825de55a8360552573be950da180614" data-pkgurl="pkg:javascript/bootstrap@3.3.4" data-type-to-suppress="cve" data-id-to-suppress="CVE-2018-14040">suppress</button></p><p><pre>In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/">https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/26423">https://github.com/twbs/bootstrap/issues/26423</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/26625">https://github.com/twbs/bootstrap/issues/26625</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/pull/26630">https://github.com/twbs/bootstrap/pull/26630</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2018/08/msg00027.html">[debian-lts-announce] 20180827 [SECURITY] [DLA 1479-1] twitter-bootstrap3 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E">[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1</a></li><li>info - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/20184">https://github.com/twbs/bootstrap/issues/20184</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*</li><li class="vs1">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14041">CVE-2018-14041</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="bootstrap.min.js" data-sha1="253711c6d825de55a8360552573be950da180614" data-pkgurl="pkg:javascript/bootstrap@3.3.4" data-type-to-suppress="cve" data-id-to-suppress="CVE-2018-14041">suppress</button></p><p><pre>In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/">https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/26423">https://github.com/twbs/bootstrap/issues/26423</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/26627">https://github.com/twbs/bootstrap/issues/26627</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/pull/26630">https://github.com/twbs/bootstrap/pull/26630</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E">[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:1456">RHSA-2019:1456</a></li><li>info - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/20184">https://github.com/twbs/bootstrap/issues/20184</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*</li><li class="vs2">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14042">CVE-2018-14042</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="bootstrap.min.js" data-sha1="253711c6d825de55a8360552573be950da180614" data-pkgurl="pkg:javascript/bootstrap@3.3.4" data-type-to-suppress="cve" data-id-to-suppress="CVE-2018-14042">suppress</button></p><p><pre>In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/">https://blog.getbootstrap.com/2018/07/12/bootstrap-4-1-2/</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/26423">https://github.com/twbs/bootstrap/issues/26423</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/26628">https://github.com/twbs/bootstrap/issues/26628</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/pull/26630">https://github.com/twbs/bootstrap/pull/26630</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E">[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1</a></li><li>info - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/20184">https://github.com/twbs/bootstrap/issues/20184</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*</li><li class="vs3">cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8331">CVE-2019-8331</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="bootstrap.min.js" data-sha1="253711c6d825de55a8360552573be950da180614" data-pkgurl="pkg:javascript/bootstrap@3.3.4" data-type-to-suppress="cve" data-id-to-suppress="CVE-2019-8331">suppress</button></p><p><pre>In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/107375">107375</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>CONFIRM - <a target="_blank" href="https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/">https://blog.getbootstrap.com/2019/02/13/bootstrap-4-3-1-and-3-4-1/</a></li><li>CONFIRM - <a target="_blank" href="https://support.f5.com/csp/article/K24383845">https://support.f5.com/csp/article/K24383845</a></li><li>CONFIRM - <a target="_blank" href="https://support.f5.com/csp/article/K24383845?utm_source=f5support&amp;amp;utm_medium=RSS">https://support.f5.com/csp/article/K24383845?utm_source=f5support&amp;amp;utm_medium=RSS</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/pull/28236">https://github.com/twbs/bootstrap/pull/28236</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/releases/tag/v3.4.1">https://github.com/twbs/bootstrap/releases/tag/v3.4.1</a></li><li>MISC - <a target="_blank" href="https://github.com/twbs/bootstrap/releases/tag/v4.3.1">https://github.com/twbs/bootstrap/releases/tag/v4.3.1</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E">[flink-dev] 20190811 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E">[flink-user] 20190811 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E">[flink-user] 20190813 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E">[flink-user] 20190813 Re: Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52e0e6b5df827ee7f1e68f7cc3babe61af3b2160f5d74a85469b7b0e@%3Cdev.superset.apache.org%3E">[superset-dev] 20190926 Re: [VOTE] Release Superset 0.34.1 based on Superset 0.34.1rc1</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:1456">RHSA-2019:1456</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3023">RHSA-2019:3023</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3024">RHSA-2019:3024</a></li><li>info - <a target="_blank" href="https://github.com/twbs/bootstrap/issues/28236">https://github.com/twbs/bootstrap/issues/28236</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs4">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (including) 13.1.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (including) 14.1.0</li><li class="vs4">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.1</li><li class="vs4">cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (including) 12.1.4</li><li class="vs4">cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.3.0; versions up to (excluding) 4.3.1</li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l10_a05f0a0feefa8d8467ac80e16e7de071489f0d9c"></a>bsh-2.0b4.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>BeanShell</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/beanshell/bsh/2.0b4/bsh-2.0b4.jar<br/><b>MD5:</b>&nbsp;a1c60aa83c9c9a6cb2391c1c1b85eb00<br/><b>SHA1:</b>&nbsp;a05f0a0feefa8d8467ac80e16e7de071489f0d9c<br/><b>SHA256:</b>91395c07885839a8c6986d5b7c577cd9bacf01bf129c89141f35e8ea858427b6<br/><b>Referenced In Project/Scope:</b>Struts 2 TestNG Plugin:compile</p><h4 id="header20" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content20" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>http://www.beanshell.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Pat Niemeyer (pat@pat.net)</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>bsh</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>beanshell</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.beanshell</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>beanshell</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>BeanShell</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>bsh</td><td>Low</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>beanshell_project</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.beanshell</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bsh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>BeanShell</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>BeanShell</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>beanshell</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>bsh</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>bsh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>beanshell</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>beanshell</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bsh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.beanshell</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0b4</td><td>Highest</td></tr></table></div><h4 id="header21" class="subsectionheader white">Identifiers</h4><div id="content21" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.beanshell/bsh@2.0b4" target="_blank">pkg:maven/org.beanshell/bsh@2.0b4</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Abeanshell&amp;cpe_product=cpe%3A%2F%3Abeanshell%3Abeanshell&amp;cpe_version=cpe%3A%2F%3Abeanshell%3Abeanshell%3A2.0.b4" target="_blank">cpe:2.3:a:beanshell:beanshell:2.0.b4:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="bsh-2.0b4.jar" data-sha1="a05f0a0feefa8d8467ac80e16e7de071489f0d9c" data-pkgurl="pkg:maven/org.beanshell/bsh@2.0b4" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:beanshell:beanshell">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l11_a47a971686474124562bdd4a7ccbd8ac8c3e8b11"></a>cglib-2.2.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Code generation library</pre></p><p><b>License:</b><pre class="indent">ASF 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/cglib/cglib/2.2.2/cglib-2.2.2.jar<br/><b>MD5:</b>&nbsp;b3f681be48fce094cf01a045f5bdca6f<br/><b>SHA1:</b>&nbsp;a47a971686474124562bdd4a7ccbd8ac8c3e8b11<br/><b>SHA256:</b>a93e4485d274277177480c4afe6ddd8355cda1cacfe356c134e25d65193935fd<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header22" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content22" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>cglib</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>cglib</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Code Generation Library</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sf</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://cglib.sourceforge.net/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>cglib</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>cglib</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>net</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>cglib</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>cglib</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>cglib</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>cglib</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Code Generation Library</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sf</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>cglib</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>cglib</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://cglib.sourceforge.net/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.2.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.2.2</td><td>Highest</td></tr></table></div><h4 id="header23" class="subsectionheader white">Identifiers</h4><div id="content23" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/cglib/cglib@2.2.2" target="_blank">pkg:maven/cglib/cglib@2.2.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l12_03d5f48f10bbe4eb7bd862f10c0583be2e0053c6"></a>classmate-1.3.4.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Library for introspecting types with full generic information
        including resolving of field and method types.
    </pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/classmate/1.3.4/classmate-1.3.4.jar<br/><b>MD5:</b>&nbsp;1e2e0fcc510753882683417e01895242<br/><b>SHA1:</b>&nbsp;03d5f48f10bbe4eb7bd862f10c0583be2e0053c6<br/><b>SHA256:</b>c2bfcc21467351d0f9a1558822b72dbac2b21f6b9f700a44fc6b345491ef3c88<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp:compile</p><h4 id="header24" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content24" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>ClassMate</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>fasterxml.com</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>fasterxml.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>classmate</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>types</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://github.com/FasterXML/java-classmate</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-date</td><td>2017-09-09 21:47:22+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>classmate</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>classmate</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>fasterxml.com</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://fasterxml.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://github.com/FasterXML/java-classmate</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>ClassMate</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>ClassMate</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>ClassMate</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>types</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>classmate</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://github.com/FasterXML/java-classmate</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-date</td><td>2017-09-09 21:47:22+0000</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://github.com/FasterXML/java-classmate</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>filter</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>classmate</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>ClassMate</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>classmate</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.classmate</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.3.4</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.3.4</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.3.4</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.3.4</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.3.4</td><td>Low</td></tr></table></div><h4 id="header25" class="subsectionheader white">Identifiers</h4><div id="content25" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml/classmate@1.3.4" target="_blank">pkg:maven/com.fasterxml/classmate@1.3.4</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l13_60c708f55deeb7c5dfce8a7886ef09cbc1388eca"></a>classworlds-1.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/classworlds/classworlds/1.1/classworlds-1.1.jar<br/><b>MD5:</b>&nbsp;c20629baa65f1f2948b37aa393b0310b<br/><b>SHA1:</b>&nbsp;60c708f55deeb7c5dfce8a7886ef09cbc1388eca<br/><b>SHA256:</b>4e3e0ad158ec60917e0de544c550f31cd65d5a97c3af1c1968bf427e4a9df2e4<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header26" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content26" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>classworlds</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://classworlds.codehaus.org/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>classworlds</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Codehaus</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://codehaus.org/</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>classworlds</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>classworlds</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Codehaus</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>The Codehaus</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>classworlds</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>classworlds</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>classworlds</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>classworlds</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://classworlds.codehaus.org/</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>classworlds</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>classworlds</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>classworlds</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://codehaus.org/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>classworlds</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>classworlds: Java(tm) ClassLoader Management F...</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>The Codehaus</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>org.codehaus.classworlds</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.1</td><td>Highest</td></tr></table></div><h4 id="header27" class="subsectionheader white">Identifiers</h4><div id="content27" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/classworlds/classworlds@1.1" target="_blank">pkg:maven/classworlds/classworlds@1.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l14_d52b9abcd97f38c81342bb7e7ae1eee9b73cba51"></a>commons-beanutils-1.9.4.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar<br/><b>MD5:</b>&nbsp;07dc532ee316fe1f2f0323e9bd2f8df4<br/><b>SHA1:</b>&nbsp;d52b9abcd97f38c81342bb7e7ae1eee9b73cba51<br/><b>SHA256:</b>7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header28" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content28" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://commons.apache.org/proper/commons-beanutils/</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.commons-beanutils</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>commons-beanutils</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build</td><td>UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://commons.apache.org/proper/commons-beanutils/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-beanutils</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://commons.apache.org/proper/commons-beanutils/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-beanutils</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons BeanUtils</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>beanutils</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons BeanUtils</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.commons-beanutils</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>commons-beanutils</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build</td><td>UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons BeanUtils</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons BeanUtils</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://commons.apache.org/proper/commons-beanutils/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-beanutils</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://commons.apache.org/proper/commons-beanutils/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-beanutils</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://commons.apache.org/proper/commons-beanutils/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons BeanUtils</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>beanutils</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.9.4</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.9.4</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.9.4</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.9.4</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.9.4</td><td>Highest</td></tr></table></div><h4 id="header29" class="subsectionheader white">Identifiers</h4><div id="content29" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-beanutils/commons-beanutils@1.9.4" target="_blank">pkg:maven/commons-beanutils/commons-beanutils@1.9.4</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Acommons_beanutils&amp;cpe_version=cpe%3A%2F%3Aapache%3Acommons_beanutils%3A1.9.4" target="_blank">cpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="commons-beanutils-1.9.4.jar" data-sha1="d52b9abcd97f38c81342bb7e7ae1eee9b73cba51" data-pkgurl="pkg:maven/commons-beanutils/commons-beanutils@1.9.4" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:commons_beanutils">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l15_8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5"></a>commons-collections-3.2.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Types that extend and augment the Java Collections Framework.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar<br/><b>MD5:</b>&nbsp;f54a8510f834a1a57166970bfc982e94<br/><b>SHA1:</b>&nbsp;8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5<br/><b>SHA256:</b>eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header30" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content30" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-collections</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.3))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/collections/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>commons-collections</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>collections</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build</td><td>tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/collections/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.collections</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-collections</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://commons.apache.org/collections/</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons Collections</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-collections</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Collections</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.3))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://commons.apache.org/collections/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-collections</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/collections/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons Collections</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>commons-collections</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>collections</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build</td><td>tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/collections/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.collections</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Collections</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons Collections</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.2.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.2.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.2.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.2.2</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.2.2</td><td>Low</td></tr></table></div><h4 id="header31" class="subsectionheader white">Identifiers</h4><div id="content31" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-collections/commons-collections@3.2.2" target="_blank">pkg:maven/commons-collections/commons-collections@3.2.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Acommons_collections&amp;cpe_version=cpe%3A%2F%3Aapache%3Acommons_collections%3A3.2.2" target="_blank">cpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="commons-collections-3.2.2.jar" data-sha1="8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5" data-pkgurl="pkg:maven/commons-collections/commons-collections@3.2.2" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:commons_collections">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l16_73a8001e7a54a255eef0f03521ec1805dc738ca0"></a>commons-digester-2.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
    The Digester package lets you configure an XML to Java object mapping module
    which triggers certain actions called rules whenever a particular 
    pattern of nested XML elements is recognized.
  </pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/commons-digester/commons-digester/2.1/commons-digester-2.1.jar<br/><b>MD5:</b>&nbsp;528445033f22da28f5047b6abcd1c7c9<br/><b>SHA1:</b>&nbsp;73a8001e7a54a255eef0f03521ec1805dc738ca0<br/><b>SHA256:</b>e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header32" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content32" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>rules</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.digester</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-digester</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>commons-digester</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/digester/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-digester</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>digester</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://commons.apache.org/digester/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Commons Digester</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Commons Digester</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-digester</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Commons Digester</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Commons Digester</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>rules</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.digester</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-digester</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://commons.apache.org/digester/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/digester/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>commons-digester</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>digester</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Commons Digester</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.1</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.1</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.1</td><td>High</td></tr></table></div><h4 id="header33" class="subsectionheader white">Identifiers</h4><div id="content33" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-digester/commons-digester@2.1" target="_blank">pkg:maven/commons-digester/commons-digester@2.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l17_c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79"></a>commons-digester3-3.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
    The Apache Commons Digester package lets you configure an XML to Java
    object mapping module which triggers certain actions called rules whenever
    a particular pattern of nested XML elements is recognized.
  </pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/commons/commons-digester3/3.2/commons-digester3-3.2.jar<br/><b>MD5:</b>&nbsp;41d2c62c7aedafa7a3627794abc83f71<br/><b>SHA1:</b>&nbsp;c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79<br/><b>SHA256:</b>1c150e3d2df4b4237b47e28fea2079fb0da324578d5cca6a5fed2e37a62082ec<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header34" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content34" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-digester3</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>rules</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>digester3</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.digester</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/digester/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons Digester</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build</td><td>tags/DIGESTER3_3_2_RC2@r1212807; 2011-12-10 15:57:06+0100</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>digester</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://commons.apache.org/digester/</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-digester3</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Digester</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons Digester</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-digester3</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>rules</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Digester</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>digester3</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.digester</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://commons.apache.org/digester/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/digester/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons Digester</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build</td><td>tags/DIGESTER3_3_2_RC2@r1212807; 2011-12-10 15:57:06+0100</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>digester</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-digester3</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.2</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.2</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.2</td><td>High</td></tr></table></div><h4 id="header35" class="subsectionheader white">Identifiers</h4><div id="content35" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-digester3@3.2" target="_blank">pkg:maven/org.apache.commons/commons-digester3@3.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l18_f95188e3d372e20e7328706c37ef366e5d7859b0"></a>commons-fileupload-1.4.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
    The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
    file upload functionality to servlets and web applications.
  </pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/commons-fileupload/commons-fileupload/1.4/commons-fileupload-1.4.jar<br/><b>MD5:</b>&nbsp;0c3b924dcaaa90c3fb93fe04ae96a35e<br/><b>SHA1:</b>&nbsp;f95188e3d372e20e7328706c37ef366e5d7859b0<br/><b>SHA256:</b>a4ec02336f49253ea50405698b79232b8c5cbf02cb60df3a674d77a749a1def7<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header36" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content36" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-fileupload/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fileupload</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-fileupload/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>commons-fileupload</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-fileupload</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/proper/commons-fileupload/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build</td><td>UNKNOWN@r047f31576411beee69cf75584ae76531cc9ac753; 2018-12-24 07:06:18+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons FileUpload</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-fileupload</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.commons-fileupload</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons FileUpload</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-fileupload/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fileupload</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons FileUpload</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons FileUpload</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>commons-fileupload</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-fileupload/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/proper/commons-fileupload/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-fileupload</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build</td><td>UNKNOWN@r047f31576411beee69cf75584ae76531cc9ac753; 2018-12-24 07:06:18+0000</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons FileUpload</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-fileupload</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.commons-fileupload</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.4</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.4</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.4</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.4</td><td>High</td></tr></table></div><h4 id="header37" class="subsectionheader white">Identifiers</h4><div id="content37" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-fileupload/commons-fileupload@1.4" target="_blank">pkg:maven/commons-fileupload/commons-fileupload@1.4</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Acommons_fileupload&amp;cpe_version=cpe%3A%2F%3Aapache%3Acommons_fileupload%3A1.4" target="_blank">cpe:2.3:a:apache:commons_fileupload:1.4:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="commons-fileupload-1.4.jar" data-sha1="f95188e3d372e20e7328706c37ef366e5d7859b0" data-pkgurl="pkg:maven/commons-fileupload/commons-fileupload@1.4" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:commons_fileupload">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l19_815893df5f31da2ece4040fe0a12fd44b577afaf"></a>commons-io-2.6.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
  </pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/commons-io/commons-io/2.6/commons-io-2.6.jar<br/><b>MD5:</b>&nbsp;467c2a1f64319c99b5faf03fc78572af<br/><b>SHA1:</b>&nbsp;815893df5f31da2ece4040fe0a12fd44b577afaf<br/><b>SHA256:</b>f877d304660ac2a142f3865badfc971dec7ed73c747c7f8d5d2f5139ca736513<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header38" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content38" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-io/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>commons-io</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-io/</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/proper/commons-io/</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-io</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons IO</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.commons.io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-io</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>commons-io</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons IO</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.io</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-io/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons IO</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>commons-io</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-io/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://commons.apache.org/proper/commons-io/</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-io</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons IO</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-io</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons IO</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.commons.io</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.6</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.6</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.6</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.6</td><td>High</td></tr></table></div><h4 id="header39" class="subsectionheader white">Identifiers</h4><div id="content39" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-io/commons-io@2.6" target="_blank">pkg:maven/commons-io/commons-io@2.6</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l20_32ae39163b0d71ad2487f71acf107a7ac2c67e5c"></a>commons-jci-fam-1.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        Commons JCI FileAlterationMonitor (FAM) to monitor local filesystems and get notified about changes.
    </pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/commons/commons-jci-fam/1.1/commons-jci-fam-1.1.jar<br/><b>MD5:</b>&nbsp;97f78ec23facfb57a63b8355fd90054f<br/><b>SHA1:</b>&nbsp;32ae39163b0d71ad2487f71acf107a7ac2c67e5c<br/><b>SHA256:</b>b16da511a42f7454c0d28ecb5464c1a84bc7a41339112220c601f4db4cfcc85b<br/><b>Referenced In Project/Scope:</b>Struts 2 Spring Plugin:compile</p><h4 id="header40" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content40" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-jci/commons-jci-fam</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-jci</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-jci-fam</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build</td><td>trunk@r1530563; 2013-10-09 16:22:35+0200</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.jci-fam</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jci</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-jci-fam</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons JCI FileAlterationMonitor</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-jci/commons-jci-fam</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons JCI FileAlterationMonitor</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-jci</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons JCI FileAlterationMonitor</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build</td><td>trunk@r1530563; 2013-10-09 16:22:35+0200</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.jci-fam</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jci</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-jci-fam</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-jci-fam</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons JCI FileAlterationMonitor</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons JCI FileAlterationMonitor</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.1</td><td>Highest</td></tr></table></div><h4 id="header41" class="subsectionheader white">Identifiers</h4><div id="content41" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-jci-fam@1.1" target="_blank">pkg:maven/org.apache.commons/commons-jci-fam@1.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l21_e155460aaf5b464062a09c3923f089ce99128a17"></a>commons-lang3-3.10.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  </pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/commons/commons-lang3/3.10/commons-lang3-3.10.jar<br/><b>MD5:</b>&nbsp;238dcae7363dd86b2e515a2a29e8b4d9<br/><b>SHA1:</b>&nbsp;e155460aaf5b464062a09c3923f089ce99128a17<br/><b>SHA256:</b>28968ae55fff465494083aeba856f8824c34902329882bf61e77246a91e25aa9<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header42" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content42" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.commons.lang3</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons Lang</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-lang3</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-lang3</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://commons.apache.org/proper/commons-lang/</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>lang3</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://commons.apache.org/proper/commons-lang/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.lang3</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.commons.lang3</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons Lang</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons Lang</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-lang3</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>lang3</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-lang3</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Lang</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://commons.apache.org/proper/commons-lang/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.lang3</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Lang</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://commons.apache.org/proper/commons-lang/</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.10</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.10</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.10</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.10</td><td>Low</td></tr></table></div><h4 id="header43" class="subsectionheader white">Identifiers</h4><div id="content43" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-lang3@3.10" target="_blank">pkg:maven/org.apache.commons/commons-lang3@3.10</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l22_4bfc12adfe4842bf07b657f0369c4cb522955686"></a>commons-logging-1.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar<br/><b>MD5:</b>&nbsp;040b4b4d8eac886f6b4a2a3bd2f31b00<br/><b>SHA1:</b>&nbsp;4bfc12adfe4842bf07b657f0369c4cb522955686<br/><b>SHA256:</b>daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header44" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content44" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-logging/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>commons-logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.logging</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-logging</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build</td><td>tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-logging</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons Logging</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-logging/</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Logging</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://commons.apache.org/proper/commons-logging/</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://commons.apache.org/proper/commons-logging/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons Logging</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>commons-logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.logging</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build</td><td>tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Logging</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-logging</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons Logging</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.2</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.2</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.2</td><td>High</td></tr></table></div><h4 id="header45" class="subsectionheader white">Identifiers</h4><div id="content45" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/commons-logging/commons-logging@1.2" target="_blank">pkg:maven/commons-logging/commons-logging@1.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l23_879a6bde4c0537a25504c72ec7a94ba4099f469c"></a>commons-text-1.8.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Commons Text is a library focused on algorithms working on strings.</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/commons/commons-text/1.8/commons-text-1.8.jar<br/><b>MD5:</b>&nbsp;f2243d67b348e7175f55902cdb7e54af<br/><b>SHA1:</b>&nbsp;879a6bde4c0537a25504c72ec7a94ba4099f469c<br/><b>SHA256:</b>6fe7ad4ad5349d6b77e7a0e1c9f6037108a1ee48c42e7e6eb4b18f56d324f7b2<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header46" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content46" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://commons.apache.org/proper/commons-text</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://commons.apache.org/proper/commons-text</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>text</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.commons</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>commons-text</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://commons.apache.org/proper/commons-text</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>commons-text</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.commons.text</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Commons Text</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.commons-text</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Commons Text</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://commons.apache.org/proper/commons-text</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Commons Text</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Commons Text</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>text</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.commons</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>commons-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>commons</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.commons</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>commons-text</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://commons.apache.org/proper/commons-text</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>commons-text</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.commons.text</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Commons Text</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://commons.apache.org/proper/commons-text</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.commons.commons-text</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.8</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.8</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.8</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.8</td><td>Highest</td></tr></table></div><h4 id="header47" class="subsectionheader white">Identifiers</h4><div id="content47" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.commons/commons-text@1.8" target="_blank">pkg:maven/org.apache.commons/commons-text@1.8</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l24_5584aa1028220f041ff7d89c48e9e8ffeaa05256"></a>domTT.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/org/apache/struts2/static/domTT.js<br/><b>MD5:</b>&nbsp;44ed51154c7fa928005f39bbbed7d01a<br/><b>SHA1:</b>&nbsp;5584aa1028220f041ff7d89c48e9e8ffeaa05256<br/><b>SHA256:</b>60c72fad5a9688fc6a143176d84814b9ea2c4c9c882b4799921b950c415b961e<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header48" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content48" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header49" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content49" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: domTT.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/org/apache/struts2/static/domTT.js</li><li>MD5:&nbsp;44ed51154c7fa928005f39bbbed7d01a</li><li>SHA1:&nbsp;5584aa1028220f041ff7d89c48e9e8ffeaa05256</li><li>SHA256:&nbsp;60c72fad5a9688fc6a143176d84814b9ea2c4c9c882b4799921b950c415b961e</li></ul></li></ul></div><h4 id="header50" class="subsectionheader white">Identifiers</h4><div id="content50" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l25_3b3fd5901f4304021074e6c12f3bebf870524ca8"></a>dwr-3.0.2-RELEASE.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
	DWR is easy Ajax for Java. It makes it simple to call Java code directly from Javascript.
	It gets rid of almost all the boiler plate code between the web browser and your Java code.
  </pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/directwebremoting/dwr/3.0.2-RELEASE/dwr-3.0.2-RELEASE.jar<br/><b>MD5:</b>&nbsp;1979e53a374c6c69ba3d85e63a528eed<br/><b>SHA1:</b>&nbsp;3b3fd5901f4304021074e6c12f3bebf870524ca8<br/><b>SHA256:</b>6d1604d83ae1be09bc88e812d17211eede300d819d4863ece42aa3fc933aa704<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header51" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content51" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>directwebremoting</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Direct Web Remoting</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.directwebremoting</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://directwebremoting.org/dwr/index.html</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>directwebremoting</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>browser</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>dwr</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>call</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>dwr</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>dwr</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>directwebremoting</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>directwebremoting</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Direct Web Remoting</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>dwr</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>browser</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://directwebremoting.org/dwr/index.html</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>dwr</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>call</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>dwr</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>directwebremoting</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.2-RELEASE</td><td>Highest</td></tr></table></div><h4 id="header52" class="subsectionheader white">Identifiers</h4><div id="content52" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.directwebremoting/dwr@3.0.2-RELEASE" target="_blank">pkg:maven/org.directwebremoting/dwr@3.0.2-RELEASE</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Adirectwebremoting&amp;cpe_product=cpe%3A%2F%3Adirectwebremoting%3Adirect_web_remoting&amp;cpe_version=cpe%3A%2F%3Adirectwebremoting%3Adirect_web_remoting%3A3.0.2" target="_blank">cpe:2.3:a:directwebremoting:direct_web_remoting:3.0.2:release:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:High)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="dwr-3.0.2-RELEASE.jar" data-sha1="3b3fd5901f4304021074e6c12f3bebf870524ca8" data-pkgurl="pkg:maven/org.directwebremoting/dwr@3.0.2-RELEASE" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:directwebremoting:direct_web_remoting">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l26_1a376c4c0d20b1ecbdbeaeba716ca8c08abe74b6"></a>dwr-3.0.2-RELEASE.jar: DWRActionUtil.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/directwebremoting/dwr/3.0.2-RELEASE/dwr-3.0.2-RELEASE.jar/org/directwebremoting/webwork/DWRActionUtil.js<br/><b>MD5:</b>&nbsp;aa24bc4053d338ca92b23d76161b9088<br/><b>SHA1:</b>&nbsp;1a376c4c0d20b1ecbdbeaeba716ca8c08abe74b6<br/><b>SHA256:</b>d0515b81fa1aca04e1a76ac9fc02c7a67d8e92a49a99f86118097e633355036c<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header53" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content53" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header54" class="subsectionheader white">Identifiers</h4><div id="content54" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l27_eaabe3b2ef0a2cd47e845bbf416c2297da9f40c1"></a>dwr-3.0.2-RELEASE.jar: dwr-bayeux.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/directwebremoting/dwr/3.0.2-RELEASE/dwr-3.0.2-RELEASE.jar/org/directwebremoting/dwr-bayeux.js<br/><b>MD5:</b>&nbsp;1d0218f8604405115d37b955561240aa<br/><b>SHA1:</b>&nbsp;eaabe3b2ef0a2cd47e845bbf416c2297da9f40c1<br/><b>SHA256:</b>4b39b2111b5f8c2c16f7b3b6438f22d42f88c7b643d4a106d7b06d1424121edc<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header55" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content55" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header56" class="subsectionheader white">Identifiers</h4><div id="content56" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l28_244eb828dcf0d621deb664b7f90963bc82a4fcfb"></a>dwr-3.0.2-RELEASE.jar: engine.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/directwebremoting/dwr/3.0.2-RELEASE/dwr-3.0.2-RELEASE.jar/org/directwebremoting/engine.js<br/><b>MD5:</b>&nbsp;880f6c8c33b796d048d932fa7b4f9e94<br/><b>SHA1:</b>&nbsp;244eb828dcf0d621deb664b7f90963bc82a4fcfb<br/><b>SHA256:</b>9f71097605e6cae7b47a784c4c33e7c6b179e077cc1d450f09ac3082c186f27f<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header57" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content57" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header58" class="subsectionheader white">Identifiers</h4><div id="content58" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l29_1c5a03a0b276cf94dc8dfd2ed884a2bdbe963abd"></a>dwr-3.0.2-RELEASE.jar: util.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/directwebremoting/dwr/3.0.2-RELEASE/dwr-3.0.2-RELEASE.jar/org/directwebremoting/ui/servlet/util.js<br/><b>MD5:</b>&nbsp;2ed867dc9aafda518ac0302e88c33ab9<br/><b>SHA1:</b>&nbsp;1c5a03a0b276cf94dc8dfd2ed884a2bdbe963abd<br/><b>SHA256:</b>e4888d93d1712843369add2382ef4aee36bff6e34edf0bf1609e64ddfc51dacb<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header59" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content59" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header60" class="subsectionheader white">Identifiers</h4><div id="content60" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l30_86d70d335c7821178f62b554aa3a4bc538a94f1a"></a>freemarker-2.3.30.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
    FreeMarker is a &quot;template engine&quot;; a generic tool to generate text output based on templates.
  </pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/freemarker/freemarker/2.3.30/freemarker-2.3.30.jar<br/><b>MD5:</b>&nbsp;e702848d716f17cd39fabfe2415e104e<br/><b>SHA1:</b>&nbsp;86d70d335c7821178f62b554aa3a4bc538a94f1a<br/><b>SHA256:</b>6586433d90957c0b05a32bce07c71e8cebcea6afbea2e043bfe0c576c4d94338<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header61" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content61" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>freemarker.org</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>template</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.freemarker</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://freemarker.apache.org/</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8, JavaSE-1.7, JavaSE-1.6, J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache FreeMarker</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>freemarker</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>freemarker</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>FreeMarker</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>apache</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>dstamp</td><td>20200216</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>freemarker</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>today</td><td>February 16 2020</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://apache.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>tstamp</td><td>1915</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>freemarker</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.freemarker.freemarker</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>freemarker.org</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>template</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.8, JavaSE-1.7, JavaSE-1.6, J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache FreeMarker</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>freemarker</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>freemarker</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>freemarker</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>org.freemarker.freemarker</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://freemarker.apache.org/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>FreeMarker</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://apache.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>dstamp</td><td>20200216</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Apache Software Foundation</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>today</td><td>February 16 2020</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>FreeMarker</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>tstamp</td><td>1915</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>freemarker</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.freemarker.freemarker</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>FreeMarker</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>apache</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.3.30</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.3.30</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.3.30</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.3.30</td><td>Low</td></tr></table></div><h4 id="header62" class="subsectionheader white">Identifiers</h4><div id="content62" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.freemarker/freemarker@2.3.30" target="_blank">pkg:maven/org.freemarker/freemarker@2.3.30</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l31_9ffe71ac6dcab6bc03ea13f5c2e7b2804e69b357"></a>google-collections-1.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Google Collections Library is a suite of new collections and collection-related goodness for Java 5.0</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/google/collections/google-collections/1.0/google-collections-1.0.jar<br/><b>MD5:</b>&nbsp;7c882c8d734e50112000e4a88e06c535<br/><b>SHA1:</b>&nbsp;9ffe71ac6dcab6bc03ea13f5c2e7b2804e69b357<br/><b>SHA256:</b>81b8d638af0083c4b877099d56aa0fee714485cd2ace1b6a09cab867cadb375d<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 GXP Plugin:compile</li></ul></p><h4 id="header63" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content63" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Google Collections Library</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>google</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.google</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>google-collections</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.google.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>google.collections</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>common</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://code.google.com/p/google-collections/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.google.collections</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>collect</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>google-collections</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Google</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Google Collections Library</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Google</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.google</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://code.google.com/p/google-collections/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>google.collections</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>common</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>google</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>google-collections</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>collect</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>google-collections</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.google.com</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.0</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.0</td><td>Low</td></tr></table></div><h4 id="header64" class="subsectionheader white">Identifiers</h4><div id="content64" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.collections/google-collections@1.0" target="_blank">pkg:maven/com.google.collections/google-collections@1.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l32_b80c7c780973ffd5eac63de301eb6a05035aeb46"></a>google-gxp-0.2.4-beta.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Google XML Pages (GXP) is a templating system used to generate XML/SGML markup (most often HTML).</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/google/gxp/google-gxp/0.2.4-beta/google-gxp-0.2.4-beta.jar<br/><b>MD5:</b>&nbsp;9ccdb925731dab69eec49b1881a0794a<br/><b>SHA1:</b>&nbsp;b80c7c780973ffd5eac63de301eb6a05035aeb46<br/><b>SHA256:</b>ba6be4e0203e8e303569f1dfaf4624b90f7cecbe44c1bb391cc94f3365b4ec33<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 GXP Plugin:compile</li></ul></p><h4 id="header65" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content65" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>google.gxp</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.google.gxp</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>google</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>gxp</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.google</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>google-gxp</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>html</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://code.google.com/p/gxp/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>com</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>gxp</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Google XML Pages (GXP)</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>google-gxp</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>google.gxp</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>google-gxp</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://code.google.com/p/gxp/</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>gxp</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.google</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>html</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>com</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>gxp</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>google</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Google XML Pages (GXP)</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>google-gxp</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>0.2.4-beta</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>0.2.4-beta</td><td>Low</td></tr></table></div><h4 id="header66" class="subsectionheader white">Identifiers</h4><div id="content66" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.gxp/google-gxp@0.2.4-beta" target="_blank">pkg:maven/com.google.gxp/google-gxp@0.2.4-beta</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l33_6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9"></a>guava-19.0.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  </pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/google/guava/guava/19.0/guava-19.0.jar<br/><b>MD5:</b>&nbsp;43bfc49bdc7324f6daaa60c1ee9f3972<br/><b>SHA1:</b>&nbsp;6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9<br/><b>SHA256:</b>58d4cc2e05ebb012bbac568b032f75623be1cb6fb096f3c60c72a86f7f057de4<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header67" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content67" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>guava</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://guava-libraries.googlecode.com/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>guava-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.guava</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.google.guava</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Guava: Google Core Libraries for Java</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>guava</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.google.guava</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>google.guava</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>guava-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Guava: Google Core Libraries for Java</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>guava</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://guava-libraries.googlecode.com/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.guava</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.google.guava</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Guava: Google Core Libraries for Java</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>guava</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>google.guava</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>19.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>19.0</td><td>Highest</td></tr></table></div><h4 id="header68" class="subsectionheader white">Identifiers</h4><div id="content68" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.guava/guava@19.0" target="_blank">pkg:maven/com.google.guava/guava@19.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Agoogle&amp;cpe_product=cpe%3A%2F%3Agoogle%3Aguava&amp;cpe_version=cpe%3A%2F%3Agoogle%3Aguava%3A19.0" target="_blank">cpe:2.3:a:google:guava:19.0:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="guava-19.0.jar" data-sha1="6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9" data-pkgurl="pkg:maven/com.google.guava/guava@19.0" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:google:guava">suppress</button></li></ul></div><h4 id="header69" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content69" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10237">CVE-2018-10237</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="guava-19.0.jar" data-sha1="6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9" data-pkgurl="pkg:maven/com.google.guava/guava@19.0" data-type-to-suppress="cve" data-id-to-suppress="CVE-2018-10237">suppress</button></p><p><pre>Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.</pre>CWE-502 Deserialization of Untrusted Data<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (5.9)</li><li>Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H</li></ul><br/>References:<ul><li>CONFIRM - <a target="_blank" href="https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion">https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/3d5dbdd92ac9ceaef90e40f78599f9109f2f345252e0ac9d98e7e084@%3Cgitbox.activemq.apache.org%3E">[activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/3ddd79c801edd99c0978e83dbe2168ebd36fd42acfa5dac38fb03dd6@%3Cissues.activemq.apache.org%3E">[activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/053d9ce4d579b02203db18545fee5e33f35f2932885459b74d1e4272@%3Cissues.activemq.apache.org%3E">[activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/33c6bccfeb7adf644d4d79894ca8f09370be6ed4b20632c2e228d085@%3Ccommits.cassandra.apache.org%3E">[cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/r27eb79a87a760335226dbfa6a7b7bffea539a535f8e80c41e482106d@%3Cdev.cxf.apache.org%3E">[cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/r95799427b335807a4c54776908125c3e66597b65845ae50096d9278a@%3Cdev.cxf.apache.org%3E">[cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/rc78f6e84f82cc662860e96526d8ab969f34dbe12dc560e22d9d147a3@%3Cdev.cxf.apache.org%3E">[cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/19fa48533bc7ea1accf6b12746a74ed888ae6e49a5cf81ae4f807495@%3Ccommon-dev.hadoop.apache.org%3E">[hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/cc48fe770c45a74dc3b37ed0817393e0c96701fc49bc431ed922f3cc@%3Chdfs-dev.hadoop.apache.org%3E">[hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ra0adb9653c7de9539b93cc8434143b655f753b9f60580ff260becb2b@%3Cusers.kafka.apache.org%3E">[kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1</a></li><li>N/A - <a target="_blank" href="https://www.oracle.com/security-alerts/cpuapr2020.html">N/A</a></li><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vuln/24585a7f-eb6b-4d8d-a2a9-a6f16cc7c1d0">[CVE-2018-10237]  Deserialization of Untrusted Data</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2423">RHSA-2018:2423</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2424">RHSA-2018:2424</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2425">RHSA-2018:2425</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2428">RHSA-2018:2428</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2598">RHSA-2018:2598</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2643">RHSA-2018:2643</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2740">RHSA-2018:2740</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2741">RHSA-2018:2741</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2742">RHSA-2018:2742</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2743">RHSA-2018:2743</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:2927">RHSA-2018:2927</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:2858">RHSA-2019:2858</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3149">RHSA-2019:3149</a></li><li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1041707">1041707</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs5">show all</a>)<ul><li class="vs5"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Aguava">cpe:2.3:a:google:guava:*:*:*:*:*:*:*:* versions from (including) 11.0; versions up to (excluding) 24.1.1</a></li><li class="vs5">...</li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Agoogle%3Aguava">cpe:2.3:a:google:guava:*:*:*:*:*:*:*:* versions from (including) 11.0; versions up to (excluding) 24.1.1</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A6.0.0">cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A6.4.0">cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Ajboss_enterprise_application_platform%3A7.1.0">cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Aopenstack%3A13.0">cpe:2.3:a:redhat:openstack:13.0:*:*:*:*:*:*:*</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Asatellite%3A6.4">cpe:2.3:a:redhat:satellite:6.4:*:*:*:*:*:*:*</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Avirtualization%3A4.2">cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*</a></li><li class="vs5 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aredhat%3Avirtualization_host%3A4.0">cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l34_faf9ee8ac09eafd1128091426dd367a8c0085d55"></a>guice-4.1.0-no_aop.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Guice is a lightweight dependency injection framework for Java 6 and above</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/google/inject/guice/4.1.0/guice-4.1.0-no_aop.jar<br/><b>MD5:</b>&nbsp;8cf17838fd9407bc2c8c39ddf027008f<br/><b>SHA1:</b>&nbsp;faf9ee8ac09eafd1128091426dd367a8c0085d55<br/><b>SHA256:</b>9264c6931c431e928dc64adc842584d5f57d17b2f3aff29221f2b3fdea673dad<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header70" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content70" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>internal</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/google/guice</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>eclipse-extensibleapi</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-copyright</td><td>Copyright (C) 2006 Google Inc.</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>guice</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>inject</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.inject</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.google.inject</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>inject</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>internal</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/google/guice</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>eclipse-extensibleapi</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-copyright</td><td>Copyright (C) 2006 Google Inc.</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>guice</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>guice</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>inject</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.google.inject</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>inject</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>dependency</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>guice</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>JavaSE-1.6</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>google</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>guice (no_aop)</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.1.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.1.0</td><td>Highest</td></tr></table></div><h4 id="header71" class="subsectionheader white">Identifiers</h4><div id="content71" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.google.inject/guice@4.1.0" target="_blank">pkg:maven/com.google.inject/guice@4.1.0</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l35_42a25dc3219429f0e5d060061f71acb49bf010a0"></a>hamcrest-core-1.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
    This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.
  </pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar<br/><b>MD5:</b>&nbsp;6393363b47ddcbba82321110c3e07519<br/><b>SHA1:</b>&nbsp;42a25dc3219429f0e5d060061f71acb49bf010a0<br/><b>SHA256:</b>66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header72" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content72" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>hamcrest</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.hamcrest</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.hamcrest</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>hamcrest.org</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>hamcrest-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>built-date</td><td>2012-07-09 19:49:34</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>hamcrest</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>hamcrest-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>matcher</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Hamcrest Core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hamcrest-core</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>hamcrest-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>built-date</td><td>2012-07-09 19:49:34</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>hamcrest</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>hamcrest-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>hamcrest-core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>hamcrest</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>hamcrest-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.hamcrest</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>matcher</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Hamcrest Core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.3</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.3</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.3</td><td>High</td></tr></table></div><h4 id="header73" class="subsectionheader white">Identifiers</h4><div id="content73" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hamcrest/hamcrest-core@1.3" target="_blank">pkg:maven/org.hamcrest/hamcrest-core@1.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l36_7710ee9f1aa2210d401947d1298c8bdcbeff2f1e"></a>hibernate-validator-6.1.2.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Hibernate's Jakarta Bean Validation reference implementation.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/hibernate/validator/hibernate-validator/6.1.2.Final/hibernate-validator-6.1.2.Final.jar<br/><b>MD5:</b>&nbsp;a9ae13cc5273d0149573f9879d9555a4<br/><b>SHA1:</b>&nbsp;7710ee9f1aa2210d401947d1298c8bdcbeff2f1e<br/><b>SHA256:</b>bafec3d83fa838d2b54fc0c9e54818218320175e6a3b48b0bf5169c4634ad222<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp:compile</p><h4 id="header74" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content74" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>hibernate.validator</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Hibernate Validator Engine</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>hibernate-validator</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validator</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>hibernate-validator</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.hibernate.validator</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>hibernate-validator-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>org.hibernate.validator</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>engine</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://hibernate.org/validator/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>hibernate.validator</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Hibernate Validator Engine</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>hibernate-validator</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>hibernate-validator</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validator</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Hibernate Validator Engine</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>hibernate</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jakarta Bean Validation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>hibernate-validator-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.hibernate.validator</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>hibernate-validator</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>engine</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://hibernate.org/validator/</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.1.2.Final</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>6.1.2.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.1.2.Final</td><td>Highest</td></tr></table></div><h4 id="header75" class="subsectionheader white">Identifiers</h4><div id="content75" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final" target="_blank">pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Ahibernate&amp;cpe_product=cpe%3A%2F%3Ahibernate%3Ahibernate-validator&amp;cpe_version=cpe%3A%2F%3Ahibernate%3Ahibernate-validator%3A6.1.2" target="_blank">cpe:2.3:a:hibernate:hibernate-validator:6.1.2:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="hibernate-validator-6.1.2.Final.jar" data-sha1="7710ee9f1aa2210d401947d1298c8bdcbeff2f1e" data-pkgurl="pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:hibernate:hibernate-validator">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aredhat&amp;cpe_product=cpe%3A%2F%3Aredhat%3Ahibernate_validator&amp;cpe_version=cpe%3A%2F%3Aredhat%3Ahibernate_validator%3A6.1.2" target="_blank">cpe:2.3:a:redhat:hibernate_validator:6.1.2:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="hibernate-validator-6.1.2.Final.jar" data-sha1="7710ee9f1aa2210d401947d1298c8bdcbeff2f1e" data-pkgurl="pkg:maven/org.hibernate.validator/hibernate-validator@6.1.2.Final" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:redhat:hibernate_validator">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l37_94316238b9eb45a97e2547fa66881cca27a5b6ee"></a>inputtransferselect.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/org/apache/struts2/static/inputtransferselect.js<br/><b>MD5:</b>&nbsp;2955e039eab5ef8216705c05d239f378<br/><b>SHA1:</b>&nbsp;94316238b9eb45a97e2547fa66881cca27a5b6ee<br/><b>SHA256:</b>e5ef24f60cfb27a88880ee89ba6eb4664bbebe0c32d3dc1ce385cbe6d8b01194<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header76" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content76" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header77" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content77" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: inputtransferselect.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/org/apache/struts2/static/inputtransferselect.js</li><li>MD5:&nbsp;2955e039eab5ef8216705c05d239f378</li><li>SHA1:&nbsp;94316238b9eb45a97e2547fa66881cca27a5b6ee</li><li>SHA256:&nbsp;e5ef24f60cfb27a88880ee89ba6eb4664bbebe0c32d3dc1ce385cbe6d8b01194</li></ul></li></ul></div><h4 id="header78" class="subsectionheader white">Identifiers</h4><div id="content78" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l38_f7ee7b55c7d292ac72fbaa7648c089f069c938d2"></a>jackson-core-2.10.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Core Jackson processing abstractions (aka Streaming API), implementation for JSON</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.10.3/jackson-core-2.10.3.jar<br/><b>MD5:</b>&nbsp;8f84e33a1c06b8fd16b4166b9fc8331b<br/><b>SHA1:</b>&nbsp;f7ee7b55c7d292ac72fbaa7648c089f069c938d2<br/><b>SHA256:</b>fb185f7e6ecba1e2b4803788d278faa023312ca6d3109b2fa146d9e0435a9494<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header79" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content79" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-date</td><td>2020-03-03 03:11:48+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jackson-core</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jackson-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>json</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>FasterXML/jackson-core</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jackson-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>base</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-core</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-date</td><td>2020-03-03 03:11:48+0000</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/jackson-core</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jackson-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>json</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Jackson-core</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>filter</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Jackson-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jackson-core</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jackson-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>FasterXML/jackson-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>base</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-core</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jackson-core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.10.3</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.10.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.10.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.10.3</td><td>High</td></tr></table></div><h4 id="header80" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content80" class="subsectioncontent standardsubsection hidden"><ul><li>jackson-module-jaxb-annotations-2.10.3.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/module/jackson-module-jaxb-annotations/2.10.3/jackson-module-jaxb-annotations-2.10.3.jar</li><li>MD5:&nbsp;3587745da045c2a3e8f83dfd403717e9</li><li>SHA1:&nbsp;bd367b54bd7f8997a2d81c21791bf69c6ba65af0</li><li>SHA256:&nbsp;8099caad4ae189525ef94d337d72d3e888abefabbbacbc9f3d2f096d534f2fb5</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.module/jackson-module-jaxb-annotations@2.10.3</a></li></ul></li><li>jackson-annotations-2.10.3.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.10.3/jackson-annotations-2.10.3.jar</li><li>MD5:&nbsp;20368d1f52e031381a510cd1ce6ea2b7</li><li>SHA1:&nbsp;0f63b3b1da563767d04d2e4d3fc1ae0cdeffebe7</li><li>SHA256:&nbsp;49dfdc4cfa46d165ecfed630ba164b6641d59d5fe1aa698a19c13f966d3f13cf</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.10.3</a></li></ul></li></ul></div><h4 id="header81" class="subsectionheader white">Identifiers</h4><div id="content81" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson%3A2.10.3" target="_blank">cpe:2.3:a:fasterxml:jackson:2.10.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jackson-core-2.10.3.jar" data-sha1="f7ee7b55c7d292ac72fbaa7648c089f069c938d2" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-core@2.10.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:fasterxml:jackson">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l39_aae92628b5447fa25af79871ca98668da6edd439"></a>jackson-databind-2.10.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>General data-binding functionality for Jackson: works on core streaming API</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.10.3/jackson-databind-2.10.3.jar<br/><b>MD5:</b>&nbsp;f96c78787ea2830e8dfd3a5a66c4f664<br/><b>SHA1:</b>&nbsp;aae92628b5447fa25af79871ca98668da6edd439<br/><b>SHA256:</b>50eec40443f387be50a409186165298aaadbb6c4d4826d319720e245714600d2<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header82" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content82" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-date</td><td>2020-03-03 03:15:23+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>databind</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://github.com/FasterXML/jackson</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jackson-databind</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.jackson.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-databind</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://github.com/FasterXML/jackson</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jackson-base</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>jackson-databind</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-date</td><td>2020-03-03 03:15:23+0000</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>databind</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>jackson-databind</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>jackson-databind</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>fasterxml.jackson.core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://github.com/FasterXML/jackson</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml.jackson</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://github.com/FasterXML/jackson</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>fasterxml</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jackson-databind</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.jackson.core.jackson-databind</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jackson</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jackson-databind</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.10.3</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.10.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.10.3</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.10.3</td><td>High</td></tr></table></div><h4 id="header83" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content83" class="subsectioncontent standardsubsection hidden"><ul><li>jackson-dataformat-xml-2.10.3.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-xml/2.10.3/jackson-dataformat-xml-2.10.3.jar</li><li>MD5:&nbsp;151281ff95b09106b0de386854024fa0</li><li>SHA1:&nbsp;b14aea1d89219bebcdc2d259bcafcb42e12d59aa</li><li>SHA256:&nbsp;fa6fdd1d1457134b462910f6f3a4037fd5ba6ea1363ad28b78089c98bb8e4229</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.dataformat/jackson-dataformat-xml@2.10.3</a></li></ul></li></ul></div><h4 id="header84" class="subsectionheader white">Identifiers</h4><div id="content84" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3" target="_blank">pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson%3A2.10.3" target="_blank">cpe:2.3:a:fasterxml:jackson:2.10.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jackson-databind-2.10.3.jar" data-sha1="aae92628b5447fa25af79871ca98668da6edd439" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:fasterxml:jackson">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Afasterxml&amp;cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson-databind&amp;cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson-databind%3A2.10.3" target="_blank">cpe:2.3:a:fasterxml:jackson-databind:2.10.3:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="jackson-databind-2.10.3.jar" data-sha1="aae92628b5447fa25af79871ca98668da6edd439" data-pkgurl="pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.10.3" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:fasterxml:jackson-databind">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l40_562a587face36ec7eff2db7f2fc95425c6602bc1"></a>jakarta.activation-api-1.2.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JavaBeans Activation Framework API jar</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/jakarta/activation/jakarta.activation-api/1.2.1/jakarta.activation-api-1.2.1.jar<br/><b>MD5:</b>&nbsp;9b647398add993324d3d9e5effa6005a<br/><b>SHA1:</b>&nbsp;562a587face36ec7eff2db7f2fc95425c6602bc1<br/><b>SHA256:</b>8b0a0f52fa8b05c5431921a063ed866efaa41dadf2e3a7ee3e1961f2b0d9645b<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li></ul></p><h4 id="header85" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content85" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>activation</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.activation-api</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.activation</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Eclipse Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.sun</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.activation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JavaBeans Activation Framework API jar</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.activation-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>jakarta.activation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.activation-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.sun.activation</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Eclipse Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>all</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>activation</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.activation-api</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.activation</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>jakarta.activation.jakarta.activation-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JavaBeans Activation Framework API jar</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.activation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JavaBeans Activation Framework API jar</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.activation-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>jakarta.activation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.sun.activation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>all</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>jakarta.activation.jakarta.activation-api</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.activation-api</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.2.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.2.1</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.2.1</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.2.1</td><td>High</td></tr></table></div><h4 id="header86" class="subsectionheader white">Identifiers</h4><div id="content86" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.activation/jakarta.activation-api@1.2.1" target="_blank">pkg:maven/jakarta.activation/jakarta.activation-api@1.2.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l41_5eacc6522521f7eacb081f95cee1e231648461e7"></a>jakarta.validation-api-2.0.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        Jakarta Bean Validation API
    </pre></p><p><b>License:</b><pre class="indent">Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/jakarta/validation/jakarta.validation-api/2.0.2/jakarta.validation-api-2.0.2.jar<br/><b>MD5:</b>&nbsp;77501d529c1928c9bac2500cc9f93fb0<br/><b>SHA1:</b>&nbsp;5eacc6522521f7eacb081f95cee1e231648461e7<br/><b>SHA256:</b>b42d42428f3d922c892a909fa043287d577c0c5b165ad9b7d568cebf87fc9ea4<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp:compile</p><h4 id="header87" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content87" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://beanvalidation.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>java.validation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.validation-api</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.validation-api</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.validation.jakarta.validation-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Jakarta Bean Validation API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.eclipse.ee4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>project</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>java.validation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.validation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://beanvalidation.org</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.validation-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.validation.jakarta.validation-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Jakarta Bean Validation API</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.validation-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Jakarta Bean Validation API</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.2</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>2.0.2</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.2</td><td>High</td></tr></table></div><h4 id="header88" class="subsectionheader white">Identifiers</h4><div id="content88" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2" target="_blank">pkg:maven/jakarta.validation/jakarta.validation-api@2.0.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l42_8d49996a4338670764d7ca4b85a1c4ccf7fe665d"></a>jakarta.xml.bind-api-2.3.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JAXB (JSR 222) API</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.eclipse.org/org/documents/edl-v10.php">http://www.eclipse.org/org/documents/edl-v10.php</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/2.3.2/jakarta.xml.bind-api-2.3.2.jar<br/><b>MD5:</b>&nbsp;dabb40ba58199304c640b7bd8bb2fbac<br/><b>SHA1:</b>&nbsp;8d49996a4338670764d7ca4b85a1c4ccf7fe665d<br/><b>SHA256:</b>69156304079bdeed9fc0ae3b39389f19b3cc4ba4443bc80508995394ead742ea<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li></ul></p><h4 id="header89" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content89" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jakarta.xml.bind-api</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jakarta.xml.bind-api-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>jakarta.xml.bind</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-id</td><td>UNKNOWN-18b5002, 2018-12-27T15:29:49+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.xml.bind-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bind</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jakarta.xml.bind-api</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jakarta.xml.bind</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jakarta.xml.bind-api</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jakarta.xml.bind-api</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jaxb</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jakarta.xml.bind-api-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>jakarta.xml.bind-api</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.eclipse.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>jakarta.xml.bind</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-id</td><td>UNKNOWN-18b5002, 2018-12-27T15:29:49+0000</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jakarta.xml.bind-api</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bind</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jakarta.xml.bind</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.3.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.3.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.3.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.3.2</td><td>Highest</td></tr></table></div><h4 id="header90" class="subsectionheader white">Identifiers</h4><div id="content90" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@2.3.2" target="_blank">pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@2.3.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l43_921b466d6a14a8edbe25923c973fd767fc71c045"></a>javassist-3.24.1-GA.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
  	Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
    simple.  It is a class library for editing bytecodes in Java.
  </pre></p><p><b>License:</b><pre class="indent">MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: http://www.apache.org/licenses/</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/javassist/javassist/3.24.1-GA/javassist-3.24.1-GA.jar<br/><b>MD5:</b>&nbsp;527cebd64b0f941d5058bae3d1726d06<br/><b>SHA1:</b>&nbsp;921b466d6a14a8edbe25923c973fd767fc71c045<br/><b>SHA256:</b>5d57ea5b0ec8cb46143dfe521f888b208028be126f274cc4f852e641755f1553<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header91" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content91" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>javassist</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>javassist</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Shigeru Chiba, www.javassist.org</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>javassist</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Javassist</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.javassist</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.javassist.org/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bytecode</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Shigeru Chiba, www.javassist.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>javassist</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>javassist</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>javassist</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>javassist</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Shigeru Chiba, www.javassist.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.7))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>javassist</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Javassist</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Javassist</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.javassist.org/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Javassist</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bytecode</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>javassist</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>javassist</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>specification-version</td><td>3.24.1-GA</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.24.1-GA</td><td>Highest</td></tr></table></div><h4 id="header92" class="subsectionheader white">Identifiers</h4><div id="content92" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.javassist/javassist@3.24.1-GA" target="_blank">pkg:maven/org.javassist/javassist@3.24.1-GA</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l44_cca8438407af01056d83830ba7392efc18544347"></a>javax.el-3.0.1-b11.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Expression Language 3.0 API and Implementation</pre></p><p><b>License:</b><pre class="indent">CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/glassfish/javax.el/3.0.1-b11/javax.el-3.0.1-b11.jar<br/><b>MD5:</b>&nbsp;e854ef1c5ef4cd1c11a8b230040372f2<br/><b>SHA1:</b>&nbsp;cca8438407af01056d83830ba7392efc18544347<br/><b>SHA256:</b>2e95f03b75d2bb9fccf58dc1d28dd3b11d384fdc75a4654f64a2e27492acc2bc<br/><b>Referenced In Project/Scope:</b>Struts 2 Tiles Plugin:compile</p><h4 id="header93" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content93" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Expression Language 3.0</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>javax.el</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sun</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Oracle Corporation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>net.java</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>expression</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.glassfish</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>javax.el</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar (hint)</td><td>package name</td><td>oracle</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>GlassFish Community</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>javax.el</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.sun.el.javax.el</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://glassfish.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>glassfish</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://glassfish.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>el</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Oracle Corporation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://uel.java.net</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Expression Language 3.0</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Expression Language 3.0</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://uel.java.net</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sun</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>net.java</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>GlassFish Community</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>expression</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>javax.el</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://glassfish.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>javax.el</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>javax.el</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.sun.el.javax.el</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://glassfish.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>glassfish</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>el</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.0.1-b11</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.1-b11</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.1-b11</td><td>High</td></tr></table></div><h4 id="header94" class="subsectionheader white">Identifiers</h4><div id="content94" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.glassfish/javax.el@3.0.1-b11" target="_blank">pkg:maven/org.glassfish/javax.el@3.0.1-b11</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l45_6975da39a7040257bd51d21a231b76c915872d38"></a>javax.inject-1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The javax.inject API</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar<br/><b>MD5:</b>&nbsp;289075e48b909e9e74e6c915b3631d2e<br/><b>SHA1:</b>&nbsp;6975da39a7040257bd51d21a231b76c915872d38<br/><b>SHA256:</b>91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header95" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content95" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://code.google.com/p/atinject/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>inject</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>javax.inject</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>javax</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>javax.inject</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>javax.inject</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>javax.inject-1</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>inject</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>javax.inject</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>inject</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>javax.inject</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://code.google.com/p/atinject/</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>javax.inject-1</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>javax.inject</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>inject</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1</td><td>Medium</td></tr></table></div><h4 id="header96" class="subsectionheader white">Identifiers</h4><div id="content96" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/javax.inject/javax.inject@1" target="_blank">pkg:maven/javax.inject/javax.inject@1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l46_3789d00e859632e6c6206adc0c71625559e6e3b0"></a>jboss-logging-3.3.2.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The JBoss Logging Framework</pre></p><p><b>License:</b><pre class="indent">Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/jboss/logging/jboss-logging/3.3.2.Final/jboss-logging-3.3.2.Final.jar<br/><b>MD5:</b>&nbsp;c397132f958d7e8ac0d566b6723ca7ca<br/><b>SHA1:</b>&nbsp;3789d00e859632e6c6206adc0c71625559e6e3b0<br/><b>SHA256:</b>cb914bfe888da7d9162e965ac8b0d6f28f2f32eca944a00fbbf6dd3cf1aacc13<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp:compile</p><h4 id="header97" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content97" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>build-timestamp</td><td>Wed, 14 Feb 2018 13:23:27 -0800</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JBoss Logging 3</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.jboss.logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>os-arch</td><td>amd64</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>java-vendor</td><td>Sun Microsystems Inc.</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>JBoss by Red Hat</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>jboss.logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.jboss.logging.jboss-logging</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.jboss</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>redhat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jboss</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jboss-logging</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>JBoss by Red Hat</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.jboss.logging</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jboss-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.jboss.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>os-name</td><td>Linux</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.jboss.logging</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jboss-logging</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.jboss.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-timestamp</td><td>Wed, 14 Feb 2018 13:23:27 -0800</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JBoss Logging 3</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>os-arch</td><td>amd64</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>JBoss Logging 3</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jboss-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>JBoss Logging 3</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>jboss.logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.jboss.logging.jboss-logging</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.jboss</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jboss</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jboss-logging</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jboss-logging</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://www.jboss.org</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.jboss.logging</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>os-name</td><td>Linux</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JBoss Logging 3</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.3.2.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>3.3.2.Final</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.3.2.Final</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.3.2.Final</td><td>High</td></tr></table></div><h4 id="header98" class="subsectionheader white">Identifiers</h4><div id="content98" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.jboss.logging/jboss-logging@3.3.2.Final" target="_blank">pkg:maven/org.jboss.logging/jboss-logging@3.3.2.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l47_ab1648fe1dd6f1e5c2ec6d12f394672bb8c1036a"></a>jcl-over-slf4j-1.7.6.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JCL 1.1.1 implemented over SLF4J</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/slf4j/jcl-over-slf4j/1.7.6/jcl-over-slf4j-1.7.6.jar<br/><b>MD5:</b>&nbsp;0cebfe147c0ff0b38930db24e576bdd4<br/><b>SHA1:</b>&nbsp;ab1648fe1dd6f1e5c2ec6d12f394672bb8c1036a<br/><b>SHA256:</b>d52f5e9a861f4e124ec43d711b566b4c2afe6e0709b490497fb9ca33e1ca0ba5<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header99" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content99" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jcl.over.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jcl-over-slf4j</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jcl-over-slf4j</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JCL 1.1.1 implemented over SLF4J</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>jcl-over-slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jcl.over.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jcl-over-slf4j</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JCL 1.1.1 implemented over SLF4J</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.3</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>jcl-over-slf4j</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jcl-over-slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>slf4j</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.7.6</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.7.6</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.7.6</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.7.6</td><td>High</td></tr></table></div><h4 id="header100" class="subsectionheader white">Identifiers</h4><div id="content100" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/jcl-over-slf4j@1.7.6" target="_blank">pkg:maven/org.slf4j/jcl-over-slf4j@1.7.6</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l48_bfcb96281ea3b59d626704f74bc6d625ff51cbce"></a>jcommander-1.48.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>A Java framework to parse command line options with annotations.</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/beust/jcommander/1.48/jcommander-1.48.jar<br/><b>MD5:</b>&nbsp;7a84fb4b01f46c904bd549e67e6c48a1<br/><b>SHA1:</b>&nbsp;bfcb96281ea3b59d626704f74bc6d625ff51cbce<br/><b>SHA256:</b>a7313fcfde070930e40ec79edf3c5948cf34e4f0d25cb3a09f9963d8bdd84113<br/><b>Referenced In Project/Scope:</b>Struts 2 TestNG Plugin:compile</p><h4 id="header101" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content101" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jcommander</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>beust</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JCommander</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.beust.jcommander</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>beust</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jcommander</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jcommander</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://beust.com/jcommander</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.beust</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jcommander</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>beust</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JCommander</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.beust.jcommander</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>beust</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JCommander</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jcommander</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jcommander</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://beust.com/jcommander</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.48</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.48</td><td>High</td></tr></table></div><h4 id="header102" class="subsectionheader white">Identifiers</h4><div id="content102" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.beust/jcommander@1.48" target="_blank">pkg:maven/com.beust/jcommander@1.48</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l49_6375e521c1e11d6563d4f25a07ce124ccf8cd171"></a>jcommander-1.72.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Command line parsing</pre></p><p><b>License:</b><pre class="indent">Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/beust/jcommander/1.72/jcommander-1.72.jar<br/><b>MD5:</b>&nbsp;9fde6bc0ba1032eceb7267fd1ad1657b<br/><b>SHA1:</b>&nbsp;6375e521c1e11d6563d4f25a07ce124ccf8cd171<br/><b>SHA256:</b>e0de160b129b2414087e01fe845609cd55caec6820cfd4d0c90fabcc7bdb8c1e<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header103" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content103" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jcommander</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>beust</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>jcommander</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>beust</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>jcommander</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>jcommander</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>jcommander</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://jcommander.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.beust</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date</td><td>2017-05-15</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jcommander</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>beust</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>jcommander</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>beust</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://jcommander.org</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>jcommander</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>jcommander</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>com.beust.jcommander</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>jcommander</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date</td><td>2017-05-15</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.72</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.72</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.72</td><td>Highest</td></tr></table></div><h4 id="header104" class="subsectionheader white">Identifiers</h4><div id="content104" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.beust/jcommander@1.72" target="_blank">pkg:maven/com.beust/jcommander@1.72</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l50_3dc9f7c2642efff4482e68c9d9df874bf98f5bcb"></a>jquery-1.3.2.min.js</h3><div class="subsectioncontent"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/bundles/admin/src/main/resources/static/js/jquery-1.3.2.min.js<br/><b>MD5:</b>&nbsp;bb381e2d19d8eace86b34d20759491a5<br/><b>SHA1:</b>&nbsp;3dc9f7c2642efff4482e68c9d9df874bf98f5bcb<br/><b>SHA256:</b>c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899<br/><b>Referenced In Project/Scope:</b>Struts 2 OSGi Admin Bundle</p><h4 id="header105" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content105" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.3.2.min</td><td>High</td></tr></table></div><h4 id="header106" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content106" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar: jquery-1.3.2.min.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-osgi-admin-bundle/2.6-SNAPSHOT/struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar/static/js/jquery-1.3.2.min.js</li><li>MD5:&nbsp;bb381e2d19d8eace86b34d20759491a5</li><li>SHA1:&nbsp;3dc9f7c2642efff4482e68c9d9df874bf98f5bcb</li><li>SHA256:&nbsp;c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899</li></ul></li></ul></div><h4 id="header107" class="subsectionheader white">Identifiers</h4><div id="content107" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@1.3.2.min" target="_blank">pkg:javascript/jquery@1.3.2.min</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div><h4 id="header108" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content108" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4969">CVE-2011-4969</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="jquery-1.3.2.min.js" data-sha1="3dc9f7c2642efff4482e68c9d9df874bf98f5bcb" data-pkgurl="pkg:javascript/jquery@1.3.2.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2011-4969">suppress</button></p><p><pre>Cross-site scripting (XSS) vulnerability in jQuery before 1.6.3, when using location.hash to select elements, allows remote attackers to inject arbitrary web script or HTML via a crafted tag.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/58458">58458</a></li><li>CONFIRM - <a target="_blank" href="http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/">http://blog.jquery.com/2011/09/01/jquery-1-6-3-released/</a></li><li>CONFIRM - <a target="_blank" href="http://bugs.jquery.com/ticket/9521">http://bugs.jquery.com/ticket/9521</a></li><li>CONFIRM - <a target="_blank" href="https://github.com/jquery/jquery/commit/db9e023e62c1ff5d8f21ed9868ab6878da2005e9">https://github.com/jquery/jquery/commit/db9e023e62c1ff5d8f21ed9868ab6878da2005e9</a></li><li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05111017</a></li><li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158380</a></li><li>CONFIRM - <a target="_blank" href="https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05232730">https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05232730</a></li><li>CONFIRM - <a target="_blank" href="https://security.netapp.com/advisory/ntap-20190416-0007/">https://security.netapp.com/advisory/ntap-20190416-0007/</a></li><li>MISC - <a target="_blank" href="http://blog.mindedsecurity.com/2011/07/jquery-is-sink.html">http://blog.mindedsecurity.com/2011/07/jquery-is-sink.html</a></li><li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2013/01/31/3">[oss-security] 20130130 jQuery 1.6.2 XSS CVE assignment</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E">[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1</a></li><li>OSVDB - <a target="_blank" href="http://www.osvdb.org/80056">80056</a></li><li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1036620">1036620</a></li><li>UBUNTU - <a target="_blank" href="http://www.ubuntu.com/usn/USN-1722-1">USN-1722-1</a></li><li>info - <a target="_blank" href="http://research.insecurelabs.org/jquery/test/">http://research.insecurelabs.org/jquery/test/</a></li><li>info - <a target="_blank" href="https://bugs.jquery.com/ticket/9521">https://bugs.jquery.com/ticket/9521</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2011-4969">https://nvd.nist.gov/vuln/detail/CVE-2011-4969</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs6">cpe:2.3:a:jquery:jquery:1.6:*:*:*:*:*:*:*</li><li class="vs6">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (including) 1.6.2</li><li class="vs6">cpe:2.3:a:jquery:jquery:1.6.1:*:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6708">CVE-2012-6708</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="jquery-1.3.2.min.js" data-sha1="3dc9f7c2642efff4482e68c9d9df874bf98f5bcb" data-pkgurl="pkg:javascript/jquery@1.3.2.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2012-6708">suppress</button></p><p><pre>jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '&lt;' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '&lt;' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/102792">102792</a></li><li>CONFIRM - <a target="_blank" href="https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0">https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="https://bugs.jquery.com/ticket/11290">https://bugs.jquery.com/ticket/11290</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d">https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/npm:jquery:20120206">https://snyk.io/vuln/npm:jquery:20120206</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html">openSUSE-SU-2020:0395</a></li><li>info - <a target="_blank" href="http://bugs.jquery.com/ticket/11290">http://bugs.jquery.com/ticket/11290</a></li><li>info - <a target="_blank" href="http://research.insecurelabs.org/jquery/test/">http://research.insecurelabs.org/jquery/test/</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2012-6708">https://nvd.nist.gov/vuln/detail/CVE-2012-6708</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs7">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 1.9.0</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358">CVE-2019-11358</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="jquery-1.3.2.min.js" data-sha1="3dc9f7c2642efff4482e68c9d9df874bf98f5bcb" data-pkgurl="pkg:javascript/jquery@1.3.2.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2019-11358">suppress</button></p><p><pre>jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/108023">108023</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/Apr/32">20190421 [SECURITY] [DSA 4434-1] drupal7 security update</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/Jun/12">20190612 [SECURITY] [DSA 4460-1] mediawiki security update</a></li><li>CONFIRM - <a target="_blank" href="https://security.netapp.com/advisory/ntap-20190919-0001/">https://security.netapp.com/advisory/ntap-20190919-0001/</a></li><li>CONFIRM - <a target="_blank" href="https://www.synology.com/security/advisory/Synology_SA_19_19">https://www.synology.com/security/advisory/Synology_SA_19_19</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2019-08">https://www.tenable.com/security/tns-2019-08</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2020-02">https://www.tenable.com/security/tns-2020-02</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2019/dsa-4434">DSA-4434</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2019/dsa-4460">DSA-4460</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/">FEDORA-2019-1a3edd7e8a</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/">FEDORA-2019-2a0ce0c58c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/">FEDORA-2019-7eaf0bbe7c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/">FEDORA-2019-a06dffab1c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/">FEDORA-2019-eba8e44ee6</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/">FEDORA-2019-f563e66380</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://backdropcms.org/security/backdrop-sa-core-2019-009">https://backdropcms.org/security/backdrop-sa-core-2019-009</a></li><li>MISC - <a target="_blank" href="https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/">https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b">https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/4333">https://github.com/jquery/jquery/pull/4333</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/SNYK-JS-JQUERY-174006">https://snyk.io/vuln/SNYK-JS-JQUERY-174006</a></li><li>MISC - <a target="_blank" href="https://www.drupal.org/sa-core-2019-006">https://www.drupal.org/sa-core-2019-006</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a></li><li>MISC - <a target="_blank" href="https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/">https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html">[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html">[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html">[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html</a></li><li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2019/06/03/2">[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E">[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js</a></li><li>N/A - <a target="_blank" href="https://www.oracle.com/security-alerts/cpuapr2020.html">N/A</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHBA-2019:1570">RHBA-2019:1570</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:1456">RHSA-2019:1456</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:2587">RHSA-2019:2587</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3023">RHSA-2019:3023</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3024">RHSA-2019:3024</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html">openSUSE-SU-2019:1839</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html">openSUSE-SU-2019:1872</a></li><li>info - <a target="_blank" href="https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/">https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/</a></li><li>info - <a target="_blank" href="https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b">https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2019-11358">https://nvd.nist.gov/vuln/detail/CVE-2019-11358</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs8">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15</li><li class="vs8">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15</li><li class="vs8">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0</li><li class="vs8">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66</li><li class="vs8">cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6</li><li class="vs8">cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9</li></ul></p><p><span class="underline"><b>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</b>&nbsp;(RETIREJS)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="jquery-1.3.2.min.js" data-sha1="3dc9f7c2642efff4482e68c9d9df874bf98f5bcb" data-pkgurl="pkg:javascript/jquery@1.3.2.min" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS">suppress</button></p><p><pre>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</pre>Unscored:<ul><li>Severity: medium</li></ul><br/>References:<ul><li>info - <a target="_blank" href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection"><a name="l51_43dc554608df885a59ddeece1598c6ace434d747"></a>jquery-2.1.4.min.js</h3><div class="subsectioncontent"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/apps/showcase/src/main/webapp/js/jquery-2.1.4.min.js<br/><b>MD5:</b>&nbsp;f9c7afd05729f10f55b689f36bb20172<br/><b>SHA1:</b>&nbsp;43dc554608df885a59ddeece1598c6ace434d747<br/><b>SHA256:</b>f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp</p><h4 id="header109" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content109" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.1.4.min</td><td>High</td></tr></table></div><h4 id="header110" class="subsectionheader white">Identifiers</h4><div id="content110" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@2.1.4.min" target="_blank">pkg:javascript/jquery@2.1.4.min</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div><h4 id="header111" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content111" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9251">CVE-2015-9251</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="jquery-2.1.4.min.js" data-sha1="43dc554608df885a59ddeece1598c6ace434d747" data-pkgurl="pkg:javascript/jquery@2.1.4.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2015-9251">suppress</button></p><p><pre>jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/105658">105658</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a></li><li>CONFIRM - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2019-08">https://www.tenable.com/security/tns-2019-08</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc">https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/issues/2432">https://github.com/jquery/jquery/issues/2432</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/2588">https://github.com/jquery/jquery/pull/2588</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2">https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2</a></li><li>MISC - <a target="_blank" href="https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04">https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/npm:jquery:20150627">https://snyk.io/vuln/npm:jquery:20150627</a></li><li>MISC - <a target="_blank" href="https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf">https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html">https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E">[flink-dev] 20190811 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E">[flink-user] 20190811 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E">[flink-user] 20190813 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E">[flink-user] 20190813 Re: Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E">[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2020:0481">RHSA-2020:0481</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2020:0729">RHSA-2020:0729</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html">openSUSE-SU-2020:0395</a></li><li>info - <a target="_blank" href="http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/">http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/</a></li><li>info - <a target="_blank" href="http://research.insecurelabs.org/jquery/test/">http://research.insecurelabs.org/jquery/test/</a></li><li>info - <a target="_blank" href="https://github.com/jquery/jquery/issues/2432">https://github.com/jquery/jquery/issues/2432</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2015-9251">https://nvd.nist.gov/vuln/detail/CVE-2015-9251</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs10">cpe:2.3:a:oracle:healthcare_foundation:7.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:retail_workforce_management_software:1.64.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7</li><li class="vs10">cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:endeca_information_discovery_studio:3.1.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.6:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_liquidity_risk_management:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.6</li><li class="vs10">cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:siebel_ui_framework:18.10:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6</li><li class="vs10">cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:real-time_scheduler:2.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.4:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:retail_sales_audit:15.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from (including) 4.3.0.1; versions up to (including) 4.3.0.4</li><li class="vs10">cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7</li><li class="vs10">cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7</li><li class="vs10">cpe:2.3:a:oracle:utilities_mobile_workforce_management:2.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.5:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.0.0</li><li class="vs10">cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.0.7</li><li class="vs10">cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.1; versions up to (including) 17.12</li><li class="vs10">cpe:2.3:a:oracle:siebel_ui_framework:18.11:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7</li><li class="vs10">cpe:2.3:a:oracle:retail_allocation:15.0.2:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.5:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:oss_support_tools:19.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2</li><li class="vs10">cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7</li><li class="vs10">cpe:2.3:a:oracle:enterprise_operations_monitor:4.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:enterprise_operations_monitor:3.4:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.0.1</li><li class="vs10">cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.0.4.0</li><li class="vs10">cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5</li><li class="vs10">cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*</li><li class="vs10">cpe:2.3:a:oracle:healthcare_foundation:7.1:*:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358">CVE-2019-11358</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="jquery-2.1.4.min.js" data-sha1="43dc554608df885a59ddeece1598c6ace434d747" data-pkgurl="pkg:javascript/jquery@2.1.4.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2019-11358">suppress</button></p><p><pre>jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/108023">108023</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/Apr/32">20190421 [SECURITY] [DSA 4434-1] drupal7 security update</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/Jun/12">20190612 [SECURITY] [DSA 4460-1] mediawiki security update</a></li><li>CONFIRM - <a target="_blank" href="https://security.netapp.com/advisory/ntap-20190919-0001/">https://security.netapp.com/advisory/ntap-20190919-0001/</a></li><li>CONFIRM - <a target="_blank" href="https://www.synology.com/security/advisory/Synology_SA_19_19">https://www.synology.com/security/advisory/Synology_SA_19_19</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2019-08">https://www.tenable.com/security/tns-2019-08</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2020-02">https://www.tenable.com/security/tns-2020-02</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2019/dsa-4434">DSA-4434</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2019/dsa-4460">DSA-4460</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/">FEDORA-2019-1a3edd7e8a</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/">FEDORA-2019-2a0ce0c58c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/">FEDORA-2019-7eaf0bbe7c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/">FEDORA-2019-a06dffab1c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/">FEDORA-2019-eba8e44ee6</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/">FEDORA-2019-f563e66380</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://backdropcms.org/security/backdrop-sa-core-2019-009">https://backdropcms.org/security/backdrop-sa-core-2019-009</a></li><li>MISC - <a target="_blank" href="https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/">https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b">https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/4333">https://github.com/jquery/jquery/pull/4333</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/SNYK-JS-JQUERY-174006">https://snyk.io/vuln/SNYK-JS-JQUERY-174006</a></li><li>MISC - <a target="_blank" href="https://www.drupal.org/sa-core-2019-006">https://www.drupal.org/sa-core-2019-006</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a></li><li>MISC - <a target="_blank" href="https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/">https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html">[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html">[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html">[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html</a></li><li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2019/06/03/2">[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E">[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js</a></li><li>N/A - <a target="_blank" href="https://www.oracle.com/security-alerts/cpuapr2020.html">N/A</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHBA-2019:1570">RHBA-2019:1570</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:1456">RHSA-2019:1456</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:2587">RHSA-2019:2587</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3023">RHSA-2019:3023</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3024">RHSA-2019:3024</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html">openSUSE-SU-2019:1839</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html">openSUSE-SU-2019:1872</a></li><li>info - <a target="_blank" href="https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/">https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/</a></li><li>info - <a target="_blank" href="https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b">https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2019-11358">https://nvd.nist.gov/vuln/detail/CVE-2019-11358</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs11">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15</li><li class="vs11">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15</li><li class="vs11">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0</li><li class="vs11">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66</li><li class="vs11">cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6</li><li class="vs11">cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9</li></ul></p><p><span class="underline"><b>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</b>&nbsp;(RETIREJS)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="jquery-2.1.4.min.js" data-sha1="43dc554608df885a59ddeece1598c6ace434d747" data-pkgurl="pkg:javascript/jquery@2.1.4.min" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS">suppress</button></p><p><pre>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</pre>Unscored:<ul><li>Severity: medium</li></ul><br/>References:<ul><li>info - <a target="_blank" href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l52_787cc9fd60ba3088b95f15e75d8803e490753db9"></a>jquery-ui-1.7.1.custom.min.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/bundles/admin/src/main/resources/static/js/jquery-ui-1.7.1.custom.min.js<br/><b>MD5:</b>&nbsp;5da7deb0932b5b5fe9c36e1bebcc6300<br/><b>SHA1:</b>&nbsp;787cc9fd60ba3088b95f15e75d8803e490753db9<br/><b>SHA256:</b>2aa861bed5e622947c75e1736023f60a6072ac46e3cda1715335100e92ea79b0<br/><b>Referenced In Project/Scope:</b>Struts 2 OSGi Admin Bundle</p><h4 id="header112" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content112" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header113" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content113" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar: jquery-ui-1.7.1.custom.min.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-osgi-admin-bundle/2.6-SNAPSHOT/struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar/static/js/jquery-ui-1.7.1.custom.min.js</li><li>MD5:&nbsp;5da7deb0932b5b5fe9c36e1bebcc6300</li><li>SHA1:&nbsp;787cc9fd60ba3088b95f15e75d8803e490753db9</li><li>SHA256:&nbsp;2aa861bed5e622947c75e1736023f60a6072ac46e3cda1715335100e92ea79b0</li></ul></li></ul></div><h4 id="header114" class="subsectionheader white">Identifiers</h4><div id="content114" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l53_5a88e8d212d51cdc3ac0305978dfc483ce25fa25"></a>jshint.conf.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/jshint.conf.js<br/><b>MD5:</b>&nbsp;7b7c2d7894e972b45298ea8d533008d7<br/><b>SHA1:</b>&nbsp;5a88e8d212d51cdc3ac0305978dfc483ce25fa25<br/><b>SHA256:</b>15942ecb04925afc65666d3d8f758ed0e65f90f7b5faec2b7381e29e397200c6<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header115" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content115" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header116" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content116" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: jshint.conf.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/jshint.conf.js</li><li>MD5:&nbsp;7b7c2d7894e972b45298ea8d533008d7</li><li>SHA1:&nbsp;5a88e8d212d51cdc3ac0305978dfc483ce25fa25</li><li>SHA256:&nbsp;15942ecb04925afc65666d3d8f758ed0e65f90f7b5faec2b7381e29e397200c6</li></ul></li></ul></div><h4 id="header117" class="subsectionheader white">Identifiers</h4><div id="content117" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l54_2337afdb06134a12fc0239299c3ceb2e9c209516"></a>json-simple-3.0.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Java 7+ toolkit to quickly develop RFC 4627 JSON compatible applications.</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/github/cliftonlabs/json-simple/3.0.2/json-simple-3.0.2.jar<br/><b>MD5:</b>&nbsp;148c0d1bdc1bcb24394627d6930ee9ad<br/><b>SHA1:</b>&nbsp;2337afdb06134a12fc0239299c3ceb2e9c209516<br/><b>SHA256:</b>fda65a9ad0e1ac0c88987106e89aa4d8b2a2495e7e042371efa83813f65b7295<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header118" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content118" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JSON.simple</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>json-simple</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.github.cliftonlabs</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>github.cliftonlabs</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>github</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>cliftonlabs</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>json-simple</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://cliftonlabs.github.io/json-simple/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.github.cliftonlabs</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://cliftonlabs.github.io/json-simple/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JSON.simple</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>json-simple</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>json-simple</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>github.cliftonlabs</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>github</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>JSON.simple</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>cliftonlabs</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://cliftonlabs.github.io/json-simple/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>JSON.simple</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://cliftonlabs.github.io/json-simple/</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.2</td><td>Highest</td></tr></table></div><h4 id="header119" class="subsectionheader white">Identifiers</h4><div id="content119" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.github.cliftonlabs/json-simple@3.0.2" target="_blank">pkg:maven/com.github.cliftonlabs/json-simple@3.0.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l55_f1e06cee7b3da2ba627166690765b0d6e6a3c104"></a>juneau-marshall-8.1.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Juneau Marshall API</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/juneau/juneau-marshall/8.1.3/juneau-marshall-8.1.3.jar<br/><b>MD5:</b>&nbsp;ea60a00e21ed59dd8ad7b2b9b919c8a8<br/><b>SHA1:</b>&nbsp;f1e06cee7b3da2ba627166690765b0d6e6a3c104<br/><b>SHA256:</b>d0c5dbf783581a767e857341daff6928d5a76a1627b7980a8b34622ee522995d<br/><b>Referenced In Project/Scope:</b>Struts 2 REST Plugin:compile</p><h4 id="header120" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content120" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>juneau</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>juneau-marshall</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>juneau-core</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.juneau.marshall</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>juneau/core/marshall</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.juneau</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.juneau.marshall</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>marshall</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.juneau</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.juneau</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>juneau-marshall</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>juneau</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.juneau.marshall</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>juneau/core/marshall</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>juneau/core/marshall</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.juneau</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>juneau-core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>juneau-marshall</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.juneau.marshall</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>marshall</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.juneau</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>juneau-marshall</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>8.1.3</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>8.1.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>8.1.3</td><td>Highest</td></tr></table></div><h4 id="header121" class="subsectionheader white">Identifiers</h4><div id="content121" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.juneau/juneau-marshall@8.1.3" target="_blank">pkg:maven/org.apache.juneau/juneau-marshall@8.1.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l56_e49ccba652b735c93bd6e6f59760d8254cf597dd"></a>junit-4.13.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>JUnit is a unit testing framework for Java, created by Erich Gamma and Kent Beck.</pre></p><p><b>License:</b><pre class="indent">Eclipse Public License 1.0: http://www.eclipse.org/legal/epl-v10.html</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/junit/junit/4.13/junit-4.13.jar<br/><b>MD5:</b>&nbsp;5da6445d7b80aba2623e73d4561dcfde<br/><b>SHA1:</b>&nbsp;e49ccba652b735c93bd6e6f59760d8254cf597dd<br/><b>SHA256:</b>4b8532f63bdc0e0661507f947eb324a954d1dbac631ad19c8aa9a00feed1d863<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header122" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content122" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>JUnit</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>junit</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.junit.org</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>junit</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://junit.org</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>junit</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>junit</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://junit.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>JUnit</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>junit</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>framework</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>junit</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JUnit</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>junit</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://junit.org</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>junit</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.junit.org</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>junit</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>JUnit</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>junit</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>JUnit</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://junit.org</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>framework</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>junit</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JUnit</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.13</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.13</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>4.13</td><td>High</td></tr></table></div><h4 id="header123" class="subsectionheader white">Identifiers</h4><div id="content123" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/junit/junit@4.13" target="_blank">pkg:maven/junit/junit@4.13</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l57_533f6ae0bb0ce091493f2eeab0c1df4327e46ef1"></a>log4j-core-2.13.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The Apache Log4j Implementation</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/logging/log4j/log4j-core/2.13.1/log4j-core-2.13.1.jar<br/><b>MD5:</b>&nbsp;d365e48221414f93feef093a1bf607ef<br/><b>SHA1:</b>&nbsp;533f6ae0bb0ce091493f2eeab0c1df4327e46ef1<br/><b>SHA256:</b>88ebd503b35a0debe18c2707db9de33a8c6d96491270b7f02dd086b8072426b2<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Showcase Webapp:compile</li></ul></p><h4 id="header124" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content124" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>log4j-core</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.logging.log4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://logging.apache.org/log4j/2.x/log4j-core/</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Log4j Core</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.logging.log4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jreleasekey</td><td>B3D8E1BA</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.logging.log4j.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.logging.log4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>log4j</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>log4j-core</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>log4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://logging.apache.org/log4j/2.x/log4j-core/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Log4j Core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.logging.log4j.core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.logging.log4j</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jreleasekey</td><td>B3D8E1BA</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Log4j Core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.logging.log4j</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.apache.logging.log4j.core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>log4jreleasemanager</td><td>Ralph Goers</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>log4j-core</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Log4j Core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>multi-release</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>log4j-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>log4j</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Log4j Core</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>log4j</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.13.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.13.1</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.13.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.13.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>log4jreleaseversion</td><td>2.13.1</td><td>Medium</td></tr></table></div><h4 id="header125" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content125" class="subsectioncontent standardsubsection hidden"><ul><li>log4j-jcl-2.13.1.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/logging/log4j/log4j-jcl/2.13.1/log4j-jcl-2.13.1.jar</li><li>MD5:&nbsp;22085750f61f18e2409904daa50d8629</li><li>SHA1:&nbsp;dbdf02be1b24433fb4b7daf9c9f2370b39175808</li><li>SHA256:&nbsp;8d35e0a5c152966ff042ccd2fd66496c1ec7563a01bc529edf98cc9d63af5212</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-jcl@2.13.1" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-jcl@2.13.1</a></li></ul></li><li>log4j-api-2.13.1.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/logging/log4j/log4j-api/2.13.1/log4j-api-2.13.1.jar</li><li>MD5:&nbsp;65795ba3dfef693a82bdfb369d030439</li><li>SHA1:&nbsp;cc670f92dc77bbf4540904c3fa211b997cba00d8</li><li>SHA256:&nbsp;307fffc2623d010e3fe67d9f6b101c14bae33ec310e5f56960d491885fd59630</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-api@2.13.1" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-api@2.13.1</a></li></ul></li></ul></div><h4 id="header126" class="subsectionheader white">Identifiers</h4><div id="content126" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1" target="_blank">pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Alog4j&amp;cpe_version=cpe%3A%2F%3Aapache%3Alog4j%3A2.13.1" target="_blank">cpe:2.3:a:apache:log4j:2.13.1:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="log4j-core-2.13.1.jar" data-sha1="533f6ae0bb0ce091493f2eeab0c1df4327e46ef1" data-pkgurl="pkg:maven/org.apache.logging.log4j/log4j-core@2.13.1" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:log4j">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l58_18178dd7cfcb8b81c262c072b60a5bf701073917"></a>ognl-3.2.14.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>OGNL - Object Graph Navigation Library</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/ognl/ognl/3.2.14/ognl-3.2.14.jar<br/><b>MD5:</b>&nbsp;0baa4d72fcb508e100c821518e5cdf19<br/><b>SHA1:</b>&nbsp;18178dd7cfcb8b81c262c072b60a5bf701073917<br/><b>SHA256:</b>02da5bd743cbaab1ebb61a17844b122f52cc69d10b23a8e3356f55c1e6988e71<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header127" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content127" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>ognl</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.opensymphony.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>OGNL - Object Graph Navigation Library</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>OpenSymphony</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>ognl</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>ognl</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>ognl</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>jkuhnert/ognl/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>ognl</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>jkuhnert/ognl/</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>OGNL - Object Graph Navigation Library</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>ognl</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>ognl</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>ognl</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>ognl</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>ognl</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>OpenSymphony</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.opensymphony.com</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.2.14</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.2.14</td><td>Highest</td></tr></table></div><h4 id="header128" class="subsectionheader white">Identifiers</h4><div id="content128" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/ognl/ognl@3.2.14" target="_blank">pkg:maven/ognl/ognl@3.2.14</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aognl_project&amp;cpe_product=cpe%3A%2F%3Aognl_project%3Aognl&amp;cpe_version=cpe%3A%2F%3Aognl_project%3Aognl%3A3.2.14" target="_blank">cpe:2.3:a:ognl_project:ognl:3.2.14:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="ognl-3.2.14.jar" data-sha1="18178dd7cfcb8b81c262c072b60a5bf701073917" data-pkgurl="pkg:maven/ognl/ognl@3.2.14" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:ognl_project:ognl">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l59_51fd3c3d66bed260a48bcc1bc9f56c799acab501"></a>optiontransferselect.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/org/apache/struts2/static/optiontransferselect.js<br/><b>MD5:</b>&nbsp;f4194635b442cd6a9354132eb1f5c544<br/><b>SHA1:</b>&nbsp;51fd3c3d66bed260a48bcc1bc9f56c799acab501<br/><b>SHA256:</b>2028278976d9adfaa90186556cca99bbd476df3818155161d877272b738cc762<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header129" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content129" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header130" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content130" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: optiontransferselect.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/org/apache/struts2/static/optiontransferselect.js</li><li>MD5:&nbsp;f4194635b442cd6a9354132eb1f5c544</li><li>SHA1:&nbsp;51fd3c3d66bed260a48bcc1bc9f56c799acab501</li><li>SHA256:&nbsp;2028278976d9adfaa90186556cca99bbd476df3818155161d877272b738cc762</li></ul></li></ul></div><h4 id="header131" class="subsectionheader white">Identifiers</h4><div id="content131" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l60_18d02dd467607cb61a8cf77c1847a733a417da76"></a>org.apache.felix.framework-6.0.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>OSGi R7 framework implementation.</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/felix/org.apache.felix.framework/6.0.3/org.apache.felix.framework-6.0.3.jar<br/><b>MD5:</b>&nbsp;e6fc3ecee260635dd538dca901a9d59c<br/><b>SHA1:</b>&nbsp;18d02dd467607cb61a8cf77c1847a733a417da76<br/><b>SHA256:</b>817563ea7baae979e288f76c9d0531d90fd0f6ad287578d80adba81fd71469ac<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header132" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content132" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>provide-capability</td><td>osgi.service;objectClass:List=&quot;org.osgi.service.packageadmin.PackageAdmin&quot;,osgi.service;objectClass:List=&quot;org.osgi.service.startlevel.StartLevel&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>org.apache.felix.framework</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Felix Framework</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.framework</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>apache.felix.framework</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>framework</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>provide-capability</td><td>osgi.service;objectClass:List=&quot;org.osgi.service.packageadmin.PackageAdmin&quot;,osgi.service;objectClass:List=&quot;org.osgi.service.startlevel.StartLevel&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>org.apache.felix.framework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>org.apache.felix.framework</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Felix Framework</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.framework</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>apache.felix.framework</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>filter</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>startlevel</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Felix Framework</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>service</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>packageadmin</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>framework</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>6.0.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>6.0.3</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.3</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.0.3</td><td>High</td></tr></table></div><h4 id="header133" class="subsectionheader white">Identifiers</h4><div id="content133" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.framework@6.0.3" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.framework@6.0.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l61_9a6cbba44a72bb04411edf8b154c862e27209e8a"></a>org.apache.felix.main-6.0.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>OSGi R6 framework.</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/felix/org.apache.felix.main/6.0.3/org.apache.felix.main-6.0.3.jar<br/><b>MD5:</b>&nbsp;913efb471f201c4692c469ef13a2fe3b<br/><b>SHA1:</b>&nbsp;9a6cbba44a72bb04411edf8b154c862e27209e8a<br/><b>SHA256:</b>9bfa481d52b1d7724bcdebfd8cca7b17d75b35ebc04aa44b705bf47fbd322f3f<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header134" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content134" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>apache.felix.main</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.main</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>org.apache.felix.main</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Felix Main</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>main</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.main</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Felix</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>org.apache.felix.main</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>org.apache.felix.main</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>filter</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Felix Main</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>apache.felix.main</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>main</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>framework</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>6.0.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>6.0.3</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.0.3</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.0.3</td><td>High</td></tr></table></div><h4 id="header135" class="subsectionheader white">Identifiers</h4><div id="content135" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.main@6.0.3" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.main@6.0.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l62_649b5b55c6c5388654eee75706f1258e1e307ddb"></a>org.apache.felix.shell-1.4.3.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>A simple OSGi command shell service.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/felix/org.apache.felix.shell/1.4.3/org.apache.felix.shell-1.4.3.jar<br/><b>MD5:</b>&nbsp;96087ecf21dd1e9824193439fbe57dff<br/><b>SHA1:</b>&nbsp;649b5b55c6c5388654eee75706f1258e1e307ddb<br/><b>SHA256:</b>c53e2f82de7c427b63dbbf911b8b890386f4ab1238d6cfe8945b10f01dd8aa04<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header136" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content136" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.shell</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>command</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Felix Shell Service</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>apache.felix.shell</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>org.apache.felix.shell</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>service</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>shell</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>command</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.shell</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Felix Shell Service</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>apache.felix.shell</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Felix Shell Service</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>org.apache.felix.shell</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>service</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>shell</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>org.apache.felix.shell</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org/</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.4.3</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.4.3</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.4.3</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.4.3</td><td>High</td></tr></table></div><h4 id="header137" class="subsectionheader white">Identifiers</h4><div id="content137" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.shell@1.4.3" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.shell@1.4.3</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l63_7184b6c9089ffcfb0da269a2cd50ce386f5dc335"></a>org.apache.felix.shell.tui-1.4.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>A simple textual user interface for Felix' shell service.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/felix/org.apache.felix.shell.tui/1.4.1/org.apache.felix.shell.tui-1.4.1.jar<br/><b>MD5:</b>&nbsp;bf656be67e35a832a4d07cf88bfeef6b<br/><b>SHA1:</b>&nbsp;7184b6c9089ffcfb0da269a2cd50ce386f5dc335<br/><b>SHA256:</b>87c42aea8a6b6e2fd7ece9eaea855f83c51eba76f6636a9602ca94b20045c69a<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header138" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content138" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>org.apache.felix.shell.tui</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://felix.apache.org/site/apache-felix-shell-tui.html</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.shell.tui</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Felix Shell TUI</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tui</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>apache.felix.shell.tui</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>shell</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>felix-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>felix</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>org.apache.felix.shell.tui</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://felix.apache.org/site/apache-felix-shell-tui.html</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.felix</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>apache.felix.shell.tui</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.felix.shell.tui</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Felix Shell TUI</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tui</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.felix</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Felix Shell TUI</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>org.apache.felix.shell.tui</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>shell</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.4.1</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.4.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.4.1</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.4.1</td><td>High</td></tr></table></div><h4 id="header139" class="subsectionheader white">Identifiers</h4><div id="content139" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.felix/org.apache.felix.shell.tui@1.4.1" target="_blank">pkg:maven/org.apache.felix/org.apache.felix.shell.tui@1.4.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l64_70d04381dfa21ddb4f1fd82e1f62623632890b48"></a>org.osgi.compendium-4.0.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/osgi/org.osgi.compendium/4.0.0/org.osgi.compendium-4.0.0.jar<br/><b>MD5:</b>&nbsp;c8d708edb0a365a4a0ff63b9fcf74e38<br/><b>SHA1:</b>&nbsp;70d04381dfa21ddb4f1fd82e1f62623632890b48<br/><b>SHA256:</b>ba23461e878cff259ef958f0b739e4f423fe1566ab1c02c21927991ecf95ad72<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header140" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content140" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>osgi</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>osgi</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>osgi.compendium</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.osgi</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>org.osgi.compendium</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>service</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>osgi.compendium</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>org.osgi.compendium</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>org.osgi.compendium</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>service</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.0.0</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.0.0</td><td>High</td></tr></table></div><h4 id="header141" class="subsectionheader white">Identifiers</h4><div id="content141" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.osgi/org.osgi.compendium@4.0.0" target="_blank">pkg:maven/org.osgi/org.osgi.compendium@4.0.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l65_5458ffe2ba049e76c29f2df2dc3ffccddf8b839e"></a>org.osgi.core-4.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
    OSGi Service Platform Release 4 Version 4.3, Core Interfaces
     and Classes for use in compiling bundles.
  </pre></p><p><b>License:</b><pre class="indent">
        Apache License, Version 2.0
      : 
        http://opensource.org/licenses/apache2.0.php
      </pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/osgi/org.osgi.core/4.3.1/org.osgi.core-4.3.1.jar<br/><b>MD5:</b>&nbsp;8053bbc1b55d51f5abae005625209d08<br/><b>SHA1:</b>&nbsp;5458ffe2ba049e76c29f2df2dc3ffccddf8b839e<br/><b>SHA256:</b>10dad99322b2081015749e2d21538a4a9bc4cb3699d3b7b41ce452a544b09abe<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header142" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content142" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) OSGi Alliance (2000, 2012). All Rights Reserved.</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>
      http://www.osgi.org
    </td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.osgi</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>
      OSGi Alliance
    </td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>
    org.osgi
  </td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>
    org.osgi.core
  </td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>
    osgi.core
  </td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>service</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>osgi.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>org.osgi.core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>
    http://www.osgi.org
  </td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-copyright</td><td>Copyright (c) OSGi Alliance (2000, 2012). All Rights Reserved.</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>
    http://www.osgi.org
  </td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>org.osgi.core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>version</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>osgi.core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>
    org.osgi
  </td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>
    org.osgi.core
  </td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>
    osgi.core
  </td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>
      http://www.osgi.org
    </td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>
      OSGi Alliance
    </td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>service</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>osgi.core</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>org.osgi.core</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>
    4.3.1
  </td><td>Highest</td></tr></table></div><h4 id="header143" class="subsectionheader white">Identifiers</h4><div id="content143" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/%0A%20%20%20%20org.osgi%0A%20%20/%0A%20%20%20%20org.osgi.core%0A%20%20@%0A%20%20%20%204.3.1%0A%20%20" target="_blank">pkg:maven/%0A%20%20%20%20org.osgi%0A%20%20/%0A%20%20%20%20org.osgi.core%0A%20%20@%0A%20%20%20%204.3.1%0A%20%20</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.osgi/org.osgi.core@4.3.1" target="_blank">pkg:maven/org.osgi/org.osgi.core@4.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l66_1827d5ad7c049ba0618c8c8f36ecced1db3e75b0"></a>oval-1.90.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>OVal is a pragmatic and extensible validation framework for any kind of Java objects (not only JavaBeans).

Constraints can be declared with annotations (@NotNull, @MaxLength), POJOs or XML.

Custom constraints can be expressed as custom Java classes or by using scripting languages such as JavaScript, Groovy, BeanShell, OGNL or MVEL.

Besides field/property validation OVal implements Programming by Contract features by utilizing AspectJ based aspects. This for example allows runtime validation of method arguments.</pre></p><p><b>License:</b><pre class="indent">Eclipse Public License 1.0: http://www.spdx.org/licenses/EPL-1.0</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/net/sf/oval/oval/1.90/oval-1.90.jar<br/><b>MD5:</b>&nbsp;356793921c338506b56bda9a113d2f4e<br/><b>SHA1:</b>&nbsp;1827d5ad7c049ba0618c8c8f36ecced1db3e75b0<br/><b>SHA256:</b>b61418a77abb2c16dc2d7fc8146e50164a79415b22dc7e54553bd5376418b198<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 OVal Plugin:compile</li></ul></p><h4 id="header144" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content144" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-url</td><td>http://oval.sf.net</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td></td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>net.sf.oval;singleton:=true</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>OVal</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>net.sf.oval</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://oval.sf.net</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td></td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>constraints</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>oval</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>oval</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://oval.sf.net</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sf</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>net</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>net.sf.oval</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>eclipse-lazystart</td><td>true</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-bundle</td><td>org.aspectj.runtime;bundle-version=&quot;1.6.0&quot;;resolution:=optional,org.apache.commons.logging;resolution:=optional,org.apache.commons.jexl;resolution:=optional,org.apache.log4j;resolution:=optional,org.codehaus.groovy;resolution:=optional,org.thoughtworks.paranamer;resolution:=optional,org.thoughtworks.xstream;resolution:=optional,org.mvel;resolution:=optional,org.mozilla.javascript;resolution:=optional,org.jruby;resolution:=optional,org.springframework.bundle.spring;resolution:=optional</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>oval</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>eclipse-buddypolicy</td><td>registered</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-url</td><td>http://oval.sf.net</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>net.sf.oval;singleton:=true</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>OVal</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>OVal - the Object Validation Framework for Java 5 or later</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>constraints</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>oval</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://oval.sf.net</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sf</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>OVal</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>net</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>oval</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>eclipse-lazystart</td><td>true</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>net.sf.oval</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://oval.sf.net</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>require-bundle</td><td>org.aspectj.runtime;bundle-version=&quot;1.6.0&quot;;resolution:=optional,org.apache.commons.logging;resolution:=optional,org.apache.commons.jexl;resolution:=optional,org.apache.log4j;resolution:=optional,org.codehaus.groovy;resolution:=optional,org.thoughtworks.paranamer;resolution:=optional,org.thoughtworks.xstream;resolution:=optional,org.mvel;resolution:=optional,org.mozilla.javascript;resolution:=optional,org.jruby;resolution:=optional,org.springframework.bundle.spring;resolution:=optional</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>oval</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>eclipse-buddypolicy</td><td>registered</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>OVal</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.90</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.90</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.90</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.90</td><td>Highest</td></tr></table></div><h4 id="header145" class="subsectionheader white">Identifiers</h4><div id="content145" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/net.sf.oval/oval@1.90" target="_blank">pkg:maven/net.sf.oval/oval@1.90</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li>cpe:2.3:a:apache:groovy:1.90:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="oval-1.90.jar" data-sha1="1827d5ad7c049ba0618c8c8f36ecced1db3e75b0" data-pkgurl="pkg:maven/net.sf.oval/oval@1.90" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:groovy">suppress</button></li><li>cpe:2.3:a:apache:log4j:1.90:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="oval-1.90.jar" data-sha1="1827d5ad7c049ba0618c8c8f36ecced1db3e75b0" data-pkgurl="pkg:maven/net.sf.oval/oval@1.90" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:log4j">suppress</button></li><li>cpe:2.3:a:jruby:jruby:1.90:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="oval-1.90.jar" data-sha1="1827d5ad7c049ba0618c8c8f36ecced1db3e75b0" data-pkgurl="pkg:maven/net.sf.oval/oval@1.90" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:jruby:jruby">suppress</button></li><li>cpe:2.3:a:xstream_project:xstream:1.90:*:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="oval-1.90.jar" data-sha1="1827d5ad7c049ba0618c8c8f36ecced1db3e75b0" data-pkgurl="pkg:maven/net.sf.oval/oval@1.90" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:xstream_project:xstream">suppress</button></li></ul></div><h4 id="header146" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content146" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6497">CVE-2016-6497</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="oval-1.90.jar" data-sha1="1827d5ad7c049ba0618c8c8f36ecced1db3e75b0" data-pkgurl="pkg:maven/net.sf.oval/oval@1.90" data-type-to-suppress="cve" data-id-to-suppress="CVE-2016-6497">suppress</button></p><p><pre>main/java/org/apache/directory/groovyldap/LDAP.java in the Groovy LDAP API in Apache allows attackers to conduct LDAP entry poisoning attacks by leveraging setting returnObjFlag to true for all search methods.</pre>CWE-254 7PK - Security Features<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (5.0)</li><li>Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/95929">95929</a></li><li>CONFIRM - <a target="_blank" href="http://svn.apache.org/viewvc/directory/sandbox/szoerner/groovyldap/src/main/java/org/apache/directory/groovyldap/LDAP.java?r1=1765362&amp;r2=1765361&amp;pathrev=1765362&amp;view=patch">http://svn.apache.org/viewvc/directory/sandbox/szoerner/groovyldap/src/main/java/org/apache/directory/groovyldap/LDAP.java?r1=1765362&amp;r2=1765361&amp;pathrev=1765362&amp;view=patch</a></li><li>MISC - <a target="_blank" href="https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf">https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MLIST - <a target="_blank" href="https://mail-archives.apache.org/mod_mbox/directory-users/201610.mbox/%3Cb7d7e909-a8ed-1ab4-c853-4078c1e7624a%40stefan-seelmann.de%3E">[directory-users] 20161029 Security vulnerability in Groovy LDAP API</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs13"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Agroovy">cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:*</a></li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6814">CVE-2016-6814</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="oval-1.90.jar" data-sha1="1827d5ad7c049ba0618c8c8f36ecced1db3e75b0" data-pkgurl="pkg:maven/net.sf.oval/oval@1.90" data-type-to-suppress="cve" data-id-to-suppress="CVE-2016-6814">suppress</button></p><p><pre>When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability.</pre>CWE-502 Deserialization of Untrusted Data<br/><br/>CVSSv2:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P</li></ul>CVSSv3:<ul><li>Base Score: CRITICAL (9.8)</li><li>Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/95429">95429</a></li><li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html">http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html</a></li><li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html">http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html</a></li><li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a></li><li>CONFIRM - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a></li><li>GENTOO - <a target="_blank" href="https://security.gentoo.org/glsa/202003-01">GLSA-202003-01</a></li><li>MISC - <a target="_blank" href="http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E">http://mail-archives.apache.org/mod_mbox/www-announce/201701.mbox/%3CCADRx3PMZ2hBCGDTY35zYXFGaDnjAs0tc5-upaVs6QN2sYUejyA%40mail.gmail.com%3E</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a></li><li>REDHAT - <a target="_blank" href="http://rhn.redhat.com/errata/RHSA-2017-0272.html">RHSA-2017:0272</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2017:0868">RHSA-2017:0868</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2017:2486">RHSA-2017:2486</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2017:2596">RHSA-2017:2596</a></li><li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1039600">1039600</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs14">show all</a>)<ul><li class="vs14"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Agroovy">cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:* versions from (including) 1.7.0; versions up to (including) 2.4.3</a></li><li class="vs14">...</li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Agroovy">cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:* versions from (including) 1.7.0; versions up to (including) 2.4.3</a></li><li class="vs14 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Agroovy">cpe:2.3:a:apache:groovy:*:*:*:*:*:*:*:* versions from (including) 2.4.4; versions up to (including) 2.4.7</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l67_575e5663d175c8f112f654bc2f2a3db4077c74e0"></a>plexus-container-default-1.0-alpha-10.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/codehaus/plexus/plexus-container-default/1.0-alpha-10/plexus-container-default-1.0-alpha-10.jar<br/><b>MD5:</b>&nbsp;110aaa0c629787cb95e1137bd7ad4b93<br/><b>SHA1:</b>&nbsp;575e5663d175c8f112f654bc2f2a3db4077c74e0<br/><b>SHA256:</b>25b0e6c0c5b2b2b5be3d3d228020abd4fb5b438ddbf11c352674ba9637d576ad<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header147" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content147" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>plexus-container-default</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>component</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>container</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>plexus-container-default</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.codehaus.plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Default Plexus Container</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>codehaus.plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>plexus-containers</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>plexus</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>plexus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>plexus-containers</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>plexus-container-default</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Default Plexus Container</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>component</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>codehaus.plexus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>container</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>plexus-container-default</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>plexus</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.0-alpha-10</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.0-alpha-10</td><td>Highest</td></tr></table></div><h4 id="header148" class="subsectionheader white">Identifiers</h4><div id="content148" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.plexus/plexus-container-default@1.0-alpha-10" target="_blank">pkg:maven/org.codehaus.plexus/plexus-container-default@1.0-alpha-10</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l68_9756b92f7f380e4372d1e34f7d194bc0a5767849"></a>plexus-utils-1.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/codehaus/plexus/plexus-utils/1.2/plexus-utils-1.2.jar<br/><b>MD5:</b>&nbsp;4e05dbd6dbfdf2e976921e80079f9d38<br/><b>SHA1:</b>&nbsp;9756b92f7f380e4372d1e34f7d194bc0a5767849<br/><b>SHA256:</b>990608ac834a8762e9272c65404aeeee68325199b7eb10f63b22a06535fcb90c<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header149" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content149" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>plexus-utils</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Codehaus</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Plexus Common Utilities</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>plexus</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.codehaus.plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>plexus-utils</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>plexus-utils</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Codehaus</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>codehaus.plexus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>plexus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>plexus-utils</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>plexus-utils</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>plexus-utils</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>plexus-utils</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>plexus</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>codehaus.plexus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Plexus Common Utilities</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.2</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.2</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.2</td><td>High</td></tr></table></div><h4 id="header150" class="subsectionheader white">Identifiers</h4><div id="content150" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.plexus/plexus-utils@1.2" target="_blank">pkg:maven/org.codehaus.plexus/plexus-utils@1.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l69_1cd72f2a37fcf8ab9893a9468d7ba71c85fe2653"></a>portlet-api-2.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The Java Portlet API version 2.0 developed by the Java Community Process JSR-286 Expert Group.</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/javax/portlet/portlet-api/2.0/portlet-api-2.0.jar<br/><b>MD5:</b>&nbsp;0ec08593cda1df33985391919996c740<br/><b>SHA1:</b>&nbsp;1cd72f2a37fcf8ab9893a9468d7ba71c85fe2653<br/><b>SHA256:</b>c990cb5ece82f97e18847ab07fa1569d1dd5f80f166f27c979a075c60bb361d0<br/><b>Referenced In Project/Scope:</b>Struts 2 JUnit Plugin:compile</p><h4 id="header151" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content151" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>portlet-api</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>javax.portlet</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Java Portlet Specification V2.0</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jcp.org/en/jsr/detail?id=286</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>portlet-api</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>javax.portlet</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.jcp.org/en/jsr/detail?id=286</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>portlet</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>portlet-api</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>portlet-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.jcp.org/en/jsr/detail?id=286</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>javax.portlet</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Java Portlet Specification V2.0</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>JSR 286</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.jcp.org/en/jsr/detail?id=286</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>javax.portlet</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>portlet</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0</td><td>Highest</td></tr></table></div><h4 id="header152" class="subsectionheader white">Identifiers</h4><div id="content152" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/javax.portlet/portlet-api@2.0" target="_blank">pkg:maven/javax.portlet/portlet-api@2.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l70_a4e5934397f97f79b8066984475c90af8a970a36"></a>prettify.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/apps/showcase/src/main/webapp/js/prettify.js<br/><b>MD5:</b>&nbsp;709bfcc456c694bfe8ee86d184a1c360<br/><b>SHA1:</b>&nbsp;a4e5934397f97f79b8066984475c90af8a970a36<br/><b>SHA256:</b>e2e576e3bc607cd179ff511947010f645d3441a35313aec0dbd06c4437f83b77<br/><b>Referenced In Project/Scope:</b>Struts 2 Showcase Webapp</p><h4 id="header153" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content153" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header154" class="subsectionheader white">Identifiers</h4><div id="content154" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l71_23878d8bd360f9e2cda65720df197367b8a43b6d"></a>shell.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/bundles/admin/src/main/resources/static/js/shell.js<br/><b>MD5:</b>&nbsp;ebed3f28e18db2fa1e37a1762758e020<br/><b>SHA1:</b>&nbsp;23878d8bd360f9e2cda65720df197367b8a43b6d<br/><b>SHA256:</b>3c0007fc1d5003847131e9c18f976a79da5e01d7cda43839403d7dda067d500a<br/><b>Referenced In Project/Scope:</b>Struts 2 OSGi Admin Bundle</p><h4 id="header155" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content155" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header156" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content156" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar: shell.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-osgi-admin-bundle/2.6-SNAPSHOT/struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar/static/js/shell.js</li><li>MD5:&nbsp;ebed3f28e18db2fa1e37a1762758e020</li><li>SHA1:&nbsp;23878d8bd360f9e2cda65720df197367b8a43b6d</li><li>SHA256:&nbsp;3c0007fc1d5003847131e9c18f976a79da5e01d7cda43839403d7dda067d500a</li></ul></li></ul></div><h4 id="header157" class="subsectionheader white">Identifiers</h4><div id="content157" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l72_4cb3b08c96553b0f4595a80917838ca302f67f3f"></a>sitemesh-2.4.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>SiteMesh is a web-page layout and decoration framework and web- application integration framework to aid in creating large sites consisting of many pages for which a consistent look/feel, navigation and layout scheme is required.</pre></p><p><b>License:</b><pre class="indent">The Apache Software License, Version 1.1: http://www.opensymphony.com/sitemesh/license.action</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/opensymphony/sitemesh/2.4.2/sitemesh-2.4.2.jar<br/><b>MD5:</b>&nbsp;b9cd6bb5c6e34555ae430d9c2f2441ba<br/><b>SHA1:</b>&nbsp;4cb3b08c96553b0f4595a80917838ca302f67f3f<br/><b>SHA256:</b>0d7933ae628a7198f8bb267e27f348f8cbe7c74083c25172dffaa0245b2bf056<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Sitemesh Plugin:compile</li></ul></p><h4 id="header158" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content158" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>sitemesh</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sitemesh</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>sitemesh</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>module</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.opensymphony.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>opensymphony</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>opensymphony</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Sitemesh</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>page</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Opensymphony</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>opensymphony</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>sitemesh</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.opensymphony.com/sitemesh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.opensymphony.com/sitemesh</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>sitemesh</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sitemesh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>sitemesh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.opensymphony.com</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>module</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>opensymphony</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Sitemesh</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>page</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>opensymphony</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Opensymphony</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>sitemesh</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.4.2</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.4.2</td><td>High</td></tr></table></div><h4 id="header159" class="subsectionheader white">Identifiers</h4><div id="content159" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/opensymphony/sitemesh@2.4.2" target="_blank">pkg:maven/opensymphony/sitemesh@2.4.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l73_b5a4b6d16ab13e34a88fae84c35cd5d68cac922c"></a>slf4j-api-1.7.30.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>The slf4j API</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/slf4j/slf4j-api/1.7.30/slf4j-api-1.7.30.jar<br/><b>MD5:</b>&nbsp;f8be00da99bc4ab64c79ab1e2be7cb7c<br/><b>SHA1:</b>&nbsp;b5a4b6d16ab13e34a88fae84c35cd5d68cac922c<br/><b>SHA256:</b>cdba07964d1bb40a0761485c6b1e8c2f8fd9eb1d19c53928ac0d7f9510105c57<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header160" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content160" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>SLF4J API Module</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.api</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>slf4j-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>slf4j-api</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>slf4j-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>slf4j-api</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>SLF4J API Module</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.api</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>slf4j-api</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>slf4j-api</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>slf4j</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.7.30</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.7.30</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.7.30</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.7.30</td><td>High</td></tr></table></div><h4 id="header161" class="subsectionheader white">Identifiers</h4><div id="content161" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/slf4j-api@1.7.30" target="_blank">pkg:maven/org.slf4j/slf4j-api@1.7.30</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l74_e606eac955f55ecf1d8edcccba04eb8ac98088dd"></a>slf4j-simple-1.7.30.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>SLF4J Simple binding</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/slf4j/slf4j-simple/1.7.30/slf4j-simple-1.7.30.jar<br/><b>MD5:</b>&nbsp;6577a4799237b81bc9bdc153d6347c30<br/><b>SHA1:</b>&nbsp;e606eac955f55ecf1d8edcccba04eb8ac98088dd<br/><b>SHA256:</b>8b9279cbff6b9f88594efae3cf02039b6995030eec023ed43928748c41670fee<br/><b>Referenced In Project/Scope:</b>Struts 2 Core:compile</p><h4 id="header162" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content162" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>slf4j-simple</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.slf4j.simple</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.simple</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.slf4j</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>slf4j-simple</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>SLF4J Simple Binding</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.slf4j.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-requiredexecutionenvironment</td><td>J2SE-1.5</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>slf4j-simple</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>slf4j-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>slf4j-simple</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.slf4j.simple</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>slf4j.simple</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>slf4j</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.slf4j</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>slf4j-simple</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>slf4j-simple</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>SLF4J Simple Binding</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>slf4j</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.7.30</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.7.30</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.7.30</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.7.30</td><td>High</td></tr></table></div><h4 id="header163" class="subsectionheader white">Identifiers</h4><div id="content163" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.slf4j/slf4j-simple@1.7.30" target="_blank">pkg:maven/org.slf4j/slf4j-simple@1.7.30</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l75_18775fdda48574784f40b47bf478ab0593f92e4d"></a>snakeyaml-1.21.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>YAML 1.1 parser and emitter for Java</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/yaml/snakeyaml/1.21/snakeyaml-1.21.jar<br/><b>MD5:</b>&nbsp;b16142890b39db3ff828085f56845b51<br/><b>SHA1:</b>&nbsp;18775fdda48574784f40b47bf478ab0593f92e4d<br/><b>SHA256:</b>e43cb0683f70804b833dfaa5ac032ff14ba0c758d4a1e9eaeb6640515df83faf<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header164" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content164" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.yaml.snakeyaml</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.snakeyaml.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>SnakeYAML</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>snakeyaml</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>yaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>parser</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>emitter</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>snakeyaml</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>yaml</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.yaml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.yaml.snakeyaml</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>SnakeYAML</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>yaml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>parser</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>emitter</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>snakeyaml</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>snakeyaml</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.snakeyaml.org</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>yaml</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>SnakeYAML</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.21</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.21</td><td>High</td></tr></table></div><h4 id="header165" class="subsectionheader white">Identifiers</h4><div id="content165" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.yaml/snakeyaml@1.21" target="_blank">pkg:maven/org.yaml/snakeyaml@1.21</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Asnakeyaml_project&amp;cpe_product=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml&amp;cpe_version=cpe%3A%2F%3Asnakeyaml_project%3Asnakeyaml%3A1.21" target="_blank">cpe:2.3:a:snakeyaml_project:snakeyaml:1.21:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="snakeyaml-1.21.jar" data-sha1="18775fdda48574784f40b47bf478ab0593f92e4d" data-pkgurl="pkg:maven/org.yaml/snakeyaml@1.21" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:snakeyaml_project:snakeyaml">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l76_a8b090664504b833e2d5d1e6863138cee1239681"></a>spring-core-4.3.26.RELEASE.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Spring Core</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-core/4.3.26.RELEASE/spring-core-4.3.26.RELEASE.jar<br/><b>MD5:</b>&nbsp;ec39a4f76633c98bc4819e397355b8aa<br/><b>SHA1:</b>&nbsp;a8b090664504b833e2d5d1e6863138cee1239681<br/><b>SHA256:</b>70ae68ce99fdb11afaaac6487b39b59b7a8db6ecd5f8a2c01181b7b9c3b15a1d<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header166" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content166" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>spring-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>spring-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>https://projects.spring.io/spring-framework</td><td>Medium</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>vmware</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>pivotal software</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Spring Core</td><td>High</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>SpringSource</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>springsource_spring_framework</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>spring-core</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>spring-core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Spring IO</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>spring-core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>springframework</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>https://projects.spring.io/spring-framework</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>spring-projects/spring-framework</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Spring Core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.3.26.RELEASE</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>4.3.26.RELEASE</td><td>High</td></tr></table></div><h4 id="header167" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content167" class="subsectioncontent standardsubsection hidden"><ul><li>spring-beans-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-beans/4.3.26.RELEASE/spring-beans-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;1510412e1af00c1beabe47f87e6c1777</li><li>SHA1:&nbsp;536bb74d60a86882c58bd6f63a82e5760261c37f</li><li>SHA256:&nbsp;fd7d135ee5dfa3d72ba4f195ba42127b84968c3bc12fb1a2496512778f5b3c77</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-beans@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-beans@4.3.26.RELEASE</a></li></ul></li><li>spring-expression-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-expression/4.3.26.RELEASE/spring-expression-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;17f4d8bb75f966e57df82bd27396fc4a</li><li>SHA1:&nbsp;52e4f81cff6b604db4a0a664c452a9e222841f87</li><li>SHA256:&nbsp;9d64c105349a571dc3c42057ba0bebc6da4fa1d58dce2faf8260aab7ed90a83e</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-expression@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-expression@4.3.26.RELEASE</a></li></ul></li><li>spring-webmvc-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-webmvc/4.3.26.RELEASE/spring-webmvc-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;7e848aaf6dbd4a3a34c553dedef732cf</li><li>SHA1:&nbsp;1a5e9c57e9ebf4de5948899e48f7e83adfe343a5</li><li>SHA256:&nbsp;d9d956555fa01b3969d0ca60b730c25f9162aa950995d76a1f8407adc6caf75c</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-webmvc@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-webmvc@4.3.26.RELEASE</a></li></ul></li><li>spring-web-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-web/4.3.26.RELEASE/spring-web-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;9d556ced11008277e89bf1a8c4ac8686</li><li>SHA1:&nbsp;9c17e176b359da9e8b3eb69b97c0607aafe85543</li><li>SHA256:&nbsp;8e37c8c6063c6436a582e344904cc5302d7b5459ea6c050afb04de88ca2039e3</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-web@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-web@4.3.26.RELEASE</a></li></ul></li><li>spring-context-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-context/4.3.26.RELEASE/spring-context-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;008d9631dcd62027c49715aea5de2476</li><li>SHA1:&nbsp;7c91199fb7086d02febf7f6ec19c41644e4ca29a</li><li>SHA256:&nbsp;d371617271d3567bad8ce52722ace120579698664be7f0809b14f1927398ebdc</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-context@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-context@4.3.26.RELEASE</a></li></ul></li><li>spring-test-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-test/4.3.26.RELEASE/spring-test-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;2bd1645c9b39b85bf74174a6c95e24c5</li><li>SHA1:&nbsp;60921b6c34f3bf7ccd7845708adee8c30998d226</li><li>SHA256:&nbsp;a9fb06a6c06d3742ade19cae7ae56946c7555311ee6ccd5fd0f578865cd4d319</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-test@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-test@4.3.26.RELEASE</a></li></ul></li><li>spring-aspects-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-aspects/4.3.26.RELEASE/spring-aspects-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;e2ae7614d84f301ce49e50a66c319167</li><li>SHA1:&nbsp;71835425a87eacdd4f9b6c5afdd07013721fb385</li><li>SHA256:&nbsp;713d3b7d098d9d257e4dc3722eb85c7154d4b49b7fafd97e1124b0688674069d</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-aspects@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-aspects@4.3.26.RELEASE</a></li></ul></li><li>spring-aop-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-aop/4.3.26.RELEASE/spring-aop-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;a1f6737fa66b99284c5fb16b96696014</li><li>SHA1:&nbsp;098f5eb6a6b3a2c2e6ee9eacd016a953c54fd3a3</li><li>SHA256:&nbsp;bd12ca116d9094efbd98ae1539b18014c7e48cf3ca2efc2022295ac1aeb5c15b</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-aop@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-aop@4.3.26.RELEASE</a></li></ul></li><li>spring-context-support-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-context-support/4.3.26.RELEASE/spring-context-support-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;c6d18673bcb0f2f5eefa8410565269b0</li><li>SHA1:&nbsp;a730ce14c0c5fe6921f3783aa14613a9d4ebc2fc</li><li>SHA256:&nbsp;f402af7dc51cac89a48f5ace9d7c34316292e28117c913671caa2d2beb781518</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-context-support@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-context-support@4.3.26.RELEASE</a></li></ul></li><li>spring-webmvc-portlet-4.3.26.RELEASE.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/springframework/spring-webmvc-portlet/4.3.26.RELEASE/spring-webmvc-portlet-4.3.26.RELEASE.jar</li><li>MD5:&nbsp;718259d1b46ec0b03a349dad7d734440</li><li>SHA1:&nbsp;4d1f862ed717b88a2a582ac13de0312c3b314fc8</li><li>SHA256:&nbsp;282a7cd7685e3bb7b477835cdd41cc01bf472009e27c7a892acc4ed70a1a182b</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-webmvc-portlet@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-webmvc-portlet@4.3.26.RELEASE</a></li></ul></li></ul></div><h4 id="header168" class="subsectionheader white">Identifiers</h4><div id="content168" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.springframework/spring-core@4.3.26.RELEASE" target="_blank">pkg:maven/org.springframework/spring-core@4.3.26.RELEASE</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Apivotal_software&amp;cpe_product=cpe%3A%2F%3Apivotal_software%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Apivotal_software%3Aspring_framework%3A4.3.26" target="_blank">cpe:2.3:a:pivotal_software:spring_framework:4.3.26:release:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-core-4.3.26.RELEASE.jar" data-sha1="a8b090664504b833e2d5d1e6863138cee1239681" data-pkgurl="pkg:maven/org.springframework/spring-core@4.3.26.RELEASE" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:pivotal_software:spring_framework">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aspringsource&amp;cpe_product=cpe%3A%2F%3Aspringsource%3Aspring_framework&amp;cpe_version=cpe%3A%2F%3Aspringsource%3Aspring_framework%3A4.3.26" target="_blank">cpe:2.3:a:springsource:spring_framework:4.3.26:release:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-core-4.3.26.RELEASE.jar" data-sha1="a8b090664504b833e2d5d1e6863138cee1239681" data-pkgurl="pkg:maven/org.springframework/spring-core@4.3.26.RELEASE" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:springsource:spring_framework">suppress</button></li><li>cpe:2.3:a:vmware:springsource_spring_framework:4.3.26:release:*:*:*:*:*:*&nbsp;&nbsp;(<i>Confidence</i>:Low)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="spring-core-4.3.26.RELEASE.jar" data-sha1="a8b090664504b833e2d5d1e6863138cee1239681" data-pkgurl="pkg:maven/org.springframework/spring-core@4.3.26.RELEASE" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:vmware:springsource_spring_framework">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l77_13c2b30926bca0429c704c4b4ca0b5d0432b69cd"></a>stax2-api-4.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
  </pre></p><p><b>License:</b><pre class="indent">The BSD License: http://www.opensource.org/licenses/bsd-license.php</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/codehaus/woodstox/stax2-api/4.2/stax2-api-4.2.jar<br/><b>MD5:</b>&nbsp;5d22fe6dbb276d1fd6dab40c386a4f0a<br/><b>SHA1:</b>&nbsp;13c2b30926bca0429c704c4b4ca0b5d0432b69cd<br/><b>SHA256:</b>badf6081a0bb526fd2c01951dfefad91b6846b6dd0eb0048587e30d1dd334e68<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li></ul></p><h4 id="header169" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content169" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-date</td><td>2019-03-13 04:03:16+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>codehaus.woodstox</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>fasterxml.com</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>fasterxml.com</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.codehaus.woodstox</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>stax2</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>typed</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.codehaus.woodstox</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://github.com/FasterXML/stax2-api</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>stax2-api</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Stax2 API</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.codehaus.stax2</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>fasterxml.com</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://fasterxml.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>stax2-api</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://github.com/FasterXML/stax2-api</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>stax2-api</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Stax2 API</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-date</td><td>2019-03-13 04:03:16+0000</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>codehaus.woodstox</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>stax2-api</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>stax2</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>typed</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://github.com/FasterXML/stax2-api</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Stax2 API</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://github.com/FasterXML/stax2-api</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Stax2 API</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.codehaus.stax2</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Stax2 API</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>stax2-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>stax2-api</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>4.2</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>4.2</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>4.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>4.2</td><td>Highest</td></tr></table></div><h4 id="header170" class="subsectionheader white">Identifiers</h4><div id="content170" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.codehaus.woodstox/stax2-api@4.2" target="_blank">pkg:maven/org.codehaus.woodstox/stax2-api@4.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l78_3fe2a1266e5224b66ade1cc57b92b178023a4ae9"></a>struts-annotations-1.0.7.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        struts-annotations adds annotations processor support for struts based annotated projects,
        such as TLD and documentation generation from annotated component classes as used in struts2
    </pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts-annotations/1.0.7/struts-annotations-1.0.7.jar<br/><b>MD5:</b>&nbsp;cde5d067c06bf2cd8fe0742d8c4d461e<br/><b>SHA1:</b>&nbsp;3fe2a1266e5224b66ade1cc57b92b178023a4ae9<br/><b>SHA256:</b>f7dc6b8f8536bcf29bc1cbd58099c560f2313450340d2505686be214c5931cdd<br/><b>Referenced In Project/Scope:</b>Struts 2 Core:compile</p><h4 id="header171" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content171" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>struts-annotations</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>struts-master</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>struts-annotations</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>annotations</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://struts.apache.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Struts Annotations</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>struts-annotations</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>struts-annotations</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>annotations</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>struts</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Struts Annotations</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Struts Annotations</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://struts.apache.org</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>struts-master</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Struts Annotations</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.0.7</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.0.7</td><td>Low</td></tr></table></div><h4 id="header172" class="subsectionheader white">Identifiers</h4><div id="content172" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts-annotations@1.0.7" target="_blank">pkg:maven/org.apache.struts/struts-annotations@1.0.7</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l79_64a03701b6797529aaa7cb200f803b7b26c6bb3f"></a>struts2-core-2.6-SNAPSHOT.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Struts 2</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar<br/><b>MD5:</b>&nbsp;bdabb37e4b04f29f4ca390fa2aefce44<br/><b>SHA1:</b>&nbsp;64a03701b6797529aaa7cb200f803b7b26c6bb3f<br/><b>SHA256:</b>e2932ae7ddfa0747221ea42a6d12263237248e3ab9c2ed12b162c13a06147183<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Pell Multipart Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 Webapps:compile</li><li>Struts 2 Plexus Plugin:compile</li><li>Struts 2 JSON Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Java Templates Plugin:compile</li><li>Struts 2 Async Plugin:compile</li><li>Struts 2 Convention Plugin:compile</li><li>Struts 2 CDI Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Plugins:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Spring Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OSGi Plugin:compile</li><li>Struts 2 GXP Plugin:compile</li><li>Struts 2 OVal Plugin:compile</li><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 OSGi Bundles:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Portlet Mocks Plugin:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>Struts 2 Jasper Reports Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 DWR Plugin:compile</li><li>Struts 2 TestNG Plugin:compile</li><li>Struts 2 JFreeChart Plugin:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header173" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content173" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>struts2</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://struts.apache.org/struts2-core/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>struts2-core</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Struts 2 Core</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>struts2-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>struts2-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.struts.2-core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>struts2</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://struts.apache.org/struts2-core/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>struts2-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>struts2-core</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Struts 2 Core</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>filter</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Struts 2 Core</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>struts2-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.struts.2-core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Struts 2 Core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Struts 2 Core</td><td>Medium</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.6-SNAPSHOT</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.6-SNAPSHOT</td><td>Highest</td></tr></table></div><h4 id="header174" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content174" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-portlet-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-portlet-plugin/2.6-SNAPSHOT/struts2-portlet-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;59894991cb7767542eb5eb1bec0edd25</li><li>SHA1:&nbsp;5b20a0aedacdee77d88c14e64bec384a3e2e194a</li><li>SHA256:&nbsp;e3ca0a6f650f98ec32829ed07df86848bf6ecda3e17eec9a3771ea33d1c942e5</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-portlet-plugin@2.6-20200419.094356-286" target="_blank">pkg:maven/org.apache.struts/struts2-portlet-plugin@2.6-20200419.094356-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-portlet-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-portlet-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-bean-validation-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-bean-validation-plugin/2.6-SNAPSHOT/struts2-bean-validation-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;4fa9ad4c6b2e7965eb74cb3d1b22150d</li><li>SHA1:&nbsp;a4b5d4733c278c4e713a785bb963ea28312ed54a</li><li>SHA256:&nbsp;c8a3b38eff0a1fe39d6f3c9db6630dec90af0a68c23048e7d8b3dfd64415d899</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-bean-validation-plugin@2.6-20200419.094202-296" target="_blank">pkg:maven/org.apache.struts/struts2-bean-validation-plugin@2.6-20200419.094202-296</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-bean-validation-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-bean-validation-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-sitemesh-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-sitemesh-plugin/2.6-SNAPSHOT/struts2-sitemesh-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;c29e305e6b431e581a62dd4fdf032ec1</li><li>SHA1:&nbsp;ac59fdaee71e42d8a03792f3606aa4b55ece340e</li><li>SHA256:&nbsp;39819b90fa9e1e8b1d1cc534c7104d492d6811b6031c97dbe22d313729f45ac3</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-sitemesh-plugin@2.6-20200419.094622-294" target="_blank">pkg:maven/org.apache.struts/struts2-sitemesh-plugin@2.6-20200419.094622-294</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-sitemesh-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-sitemesh-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-plexus-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-plexus-plugin/2.6-SNAPSHOT/struts2-plexus-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;bfa84654b80b73a9998ab94f2918b5ec</li><li>SHA1:&nbsp;90c577716da45a9e848806c038de31196f30629f</li><li>SHA256:&nbsp;f9ff56fb7ea08bbaf448487e09166e436cec3b755d5a79cd614a1daa65094abc</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-plexus-plugin@2.6-20200419.094542-286" target="_blank">pkg:maven/org.apache.struts/struts2-plexus-plugin@2.6-20200419.094542-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-plexus-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-plexus-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-embeddedjsp-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-embeddedjsp-plugin/2.6-SNAPSHOT/struts2-embeddedjsp-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;261daeaa26ba812a3982fa0632ce780b</li><li>SHA1:&nbsp;ccb4ec2c64df925b1f19ce342ecbf885057d13d1</li><li>SHA256:&nbsp;c359d12e9083dd644684a42141fbb2cd576d66ce11c14adf2768cc7699ba4f25</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-embeddedjsp-plugin@2.6-20200419.094312-291" target="_blank">pkg:maven/org.apache.struts/struts2-embeddedjsp-plugin@2.6-20200419.094312-291</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-embeddedjsp-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-embeddedjsp-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-cdi-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-cdi-plugin/2.6-SNAPSHOT/struts2-cdi-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;420d156f517ca6665dfa7d9a2b6f81a5</li><li>SHA1:&nbsp;2207456d192dc299da96cdb9d3f7508c3e5c9809</li><li>SHA256:&nbsp;3ab738e172db239f783c53e50b5d2c87c7f097ba4af51f2165650990e643b3c2</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-cdi-plugin@2.6-20200419.094214-291" target="_blank">pkg:maven/org.apache.struts/struts2-cdi-plugin@2.6-20200419.094214-291</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-cdi-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-cdi-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-convention-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-convention-plugin/2.6-SNAPSHOT/struts2-convention-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;15bf0a670f7d05a2112778a73e2f417d</li><li>SHA1:&nbsp;efcd02537433735963dd542267826dfe530345a8</li><li>SHA256:&nbsp;fe63917c5af59a7e4af84ec4d0144678c6160eceb30a1825493110e1cf655886</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-convention-plugin@2.6-20200419.094248-296" target="_blank">pkg:maven/org.apache.struts/struts2-convention-plugin@2.6-20200419.094248-296</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-convention-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-convention-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-javatemplates-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-javatemplates-plugin/2.6-SNAPSHOT/struts2-javatemplates-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;d50acadc920735d0a55aabe3cec3c086</li><li>SHA1:&nbsp;5f9f50e5dec0b54988a34ca25d2dcc76a21a6329</li><li>SHA256:&nbsp;0d50d05efb214df9e2c88a15fee96dd9584e04f888c63e28e42c2b5ee6d90ce6</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-javatemplates-plugin@2.6-20200419.094434-287" target="_blank">pkg:maven/org.apache.struts/struts2-javatemplates-plugin@2.6-20200419.094434-287</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-javatemplates-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-javatemplates-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-jasperreports-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-jasperreports-plugin/2.6-SNAPSHOT/struts2-jasperreports-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;6073099b2a48320b344f3b285401279c</li><li>SHA1:&nbsp;1b6b1c01ea0d0ec319b15c15d857dbfff38668ae</li><li>SHA256:&nbsp;79249163ec96241f96ad8e1f120d92a205f45a90b2d45cd30dca9f39b3d86c32</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-jasperreports-plugin@2.6-20200419.094424-287" target="_blank">pkg:maven/org.apache.struts/struts2-jasperreports-plugin@2.6-20200419.094424-287</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-jasperreports-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-jasperreports-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-osgi-demo-bundle-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-osgi-demo-bundle/2.6-SNAPSHOT/struts2-osgi-demo-bundle-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;7c1172c297d4be7ea2eff7240ff5fdc7</li><li>SHA1:&nbsp;cb492f3a29a5b9b54fdab23c90ef51ab47a9c094</li><li>SHA256:&nbsp;f47f15f91de25baeb5c20df8768d1c3ef99fd6d5f0a8c5cb57580220443b8ad6</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-osgi-demo-bundle@2.6-20200419.094656-286" target="_blank">pkg:maven/org.apache.struts/struts2-osgi-demo-bundle@2.6-20200419.094656-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-osgi-demo-bundle@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-osgi-demo-bundle@2.6-SNAPSHOT</a></li></ul></li><li>struts2-dwr-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-dwr-plugin/2.6-SNAPSHOT/struts2-dwr-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;56b6a963d31b8685b3749ce5a833cafa</li><li>SHA1:&nbsp;0688a86766e88bb2c6a896a49f9bd65d50e390d6</li><li>SHA256:&nbsp;21a5ecc93da2ba1f2de8935a0a663ef061b248e065d45bbdcc0af45fe4684073</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-dwr-plugin@2.6-20200419.094256-295" target="_blank">pkg:maven/org.apache.struts/struts2-dwr-plugin@2.6-20200419.094256-295</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-dwr-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-dwr-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-junit-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-junit-plugin/2.6-SNAPSHOT/struts2-junit-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;ed035a579a1b7d8d980042e1e0895e2d</li><li>SHA1:&nbsp;f94454445ce915b2ee0399cc9291ef6d3082fd1b</li><li>SHA256:&nbsp;089d55a972946f5be2a8fd49fe130a3eac176147b38eabc1c1d1417ea2e60574</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-junit-plugin@2.6-20200419.094411-295" target="_blank">pkg:maven/org.apache.struts/struts2-junit-plugin@2.6-20200419.094411-295</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-junit-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-junit-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-rest-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-rest-plugin/2.6-SNAPSHOT/struts2-rest-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;7eaeb397be8c73c411b3befd700ec554</li><li>SHA1:&nbsp;102f2de5d296c9b475847ab046db5aa924ac90c3</li><li>SHA256:&nbsp;6591574615626c8853b568e6b9347bdbb664e778551b3b0286797681a3e1cd66</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-rest-plugin@2.6-20200419.094613-293" target="_blank">pkg:maven/org.apache.struts/struts2-rest-plugin@2.6-20200419.094613-293</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-rest-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-rest-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-jfreechart-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-jfreechart-plugin/2.6-SNAPSHOT/struts2-jfreechart-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;ec724de313b242c13e57a65dd15947c3</li><li>SHA1:&nbsp;32c5599a85de46b06141e1576c6e076721455785</li><li>SHA256:&nbsp;175bab0566213c3335703646cc151b00739c8a50715e26cd80d839003752aa03</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-jfreechart-plugin@2.6-20200419.094446-287" target="_blank">pkg:maven/org.apache.struts/struts2-jfreechart-plugin@2.6-20200419.094446-287</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-jfreechart-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-jfreechart-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-portlet-mocks-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-portlet-mocks-plugin/2.6-SNAPSHOT/struts2-portlet-mocks-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;38d92d4f3f62da79762cbf5ef61514d8</li><li>SHA1:&nbsp;77e0f9eb9602cb6f8a68ba97a0ecb4a9d0f24434</li><li>SHA256:&nbsp;9cf9c5db55701d2df737f24a36cee0a2a38eaca09ced0035a21e7a003cfcd5bd</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-portlet-mocks-plugin@2.6-20200419.094342-8" target="_blank">pkg:maven/org.apache.struts/struts2-portlet-mocks-plugin@2.6-20200419.094342-8</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-portlet-mocks-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-portlet-mocks-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-gxp-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-gxp-plugin/2.6-SNAPSHOT/struts2-gxp-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;c7b0750620060588360f2ff247d4c459</li><li>SHA1:&nbsp;0ab865be5cc2ce500a8e3ce089bc3561d8795961</li><li>SHA256:&nbsp;17efff34aedecaafba5aaa1a955e639ea1a946b39a06e205cbf716c0e9f4f7cd</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-gxp-plugin@2.6-20200419.094321-291" target="_blank">pkg:maven/org.apache.struts/struts2-gxp-plugin@2.6-20200419.094321-291</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-gxp-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-gxp-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-osgi-admin-bundle/2.6-SNAPSHOT/struts2-osgi-admin-bundle-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;11477abc1552e666a151097aa089cd0c</li><li>SHA1:&nbsp;8d2c3cbb95f394e6d68aced2a0759eac1f503c23</li><li>SHA256:&nbsp;fc101397ce8ea6302e0a05f449ab78693c727ad0299213018141466b38d2a8a1</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-osgi-admin-bundle@2.6-20200419.094647-286" target="_blank">pkg:maven/org.apache.struts/struts2-osgi-admin-bundle@2.6-20200419.094647-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-osgi-admin-bundle@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-osgi-admin-bundle@2.6-SNAPSHOT</a></li></ul></li><li>struts2-config-browser-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-config-browser-plugin/2.6-SNAPSHOT/struts2-config-browser-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;9d48df25f76890dc24def9fc2f2d39f7</li><li>SHA1:&nbsp;93e19426e2690af3c0f97461557e20a6baa323c0</li><li>SHA256:&nbsp;39fd89f019ee105f8646606d49eba7198ae02612b63864005813909405803749</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-config-browser-plugin@2.6-20200419.094234-295" target="_blank">pkg:maven/org.apache.struts/struts2-config-browser-plugin@2.6-20200419.094234-295</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-config-browser-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-config-browser-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-testng-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-testng-plugin/2.6-SNAPSHOT/struts2-testng-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;a173487a4ed00dd220815bca6b761a0c</li><li>SHA1:&nbsp;ca76c38ce4f9dfab3a213ef8c3a4324b3e1fdc4c</li><li>SHA256:&nbsp;ed73aead223dea8c1be1777ab331958ad532721cf28d2152d7fb938c7c8bfc52</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-testng-plugin@2.6-20200419.094632-286" target="_blank">pkg:maven/org.apache.struts/struts2-testng-plugin@2.6-20200419.094632-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-testng-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-testng-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-async-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-async-plugin/2.6-SNAPSHOT/struts2-async-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;a6061d045895efa4252ff1b770ea5ba5</li><li>SHA1:&nbsp;ca3ce92751239ca399ef53d03541e776207ca4e1</li><li>SHA256:&nbsp;eb7182c3293e8ec6d4880eb5bb63bee0a5d42b7221e816cf3e454b2ea4d4ed52</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-async-plugin@2.6-20200419.094149-255" target="_blank">pkg:maven/org.apache.struts/struts2-async-plugin@2.6-20200419.094149-255</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-async-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-async-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-osgi-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-osgi-plugin/2.6-SNAPSHOT/struts2-osgi-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;1f30b067cbb4185a0ac9b13dd4df0925</li><li>SHA1:&nbsp;60db5b8ecb63bcbf2b72ab68b2b14cf13a2aaad6</li><li>SHA256:&nbsp;98a662b89db80544af60c8526579b2a2d7e9e90f0c95c97ab6a3ea71fd6ce86b</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-osgi-plugin@2.6-20200419.094512-287" target="_blank">pkg:maven/org.apache.struts/struts2-osgi-plugin@2.6-20200419.094512-287</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-osgi-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-osgi-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-velocity-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-velocity-plugin/2.6-SNAPSHOT/struts2-velocity-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;fdc19f717d804ffc950ff8d04d7a96ca</li><li>SHA1:&nbsp;e3fb8eb4dda9c88bdcc37d47747dfd73d3d2fc3e</li><li>SHA256:&nbsp;0ec68306a0f41945be09e7474cc514d1317ec2fe1a752bf656a2f55592d95903</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-velocity-plugin@2.6-20200419.094225-34" target="_blank">pkg:maven/org.apache.struts/struts2-velocity-plugin@2.6-20200419.094225-34</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-velocity-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-velocity-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-oval-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-oval-plugin/2.6-SNAPSHOT/struts2-oval-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;5889aa8be1650c9568ea434fabdd8de4</li><li>SHA1:&nbsp;362698ab9ed6cc56358e661168999a5c26ae39b0</li><li>SHA256:&nbsp;7f1be33013c3646c0fbf4b62eca9304425d7836290f3e4b3fddb008a8f9e2ddc</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-oval-plugin@2.6-20200419.094525-286" target="_blank">pkg:maven/org.apache.struts/struts2-oval-plugin@2.6-20200419.094525-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-oval-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-oval-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-pell-multipart-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-pell-multipart-plugin/2.6-SNAPSHOT/struts2-pell-multipart-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;a1f3c49c55c70436a2b7f3c2be98630b</li><li>SHA1:&nbsp;ebac39d24542e5c85c9fd8421d126d3a5cc64eda</li><li>SHA256:&nbsp;51dfdaea4f35f3530de4c87a98d6259dddb1e33e68c94ab4b1d563fefff58bbb</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-pell-multipart-plugin@2.6-20200419.094533-286" target="_blank">pkg:maven/org.apache.struts/struts2-pell-multipart-plugin@2.6-20200419.094533-286</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-pell-multipart-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-pell-multipart-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-spring-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-spring-plugin/2.6-SNAPSHOT/struts2-spring-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;bb22dd6ea50a50cd162c12944a6545fe</li><li>SHA1:&nbsp;723dabfb99bbedf48df7accc3bf67791c1e8b3c8</li><li>SHA256:&nbsp;82e7eb97a6d47ba4013b55f52d5a6ca9fc6e69222cb8c4c0cd69e3c946d1e526</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-spring-plugin@2.6-20200419.094331-296" target="_blank">pkg:maven/org.apache.struts/struts2-spring-plugin@2.6-20200419.094331-296</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-spring-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-spring-plugin@2.6-SNAPSHOT</a></li></ul></li><li>struts2-json-plugin-2.6-SNAPSHOT.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-json-plugin/2.6-SNAPSHOT/struts2-json-plugin-2.6-SNAPSHOT.jar</li><li>MD5:&nbsp;ef524bc6913fdadde14a4340fe4afdaf</li><li>SHA1:&nbsp;56f39000dd5e9e5a8287a6fc32325dd91d292c27</li><li>SHA256:&nbsp;b795147f16b93284ef8a6ba1b80cd339d48437c839d6cb4450e36716be53309e</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-json-plugin@2.6-20200419.094502-295" target="_blank">pkg:maven/org.apache.struts/struts2-json-plugin@2.6-20200419.094502-295</a></li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-json-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-json-plugin@2.6-SNAPSHOT</a></li></ul></li></ul></div><h4 id="header175" class="subsectionheader white">Identifiers</h4><div id="content175" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-core@2.6-20200419.094131-295" target="_blank">pkg:maven/org.apache.struts/struts2-core@2.6-20200419.094131-295</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-core@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-core@2.6-SNAPSHOT</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Astruts&amp;cpe_version=cpe%3A%2F%3Aapache%3Astruts%3A2.6" target="_blank">cpe:2.3:a:apache:struts:2.6:snapshot:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="struts2-core-2.6-SNAPSHOT.jar" data-sha1="64a03701b6797529aaa7cb200f803b7b26c6bb3f" data-pkgurl="pkg:maven/org.apache.struts/struts2-core@2.6-20200419.094131-295" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:struts">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l80_d5c25e6adc63008d8c1e5c16031dcc18f66309bb"></a>struts2-tiles-plugin-2.6-SNAPSHOT.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Struts 2</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-tiles-plugin/2.6-SNAPSHOT/struts2-tiles-plugin-2.6-SNAPSHOT.jar<br/><b>MD5:</b>&nbsp;0c238a18bdab872c5a7e411ed171d5e0<br/><b>SHA1:</b>&nbsp;d5c25e6adc63008d8c1e5c16031dcc18f66309bb<br/><b>SHA256:</b>3f0e78f14e25fbc7eef2ac66d70219b6b6bedd45feb36768a82ae1a33d05be6e<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header176" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content176" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>struts2</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>struts2-tiles-plugin</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://struts.apache.org/struts2-plugins/struts2-tiles-plugin/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.struts.2-tiles-plugin</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>struts2-tiles-plugin</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Struts 2 Tiles Plugin</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>struts2-plugins</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>originally-created-by</td><td>Apache Maven Bundle Plugin</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>struts2</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://www.apache.org</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Struts 2 Tiles Plugin</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>struts2-tiles-plugin</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Struts 2 Tiles Plugin</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Struts 2 Tiles Plugin</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>struts2-tiles-plugin</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://struts.apache.org/struts2-plugins/struts2-tiles-plugin/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>struts2-plugins</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.struts.2-tiles-plugin</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Struts 2 Tiles Plugin</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.6-SNAPSHOT</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.6-SNAPSHOT</td><td>Highest</td></tr></table></div><h4 id="header177" class="subsectionheader white">Identifiers</h4><div id="content177" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294" target="_blank">pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-SNAPSHOT" target="_blank">pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-SNAPSHOT</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Astruts&amp;cpe_version=cpe%3A%2F%3Aapache%3Astruts%3A2.6" target="_blank">cpe:2.3:a:apache:struts:2.6:snapshot:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="struts2-tiles-plugin-2.6-SNAPSHOT.jar" data-sha1="d5c25e6adc63008d8c1e5c16031dcc18f66309bb" data-pkgurl="pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:struts">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A2.6" target="_blank">cpe:2.3:a:apache:tiles:2.6:snapshot:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="struts2-tiles-plugin-2.6-SNAPSHOT.jar" data-sha1="d5c25e6adc63008d8c1e5c16031dcc18f66309bb" data-pkgurl="pkg:maven/org.apache.struts/struts2-tiles-plugin@2.6-20200419.094552-294" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:tiles">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l81_6feb3e964aeb7097aff30c372aac3ec0f8d87ede"></a>testng-6.9.10.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Testing framework for Java</pre></p><p><b>License:</b><pre class="indent">Apache  Version 2.0, January 2004</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/testng/testng/6.9.10/testng-6.9.10.jar<br/><b>MD5:</b>&nbsp;83e26cb672a81f5bbda139436ef4d8d0<br/><b>SHA1:</b>&nbsp;6feb3e964aeb7097aff30c372aac3ec0f8d87ede<br/><b>SHA256:</b>240ae7bbcf066aadff967b42a27a697693bf5a4e6a5ff4bf339b6bfe371288e4<br/><b>Referenced In Project/Scope:</b>Struts 2 TestNG Plugin:compile</p><h4 id="header178" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content178" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>build-date</td><td>2015-12-16</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>testng</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>testng</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://github.com/cbeust/testng</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.testng</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-time</td><td>01:14:26.500+0400</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>testng</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.testng</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-date</td><td>2015-12-16</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>testng</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>testng</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>testng</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>testng</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.testng</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>build-time</td><td>01:14:26.500+0400</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>testng</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://github.com/cbeust/testng</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.9.10</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>6.9.10</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>specification-version</td><td>6.9.10</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.9.10</td><td>Highest</td></tr></table></div><h4 id="header179" class="subsectionheader white">Identifiers</h4><div id="content179" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.testng/testng@6.9.10" target="_blank">pkg:maven/org.testng/testng@6.9.10</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l82_9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f"></a>testng-6.9.10.jar: jquery-1.7.1.min.js</h3><div class="subsectioncontent"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/testng/testng/6.9.10/testng-6.9.10.jar/jquery-1.7.1.min.js<br/><b>MD5:</b>&nbsp;ddb84c1587287b2df08966081ef063bf<br/><b>SHA1:</b>&nbsp;9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f<br/><b>SHA256:</b>88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd<br/><b>Referenced In Project/Scope:</b>Struts 2 TestNG Plugin:compile</p><h4 id="header180" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content180" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.7.1.min</td><td>High</td></tr></table></div><h4 id="header181" class="subsectionheader white">Identifiers</h4><div id="content181" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@1.7.1.min" target="_blank">pkg:javascript/jquery@1.7.1.min</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div><h4 id="header182" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content182" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6708">CVE-2012-6708</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="testng-6.9.10.jar: jquery-1.7.1.min.js" data-sha1="9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f" data-pkgurl="pkg:javascript/jquery@1.7.1.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2012-6708">suppress</button></p><p><pre>jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '&lt;' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '&lt;' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/102792">102792</a></li><li>CONFIRM - <a target="_blank" href="https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0">https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="https://bugs.jquery.com/ticket/11290">https://bugs.jquery.com/ticket/11290</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d">https://github.com/jquery/jquery/commit/05531fc4080ae24070930d15ae0cea7ae056457d</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/npm:jquery:20120206">https://snyk.io/vuln/npm:jquery:20120206</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html">openSUSE-SU-2020:0395</a></li><li>info - <a target="_blank" href="http://bugs.jquery.com/ticket/11290">http://bugs.jquery.com/ticket/11290</a></li><li>info - <a target="_blank" href="http://research.insecurelabs.org/jquery/test/">http://research.insecurelabs.org/jquery/test/</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2012-6708">https://nvd.nist.gov/vuln/detail/CVE-2012-6708</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs15">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 1.9.0</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-9251">CVE-2015-9251</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="testng-6.9.10.jar: jquery-1.7.1.min.js" data-sha1="9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f" data-pkgurl="pkg:javascript/jquery@1.7.1.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2015-9251">suppress</button></p><p><pre>jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/105658">105658</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>CONFIRM - <a target="_blank" href="http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html">http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html</a></li><li>CONFIRM - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html">https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2019-08">https://www.tenable.com/security/tns-2019-08</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc">https://github.com/jquery/jquery/commit/f60729f3903d17917dc351f3ac87794de379b0cc</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/issues/2432">https://github.com/jquery/jquery/issues/2432</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/2588">https://github.com/jquery/jquery/pull/2588</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2">https://github.com/jquery/jquery/pull/2588/commits/c254d308a7d3f1eac4d0b42837804cfffcba4bb2</a></li><li>MISC - <a target="_blank" href="https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04">https://ics-cert.us-cert.gov/advisories/ICSA-18-212-04</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/npm:jquery:20150627">https://snyk.io/vuln/npm:jquery:20150627</a></li><li>MISC - <a target="_blank" href="https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf">https://sw.aveva.com/hubfs/assets-2018/pdf/security-bulletin/SecurityBulletin_LFSec126.pdf</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html">https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/10f0f3aefd51444d1198c65f44ffdf2d78ca3359423dbc1c168c9731@%3Cdev.flink.apache.org%3E">[flink-dev] 20190811 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/54df3aeb4239b64b50b356f0ca6f986e3c4ca5b84c515dce077c7854@%3Cuser.flink.apache.org%3E">[flink-user] 20190811 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/17ff53f7999e74fbe3cc0ceb4e1c3b00b180b7c5afec8e978837bc49@%3Cuser.flink.apache.org%3E">[flink-user] 20190813 Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/52bafac05ad174000ea465fe275fd3cc7bd5c25535a7631c0bc9bfb2@%3Cuser.flink.apache.org%3E">[flink-user] 20190813 Re: Apache flink 1.7.2 security issues</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E">[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2020:0481">RHSA-2020:0481</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2020:0729">RHSA-2020:0729</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00041.html">openSUSE-SU-2020:0395</a></li><li>info - <a target="_blank" href="http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/">http://blog.jquery.com/2016/01/08/jquery-2-2-and-1-12-released/</a></li><li>info - <a target="_blank" href="http://research.insecurelabs.org/jquery/test/">http://research.insecurelabs.org/jquery/test/</a></li><li>info - <a target="_blank" href="https://github.com/jquery/jquery/issues/2432">https://github.com/jquery/jquery/issues/2432</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2015-9251">https://nvd.nist.gov/vuln/detail/CVE-2015-9251</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs16">cpe:2.3:a:oracle:healthcare_foundation:7.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:retail_workforce_management_software:1.64.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7</li><li class="vs16">cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:endeca_information_discovery_studio:3.1.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.6:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_liquidity_risk_management:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.6</li><li class="vs16">cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:siebel_ui_framework:18.10:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6</li><li class="vs16">cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:real-time_scheduler:2.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.4:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:retail_sales_audit:15.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from (including) 4.3.0.1; versions up to (including) 4.3.0.4</li><li class="vs16">cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7</li><li class="vs16">cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7</li><li class="vs16">cpe:2.3:a:oracle:utilities_mobile_workforce_management:2.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.5:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.0.0</li><li class="vs16">cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.0.7</li><li class="vs16">cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.1; versions up to (including) 17.12</li><li class="vs16">cpe:2.3:a:oracle:siebel_ui_framework:18.11:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7</li><li class="vs16">cpe:2.3:a:oracle:retail_allocation:15.0.2:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.5:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:oss_support_tools:19.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2</li><li class="vs16">cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7</li><li class="vs16">cpe:2.3:a:oracle:enterprise_operations_monitor:4.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:enterprise_operations_monitor:3.4:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.0.1</li><li class="vs16">cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.0.4.0</li><li class="vs16">cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5</li><li class="vs16">cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*</li><li class="vs16">cpe:2.3:a:oracle:healthcare_foundation:7.1:*:*:*:*:*:*:*</li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11358">CVE-2019-11358</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="testng-6.9.10.jar: jquery-1.7.1.min.js" data-sha1="9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f" data-pkgurl="pkg:javascript/jquery@1.7.1.min" data-type-to-suppress="cve" data-id-to-suppress="CVE-2019-11358">suppress</button></p><p><pre>jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (6.1)</li><li>Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/108023">108023</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/Apr/32">20190421 [SECURITY] [DSA 4434-1] drupal7 security update</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/May/18">20190509 dotCMS v5.1.1 Vulnerabilities</a></li><li>BUGTRAQ - <a target="_blank" href="https://seclists.org/bugtraq/2019/Jun/12">20190612 [SECURITY] [DSA 4460-1] mediawiki security update</a></li><li>CONFIRM - <a target="_blank" href="https://security.netapp.com/advisory/ntap-20190919-0001/">https://security.netapp.com/advisory/ntap-20190919-0001/</a></li><li>CONFIRM - <a target="_blank" href="https://www.synology.com/security/advisory/Synology_SA_19_19">https://www.synology.com/security/advisory/Synology_SA_19_19</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2019-08">https://www.tenable.com/security/tns-2019-08</a></li><li>CONFIRM - <a target="_blank" href="https://www.tenable.com/security/tns-2020-02">https://www.tenable.com/security/tns-2020-02</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2019/dsa-4434">DSA-4434</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2019/dsa-4460">DSA-4460</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4UOAZIFCSZ3ENEFOR5IXX6NFAD3HV7FA/">FEDORA-2019-1a3edd7e8a</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLXRX23725JL366CNZGJZ7AQQB7LHQ6F/">FEDORA-2019-2a0ce0c58c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KYH3OAGR2RTCHRA5NOKX2TES7SNQMWGO/">FEDORA-2019-7eaf0bbe7c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QV3PKZC3PQCO3273HAT76PAQZFBEO4KP/">FEDORA-2019-a06dffab1c</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5IABSKTYZ5JUGL735UKGXL5YPRYOPUYI/">FEDORA-2019-eba8e44ee6</a></li><li>FEDORA - <a target="_blank" href="https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZW27UCJ5CYFL4KFFFMYMIBNMIU2ALG5/">FEDORA-2019-f563e66380</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/13">20190510 Re: dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/11">20190510 dotCMS v5.1.1 HTML Injection &amp; XSS Vulnerability</a></li><li>FULLDISC - <a target="_blank" href="http://seclists.org/fulldisclosure/2019/May/10">20190510 dotCMS v5.1.1 Vulnerabilities</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html">http://packetstormsecurity.com/files/152787/dotCMS-5.1.1-Vulnerable-Dependencies.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html">http://packetstormsecurity.com/files/153237/RetireJS-CORS-Issue-Script-Execution.html</a></li><li>MISC - <a target="_blank" href="http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html">http://packetstormsecurity.com/files/156743/OctoberCMS-Insecure-Dependencies.html</a></li><li>MISC - <a target="_blank" href="https://backdropcms.org/security/backdrop-sa-core-2019-009">https://backdropcms.org/security/backdrop-sa-core-2019-009</a></li><li>MISC - <a target="_blank" href="https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/">https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b">https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b</a></li><li>MISC - <a target="_blank" href="https://github.com/jquery/jquery/pull/4333">https://github.com/jquery/jquery/pull/4333</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/SNYK-JS-JQUERY-174006">https://snyk.io/vuln/SNYK-JS-JQUERY-174006</a></li><li>MISC - <a target="_blank" href="https://www.drupal.org/sa-core-2019-006">https://www.drupal.org/sa-core-2019-006</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/security-alerts/cpujan2020.html">https://www.oracle.com/security-alerts/cpujan2020.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html">https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html</a></li><li>MISC - <a target="_blank" href="https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html">https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html</a></li><li>MISC - <a target="_blank" href="https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/">https://www.privacy-wise.com/mitigating-cve-2019-11358-in-old-versions-of-jquery/</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/6097cdbd6f0a337bedd9bb5cc441b2d525ff002a96531de367e4259f@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/5928aa293e39d248266472210c50f176cac1535220f2486e6a7fa844@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] XD-DENG merged pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/88fb0362fd40e5b605ea8149f63241537b8b6fb5bfa315391fc5cbb7@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] codecov-io commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/08720ef215ee7ab3386c05a1a90a7d1c852bf0706f176a7816bf65fc@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] feng-tao commented on issue #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b736d0784cf02f5a30fbb4c5902762a15ad6d47e17e2c5a17b7d6205@%3Ccommits.airflow.apache.org%3E">[airflow-commits] 20190428 [GitHub] [airflow] feng-tao opened a new pull request #5197: [AIRFLOW-XXX] Fix CVE-2019-11358</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2019/05/msg00006.html">[debian-lts-announce] 20190506 [SECURITY] [DLA 1777-1] jquery security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2019/05/msg00029.html">[debian-lts-announce] 20190520 [SECURITY] [DLA 1797-1] drupal7 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2020/02/msg00024.html">[debian-lts-announce] 20200224 [SECURITY] [DLA 2118-1] otrs2 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E">[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E">[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E">[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E">[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E">[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html</a></li><li>MLIST - <a target="_blank" href="http://www.openwall.com/lists/oss-security/2019/06/03/2">[oss-security] 20190603 Django: CVE-2019-12308 AdminURLFieldWidget XSS (plus patched bundled jQuery for CVE-2019-11358)</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/ba79cf1658741e9f146e4c59b50aee56656ea95d841d358d006c18b6@%3Ccommits.roller.apache.org%3E">[roller-commits] 20190820 [jira] [Created] (ROL-2150) Fix Js security vulnerabilities detected using retire js</a></li><li>N/A - <a target="_blank" href="https://www.oracle.com/security-alerts/cpuapr2020.html">N/A</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHBA-2019:1570">RHBA-2019:1570</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:1456">RHSA-2019:1456</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:2587">RHSA-2019:2587</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3023">RHSA-2019:3023</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2019:3024">RHSA-2019:3024</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00006.html">openSUSE-SU-2019:1839</a></li><li>SUSE - <a target="_blank" href="http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00025.html">openSUSE-SU-2019:1872</a></li><li>info - <a target="_blank" href="https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/">https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/</a></li><li>info - <a target="_blank" href="https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b">https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b</a></li><li>info - <a target="_blank" href="https://nvd.nist.gov/vuln/detail/CVE-2019-11358">https://nvd.nist.gov/vuln/detail/CVE-2019-11358</a></li></ul></p><p>Vulnerable Software &amp; Versions (NVD):<ul><li class="vs17">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15</li><li class="vs17">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15</li><li class="vs17">cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0</li><li class="vs17">cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66</li><li class="vs17">cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6</li><li class="vs17">cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9</li></ul></p><p><span class="underline"><b>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</b>&nbsp;(RETIREJS)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="testng-6.9.10.jar: jquery-1.7.1.min.js" data-sha1="9eb9ac595e9b5544e2dc79fff7cd2d0b4b5ef71f" data-pkgurl="pkg:javascript/jquery@1.7.1.min" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS">suppress</button></p><p><pre>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</pre>Unscored:<ul><li>Severity: medium</li></ul><br/>References:<ul><li>info - <a target="_blank" href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l83_f40c090d15e2e6eb179b4eb3919c365afe882ade"></a>testng-6.9.10.jar: testng-reports.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/testng/testng/6.9.10/testng-6.9.10.jar/testng-reports.js<br/><b>MD5:</b>&nbsp;4311beca6e78e253ebd35f4f8c46166d<br/><b>SHA1:</b>&nbsp;f40c090d15e2e6eb179b4eb3919c365afe882ade<br/><b>SHA256:</b>45616558165413f0bc3f315e6bd52f7f4238d384169b3355e2e0465a611642cb<br/><b>Referenced In Project/Scope:</b>Struts 2 TestNG Plugin:compile</p><h4 id="header183" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content183" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header184" class="subsectionheader white">Identifiers</h4><div id="content184" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l84_b0bcea778fb2899aeb4014c558babea8833d180a"></a>testng-7.1.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Testing framework for Java</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/testng/testng/7.1.0/testng-7.1.0.jar<br/><b>MD5:</b>&nbsp;582b5096723374df7bb515d7906a0bb8<br/><b>SHA1:</b>&nbsp;b0bcea778fb2899aeb4014c558babea8833d180a<br/><b>SHA256:</b>e968e6cc3e925fe09b7b841d379e230dd9c56d6850ce18cf9a8e78ac0ce8e1b7<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header185" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content185" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>org.testng</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>testng</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://testng.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>testng</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>testng</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.testng</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>org.testng</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://testng.org</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>testng</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>testng</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>testng</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>testng</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>7.1.0</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>7.1.0</td><td>Highest</td></tr></table></div><h4 id="header186" class="subsectionheader white">Identifiers</h4><div id="content186" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.testng/testng@7.1.0" target="_blank">pkg:maven/org.testng/testng@7.1.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l85_b15f7cfa79519756dff1ad22553fd0ed09024343"></a>testng-7.1.0.jar: jquery-3.4.1.min.js</h3><div class="subsectioncontent"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/testng/testng/7.1.0/testng-7.1.0.jar/org/testng/jquery-3.4.1.min.js<br/><b>MD5:</b>&nbsp;a6b6350ee94a3ea74595c065cbf58af0<br/><b>SHA1:</b>&nbsp;b15f7cfa79519756dff1ad22553fd0ed09024343<br/><b>SHA256:</b>412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header187" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content187" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>jquery</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.4.1.min</td><td>High</td></tr></table></div><h4 id="header188" class="subsectionheader white">Identifiers</h4><div id="content188" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:javascript/jquery@3.4.1.min" target="_blank">pkg:javascript/jquery@3.4.1.min</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)</li></ul></div><h4 id="header189" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content189" class="subsectioncontent standardsubsection"><p><span class="underline"><b>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</b>&nbsp;(RETIREJS)</span>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this vulnerability for this file" data-display-name="testng-7.1.0.jar: jquery-3.4.1.min.js" data-sha1="b15f7cfa79519756dff1ad22553fd0ed09024343" data-pkgurl="pkg:javascript/jquery@3.4.1.min" data-type-to-suppress="vulnerabilityName" data-id-to-suppress="Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS">suppress</button></p><p><pre>Regex in its jQuery.htmlPrefilter  sometimes may introduce XSS</pre>Unscored:<ul><li>Severity: medium</li></ul><br/>References:<ul><li>info - <a target="_blank" href="https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/">https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l86_bf41ae73b80f698412d8aea58d3007ba9d8f589f"></a>testng-7.1.0.jar: testng-reports.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/testng/testng/7.1.0/testng-7.1.0.jar/org/testng/testng-reports.js<br/><b>MD5:</b>&nbsp;b92856a353b408d97321a1dd850347c2<br/><b>SHA1:</b>&nbsp;bf41ae73b80f698412d8aea58d3007ba9d8f589f<br/><b>SHA256:</b>e572aeb5fb24f8e1a5e1e2f65f1ae9d251bf17d7cca9dc311e8422451d96be96<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Assembly:compile</li><li>Struts 2 Core:compile</li></ul></p><h4 id="header190" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content190" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header191" class="subsectionheader white">Identifiers</h4><div id="content191" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l87_0100bd3cae1a5debf9afb4ef5c8b36c508d06326"></a>tiles-autotag-core-runtime-1.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Autotag: runtime core classes.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-autotag-core-runtime/1.2/tiles-autotag-core-runtime-1.2.jar<br/><b>MD5:</b>&nbsp;425009289d5df24ff34eb0bab20a1c36<br/><b>SHA1:</b>&nbsp;0100bd3cae1a5debf9afb4ef5c8b36c508d06326<br/><b>SHA256:</b>640f4b48de6f76b3518c3ee6a27c2ce3fc118aa285629cadba64ed7f3ef918e9<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header192" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content192" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tiles-autotag-core-runtime</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles-autotag-core-runtime</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/tiles-autotag/tiles-autotag-core-runtime/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>tiles-autotag</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Autotag - Core runtime</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tiles-autotag-core-runtime</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>autotag</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles-autotag-core-runtime</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tiles-autotag-core-runtime</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Autotag - Core runtime</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Autotag - Core runtime</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/tiles-autotag/tiles-autotag-core-runtime/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Autotag - Core runtime</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Autotag - Core runtime</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tiles-autotag-core-runtime</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>autotag</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>tiles-autotag</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.2</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.2</td><td>High</td></tr></table></div><h4 id="header193" class="subsectionheader white">Identifiers</h4><div id="content193" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-autotag-core-runtime@1.2" target="_blank">pkg:maven/org.apache.tiles/tiles-autotag-core-runtime@1.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A1.2" target="_blank">cpe:2.3:a:apache:tiles:1.2:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tiles-autotag-core-runtime-1.2.jar" data-sha1="0100bd3cae1a5debf9afb4ef5c8b36c508d06326" data-pkgurl="pkg:maven/org.apache.tiles/tiles-autotag-core-runtime@1.2" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:tiles">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l88_01f71d0545540ad4bd7b4d883b2ff763cffde237"></a>tiles-core-3.0.8.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Tiles Core Library, including basic implementation of the APIs.
  </pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-core/3.0.8/tiles-core-3.0.8.jar<br/><b>MD5:</b>&nbsp;f7de662825d6a98371d5fb14a49b569d<br/><b>SHA1:</b>&nbsp;01f71d0545540ad4bd7b4d883b2ff763cffde237<br/><b>SHA256:</b>0d52520b84fc08511fd8dec23f9492ff1ccf2622509b2ee806122822d7c046e3<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header194" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content194" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tiles-core</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles.core</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Tiles - Core Library</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>tiles-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tiles-core</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/framework/tiles-core/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tiles-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles.core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Tiles - Core Library</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tiles-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Tiles - Core Library</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Tiles - Core Library</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Tiles - Core Library</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/framework/tiles-core/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>tiles-parent</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.8</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.8</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.0.8</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.8</td><td>High</td></tr></table></div><h4 id="header195" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content195" class="subsectioncontent standardsubsection hidden"><ul><li>tiles-template-3.0.8.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-template/3.0.8/tiles-template-3.0.8.jar</li><li>MD5:&nbsp;c2ed334b8c8172b5c95d78d6b4d6dace</li><li>SHA1:&nbsp;70b396cce5516f7069d15398f07bb32c9020a5df</li><li>SHA256:&nbsp;69a184c1ccde88993c32066818c254e6a82f5ff0962a5c2c1fa77132f375c5e3</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-template@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-template@3.0.8</a></li></ul></li><li>tiles-freemarker-3.0.8.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-freemarker/3.0.8/tiles-freemarker-3.0.8.jar</li><li>MD5:&nbsp;9cee307668afa5acca2eca35794ff92a</li><li>SHA1:&nbsp;2d00cb648984176c3072ac3b41369b02e5a50897</li><li>SHA256:&nbsp;cb1ef4304cb50166ff1263af58c846fa45cec7d7cba9b5d3a27cc97148371e10</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-freemarker@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-freemarker@3.0.8</a></li></ul></li><li>tiles-servlet-3.0.8.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-servlet/3.0.8/tiles-servlet-3.0.8.jar</li><li>MD5:&nbsp;f737205cbc88d85b138d82e38ef36df2</li><li>SHA1:&nbsp;56c7ed54e70912ef6628dca464a54a5ecac587b3</li><li>SHA256:&nbsp;ded5e5aa38a7f720f8bb980d08dda823a2cdc4d46831a4fc0e9abb781588273e</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-servlet@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-servlet@3.0.8</a></li></ul></li><li>tiles-jsp-3.0.8.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-jsp/3.0.8/tiles-jsp-3.0.8.jar</li><li>MD5:&nbsp;c6c3944b16b38eff41755e9efd563877</li><li>SHA1:&nbsp;7465a65e4b3821a9785995bcb5ce2f74098ab023</li><li>SHA256:&nbsp;a68e209f2812210547d8c6574cc8581798ac5b71a862349b3ee89e8ff4390872</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-jsp@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-jsp@3.0.8</a></li></ul></li><li>tiles-el-3.0.8.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-el/3.0.8/tiles-el-3.0.8.jar</li><li>MD5:&nbsp;38da9dbcc5f52c711bd2b9163eb9b496</li><li>SHA1:&nbsp;d006d8201c7d9cee6c679ef0b0911ce35ced9187</li><li>SHA256:&nbsp;7c1f9b09f513e62237453c2ca864ac0f71fe1cc2e7715f76d52c44aac2664c24</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-el@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-el@3.0.8</a></li></ul></li><li>tiles-api-3.0.8.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-api/3.0.8/tiles-api-3.0.8.jar</li><li>MD5:&nbsp;580cdc781fb0f8c59db042b70ecd4610</li><li>SHA1:&nbsp;a3c4f741b1cf5ce578b85155cf640a932f617167</li><li>SHA256:&nbsp;ab35e7f012b211711981c730dca11a1481e3a95e1e7f8b144bd376b9e4147130</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-api@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-api@3.0.8</a></li></ul></li></ul></div><h4 id="header196" class="subsectionheader white">Identifiers</h4><div id="content196" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-core@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-core@3.0.8</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A3.0.8" target="_blank">cpe:2.3:a:apache:tiles:3.0.8:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tiles-core-3.0.8.jar" data-sha1="01f71d0545540ad4bd7b4d883b2ff763cffde237" data-pkgurl="pkg:maven/org.apache.tiles/tiles-core@3.0.8" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:tiles">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection"><a name="l89_138753498a27322b35eedfa808428fb24a97c2c2"></a>tiles-ognl-3.0.8.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>Tiles OGNL support: Classes and tag libraries to use OGNL as an expression language in attribute expressions.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-ognl/3.0.8/tiles-ognl-3.0.8.jar<br/><b>MD5:</b>&nbsp;c8a5d9619f2c1f30fd48c081ed505209<br/><b>SHA1:</b>&nbsp;138753498a27322b35eedfa808428fb24a97c2c2<br/><b>SHA256:</b>0de367bdfd097a21ffc2ae5d3293ee3461b9ec9d6547ce1335a98216178f1530<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header197" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content197" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Tiles - OGNL support</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/framework/tiles-ognl/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tiles-ognl</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>tiles-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles.ognl</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tiles-ognl</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>ognl</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Tiles - OGNL support</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/framework/tiles-ognl/</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Tiles - OGNL support</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tiles-ognl</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Tiles - OGNL support</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles.ognl</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tiles-ognl</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>ognl</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Tiles - OGNL support</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>tiles-parent</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0.8</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0.8</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>3.0.8</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0.8</td><td>High</td></tr></table></div><h4 id="header198" class="subsectionheader white">Identifiers</h4><div id="content198" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-ognl@3.0.8" target="_blank">pkg:maven/org.apache.tiles/tiles-ognl@3.0.8</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A3.0.8" target="_blank">cpe:2.3:a:apache:tiles:3.0.8:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tiles-ognl-3.0.8.jar" data-sha1="138753498a27322b35eedfa808428fb24a97c2c2" data-pkgurl="pkg:maven/org.apache.tiles/tiles-ognl@3.0.8" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:tiles">suppress</button></li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aognl_project&amp;cpe_product=cpe%3A%2F%3Aognl_project%3Aognl&amp;cpe_version=cpe%3A%2F%3Aognl_project%3Aognl%3A3.0.8" target="_blank">cpe:2.3:a:ognl_project:ognl:3.0.8:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tiles-ognl-3.0.8.jar" data-sha1="138753498a27322b35eedfa808428fb24a97c2c2" data-pkgurl="pkg:maven/org.apache.tiles/tiles-ognl@3.0.8" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:ognl_project:ognl">suppress</button></li></ul></div><h4 id="header199" class="subsectionheader expandable collaspablesubsection white">Published Vulnerabilities</h4><div id="content199" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3093">CVE-2016-3093</a></b>&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for this CVE for this file" data-display-name="tiles-ognl-3.0.8.jar" data-sha1="138753498a27322b35eedfa808428fb24a97c2c2" data-pkgurl="pkg:maven/org.apache.tiles/tiles-ognl@3.0.8" data-type-to-suppress="cve" data-id-to-suppress="CVE-2016-3093">suppress</button></p><p><pre>Apache Struts 2.0.0 through 2.3.24.1 does not properly cache method references when used with OGNL before 3.0.12, which allows remote attackers to cause a denial of service (block access to a web site) via unspecified vectors.</pre>CWE-20 Improper Input Validation<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (5.0)</li><li>Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P</li></ul>CVSSv3:<ul><li>Base Score: MEDIUM (5.3)</li><li>Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L</li></ul><br/>References:<ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/90961">90961</a></li><li>CONFIRM - <a target="_blank" href="http://struts.apache.org/docs/s2-034.html">http://struts.apache.org/docs/s2-034.html</a></li><li>CONFIRM - <a target="_blank" href="http://www-01.ibm.com/support/docview.wss?uid=swg21987854">http://www-01.ibm.com/support/docview.wss?uid=swg21987854</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/940b4c3fef002461b89a050935337056d4a036a65ef68e0bbd4621ef@%3Cdev.struts.apache.org%3E">[struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204</a></li><li>SECTRACK - <a target="_blank" href="http://www.securitytracker.com/id/1036018">1036018</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs20">show all</a>)<ul><li class="vs20"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aognl_project%3Aognl">cpe:2.3:a:ognl_project:ognl:*:*:*:*:*:*:*:* versions up to (including) 3.0.11</a></li><li class="vs20">...</li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.0">cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.1">cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.2">cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.3">cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.4">cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.5">cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.6">cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.7">cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.8">cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.9">cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.10">cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11">cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11.1">cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11.2">cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.12">cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.13">cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.14">cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.0">cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.1">cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.2">cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.3">cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.4">cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.5">cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.6">cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.8">cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.8.1">cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.1">cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.1.1">cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.3">cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.3.1">cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.1">cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.1.1">cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.1.2">cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.4">cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.4.1">cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.7">cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.8">cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.12">cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.14">cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.14.1">cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.14.2">cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.14.3">cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.15">cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.15.1">cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.15.2">cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.15.3">cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.16">cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.16.1">cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.16.2">cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.16.3">cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.20">cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.20.1">cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.20.3">cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.24">cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.24.1">cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*</a></li><li class="vs20 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aognl_project%3Aognl">cpe:2.3:a:ognl_project:ognl:*:*:*:*:*:*:*:* versions up to (including) 3.0.11</a></li></ul></p></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l90_c649a9be6df263c888a2195447cd602d530cc233"></a>tiles-request-api-1.0.7.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>API for the Tiles Request framework.</pre></p><p><b>License:</b><pre class="indent"><a href="http://www.apache.org/licenses/LICENSE-2.0.txt">http://www.apache.org/licenses/LICENSE-2.0.txt</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-request-api/1.0.7/tiles-request-api-1.0.7.jar<br/><b>MD5:</b>&nbsp;87f3c5e8b68b23b7544c0b9c996973c0<br/><b>SHA1:</b>&nbsp;c649a9be6df263c888a2195447cd602d530cc233<br/><b>SHA256:</b>b8745a4ff960bcca4ef16b0167b058604d4a394b69d7f685ed49d76670e0f6c8<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Tiles Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li></ul></p><h4 id="header200" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content200" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles-request-api</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Tiles request - API</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tiles-request-api</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/tiles-request/tiles-request-api/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>request</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>tiles-request</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tiles-request-api</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tiles</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tiles-request-api</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.tiles-request-api</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Tiles request - API</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tiles-request-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Tiles request - API</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://tiles.apache.org/tiles-request/tiles-request-api/</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>request</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>tiles-request</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.tiles</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Tiles request - API</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.tiles</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Tiles request - API</td><td>Medium</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.0.7</td><td>Highest</td></tr></table></div><h4 id="header201" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content201" class="subsectioncontent standardsubsection hidden"><ul><li>tiles-request-portlet-1.0.7.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-request-portlet/1.0.7/tiles-request-portlet-1.0.7.jar</li><li>MD5:&nbsp;0d652db5e0e2f2a69695febfc0bfbdd7</li><li>SHA1:&nbsp;3a7ee73d9276206f9fc1ed9fe582a54b53f91147</li><li>SHA256:&nbsp;02815506eb52d5404dadbeeb0206a6eaee9f222d65d8c636b622cdd2c15cc4b9</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-request-portlet@1.0.7" target="_blank">pkg:maven/org.apache.tiles/tiles-request-portlet@1.0.7</a></li></ul></li><li>tiles-request-freemarker-1.0.7.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-request-freemarker/1.0.7/tiles-request-freemarker-1.0.7.jar</li><li>MD5:&nbsp;7bd8bfa9c367e828d4709aec473d3478</li><li>SHA1:&nbsp;cf75182100f643bf32e063c83dc1d8e0bfc258b7</li><li>SHA256:&nbsp;c1ccbd7f072d43badfab0c84de9e8a8f69487cf88ac86efa1b0fec73eb0db3a5</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-request-freemarker@1.0.7" target="_blank">pkg:maven/org.apache.tiles/tiles-request-freemarker@1.0.7</a></li></ul></li><li>tiles-request-servlet-1.0.7.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-request-servlet/1.0.7/tiles-request-servlet-1.0.7.jar</li><li>MD5:&nbsp;c1702cb80a9af915dd632e7aae34adcb</li><li>SHA1:&nbsp;e9b9e3cda2a489b3292ed3a15a558b2b57ad0940</li><li>SHA256:&nbsp;8d9990b0ba0c4d667150d46dffeff7376bedbcb3c5bce5dbb16971d407fb278a</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-request-servlet@1.0.7" target="_blank">pkg:maven/org.apache.tiles/tiles-request-servlet@1.0.7</a></li></ul></li><li>tiles-request-jsp-1.0.7.jar<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tiles/tiles-request-jsp/1.0.7/tiles-request-jsp-1.0.7.jar</li><li>MD5:&nbsp;7c46914799a5ca5876512c86829c7689</li><li>SHA1:&nbsp;06a9bde44749334e9ef85d0bdf854ff20641c113</li><li>SHA256:&nbsp;73de5bb95f20e51f3ad365cd1c13a78d5c3ecee1ebda74f24fc1872c72749043</li>                                                <li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-request-jsp@1.0.7" target="_blank">pkg:maven/org.apache.tiles/tiles-request-jsp@1.0.7</a></li></ul></li></ul></div><h4 id="header202" class="subsectionheader white">Identifiers</h4><div id="content202" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tiles/tiles-request-api@1.0.7" target="_blank">pkg:maven/org.apache.tiles/tiles-request-api@1.0.7</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Atiles&amp;cpe_version=cpe%3A%2F%3Aapache%3Atiles%3A1.0.7" target="_blank">cpe:2.3:a:apache:tiles:1.0.7:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tiles-request-api-1.0.7.jar" data-sha1="c649a9be6df263c888a2195447cd602d530cc233" data-pkgurl="pkg:maven/org.apache.tiles/tiles-request-api@1.0.7" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache:tiles">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l91_057d37b5d7ed1270910ae59575b7c724bdf2d9f1"></a>tomcat-juli-8.5.53.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Tomcat Core Logging Package</pre></p><p><b>License:</b><pre class="indent">Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/tomcat/tomcat-juli/8.5.53/tomcat-juli-8.5.53.jar<br/><b>MD5:</b>&nbsp;d8c9c3c93d8af3f95d71050151991077<br/><b>SHA1:</b>&nbsp;057d37b5d7ed1270910ae59575b7c724bdf2d9f1<br/><b>SHA256:</b>7ffb67ed82900d591d9a476e761c2d6048325d7b03c626e2b8846ab714442740<br/><b>Referenced In Projects/Scopes:</b><ul><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header203" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content203" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>juli</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>tomcat-juli</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.tomcat</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>tomcat-juli</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.tomcat</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>https://tomcat.apache.org/</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Tomcat</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>juli</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.tomcat</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>tomcat-juli</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>https://tomcat.apache.org/</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Tomcat</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>tomcat-juli</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>logging</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>8.5.53</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>8.5.53</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>8.5.53</td><td>High</td></tr></table></div><h4 id="header204" class="subsectionheader white">Identifiers</h4><div id="content204" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.tomcat/tomcat-juli@8.5.53" target="_blank">pkg:maven/org.apache.tomcat/tomcat-juli@8.5.53</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache_software_foundation&amp;cpe_product=cpe%3A%2F%3Aapache_software_foundation%3Atomcat&amp;cpe_version=cpe%3A%2F%3Aapache_software_foundation%3Atomcat%3A8.5.53" target="_blank">cpe:2.3:a:apache_software_foundation:tomcat:8.5.53:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="tomcat-juli-8.5.53.jar" data-sha1="057d37b5d7ed1270910ae59575b7c724bdf2d9f1" data-pkgurl="pkg:maven/org.apache.tomcat/tomcat-juli@8.5.53" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:apache_software_foundation:tomcat">suppress</button></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l92_61201962d41fec8139c940c5a1468796d49a6139"></a>utils.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/org/apache/struts2/static/utils.js<br/><b>MD5:</b>&nbsp;a1287feb0882f494dc6ebfbdcb2c8d6a<br/><b>SHA1:</b>&nbsp;61201962d41fec8139c940c5a1468796d49a6139<br/><b>SHA256:</b>309abee1bddd03fe16c196e2cc00b58318ff707764824d9b71a38f667736720d<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header205" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content205" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header206" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content206" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: utils.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/org/apache/struts2/static/utils.js</li><li>MD5:&nbsp;a1287feb0882f494dc6ebfbdcb2c8d6a</li><li>SHA1:&nbsp;61201962d41fec8139c940c5a1468796d49a6139</li><li>SHA256:&nbsp;309abee1bddd03fe16c196e2cc00b58318ff707764824d9b71a38f667736720d</li></ul></li></ul></div><h4 id="header207" class="subsectionheader white">Identifiers</h4><div id="content207" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l93_cb855558e6271b1b32e716d24cb85c7f583ce09e"></a>validation-api-2.0.1.Final.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        Bean Validation API
    </pre></p><p><b>License:</b><pre class="indent">Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/javax/validation/validation-api/2.0.1.Final/validation-api-2.0.1.Final.jar<br/><b>MD5:</b>&nbsp;5d02c034034a7a16725ceff787e191d6<br/><b>SHA1:</b>&nbsp;cb855558e6271b1b32e716d24cb85c7f583ce09e<br/><b>SHA256:</b>9873b46df1833c9ee8f5bc1ff6853375115dadd8897bcb5a0dffb5848835ee6c<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Bean Validation Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li></ul></p><h4 id="header208" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content208" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>validation-api</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>javax.validation.api</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Bean Validation API</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://beanvalidation.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>automatic-module-name</td><td>java.validation</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>javax.validation</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>validation-api</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>javax.validation.api</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>validation</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Bean Validation API</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>javax</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>validation-api</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>automatic-module-name</td><td>java.validation</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://beanvalidation.org</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Bean Validation API</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>validation-api</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>javax.validation</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>2.0.1.Final</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0.1.Final</td><td>Highest</td></tr></table></div><h4 id="header209" class="subsectionheader white">Identifiers</h4><div id="content209" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/javax.validation/validation-api@2.0.1.Final" target="_blank">pkg:maven/javax.validation/validation-api@2.0.1.Final</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l94_affda7d0fecb0d16b9ebfc119833ec50ee920b4b"></a>validation.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/template/xhtml/validation.js<br/><b>MD5:</b>&nbsp;dea68bdb50b41aee5fc61170e3faf14e<br/><b>SHA1:</b>&nbsp;affda7d0fecb0d16b9ebfc119833ec50ee920b4b<br/><b>SHA256:</b>fdbcbc87e6495252ff1d697712e1604733d1cf6299b2f7075fdc27c2fa23687e<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header210" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content210" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header211" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content211" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: validation.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/template/xhtml/validation.js</li><li>MD5:&nbsp;dea68bdb50b41aee5fc61170e3faf14e</li><li>SHA1:&nbsp;affda7d0fecb0d16b9ebfc119833ec50ee920b4b</li><li>SHA256:&nbsp;fdbcbc87e6495252ff1d697712e1604733d1cf6299b2f7075fdc27c2fa23687e</li></ul></li></ul></div><h4 id="header212" class="subsectionheader white">Identifiers</h4><div id="content212" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l95_c4c980b34207fbca373f2032c770371606220da2"></a>validation.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/template/css_xhtml/validation.js<br/><b>MD5:</b>&nbsp;c66d23a2391879f74077a1af7888ede7<br/><b>SHA1:</b>&nbsp;c4c980b34207fbca373f2032c770371606220da2<br/><b>SHA256:</b>ec4dc0658f00c3a64e9a890565a3dfb71678babb484d2960c22f123c10f2c03c<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header213" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content213" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header214" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content214" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: validation.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/template/css_xhtml/validation.js</li><li>MD5:&nbsp;c66d23a2391879f74077a1af7888ede7</li><li>SHA1:&nbsp;c4c980b34207fbca373f2032c770371606220da2</li><li>SHA256:&nbsp;ec4dc0658f00c3a64e9a890565a3dfb71678babb484d2960c22f123c10f2c03c</li></ul></li></ul></div><h4 id="header215" class="subsectionheader white">Identifiers</h4><div id="content215" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l96_68d899cb70cd27d495562fa808feb2da4926d38f"></a>velocity-engine-core-2.2.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Apache Velocity is a general purpose template engine.</pre></p><p><b>License:</b><pre class="indent">https://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/velocity/velocity-engine-core/2.2/velocity-engine-core-2.2.jar<br/><b>MD5:</b>&nbsp;64b4a875e0d57e57fbcae109cec75ebc<br/><b>SHA1:</b>&nbsp;68d899cb70cd27d495562fa808feb2da4926d38f<br/><b>SHA256:</b>5167f8cf2dbc003b632a49b672161d8d96c8c6f03056d29bfd540a8a789d715e<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header216" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content216" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.velocity</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>http://velocity.apache.org/engine/devel/velocity-engine-core/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Velocity - Engine</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>velocity-engine-core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>velocity-engine-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.velocity.engine-core</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.velocity</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.velocity</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>velocity-engine-core</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>template</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Apache Velocity - Engine</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.velocity</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>http://velocity.apache.org/engine/devel/velocity-engine-core/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Velocity - Engine</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Velocity - Engine</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Velocity - Engine</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>velocity-engine-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>velocity-engine-core</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>org.apache.velocity.engine-core</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>velocity-engine-parent</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>filter</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://www.apache.org/</td><td>Low</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>2.2</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.2</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>2.2</td><td>High</td></tr></table></div><h4 id="header217" class="subsectionheader white">Identifiers</h4><div id="content217" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity/velocity-engine-core@2.2" target="_blank">pkg:maven/org.apache.velocity/velocity-engine-core@2.2</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l97_e789f6ec06f9a69ccb8956f407fb685b2938e74b"></a>velocity-tools-generic-3.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Generic tools that can be used in any context.</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/velocity/tools/velocity-tools-generic/3.0/velocity-tools-generic-3.0.jar<br/><b>MD5:</b>&nbsp;a8586c8959eccfa3714e198eb21678d3<br/><b>SHA1:</b>&nbsp;e789f6ec06f9a69ccb8956f407fb685b2938e74b<br/><b>SHA256:</b>42cb45fe33aead38218845cb350125c7dc9804c74a19cc388123276da0c07e5d<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header218" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content218" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>velocity-tools-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>velocity-tools-generic</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://velocity.apache.org/tools/devel/velocity-tools-generic/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.velocity.tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>velocity-tools-generic</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.velocity.tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Velocity Tools - Generic tools</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>generic</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Velocity Tools - Generic tools</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Velocity Tools - Generic tools</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://velocity.apache.org/tools/devel/velocity-tools-generic/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>velocity-tools-generic</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tools</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>velocity-tools-generic</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>velocity-tools-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.velocity.tools</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Velocity Tools - Generic tools</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>generic</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0</td><td>High</td></tr></table></div><h4 id="header219" class="subsectionheader white">Identifiers</h4><div id="content219" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.0" target="_blank">pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l98_2f72ca8eb2bcb8af2c5fab826d64add20ab70a2e"></a>velocity-tools-view-3.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Tools to be used in a servlet context.</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/velocity/tools/velocity-tools-view/3.0/velocity-tools-view-3.0.jar<br/><b>MD5:</b>&nbsp;997d1732d30fc50fc8879653d36a6e99<br/><b>SHA1:</b>&nbsp;2f72ca8eb2bcb8af2c5fab826d64add20ab70a2e<br/><b>SHA256:</b>cc6e5effedb95345b842b16aa7eb6c2da8fa1b29d8df8dae17f56f143515fd07<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header220" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content220" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>velocity-tools-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>view</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>velocity-tools-view</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.velocity.tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Velocity Tools - View tools</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.velocity.tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>velocity-tools-view</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://velocity.apache.org/tools/devel/velocity-tools-view/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>view</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Velocity Tools - View tools</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tools</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>velocity-tools-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.velocity.tools</td><td>Highest</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>velocity-tools-view</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Velocity Tools - View tools</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://velocity.apache.org/tools/devel/velocity-tools-view/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>velocity-tools-view</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Velocity Tools - View tools</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0</td><td>High</td></tr></table></div><h4 id="header221" class="subsectionheader white">Identifiers</h4><div id="content221" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity.tools/velocity-tools-view@3.0" target="_blank">pkg:maven/org.apache.velocity.tools/velocity-tools-view@3.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l99_27f6a21c7973ffb75001b3e9ac4731facf5757b4"></a>velocity-tools-view-jsp-3.0.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Enables the use of Velocity under a JSP environment.</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/velocity/tools/velocity-tools-view-jsp/3.0/velocity-tools-view-jsp-3.0.jar<br/><b>MD5:</b>&nbsp;87e4c90f6060422f92929fcf2aff8072<br/><b>SHA1:</b>&nbsp;27f6a21c7973ffb75001b3e9ac4731facf5757b4<br/><b>SHA256:</b>fa4168347c48e3c47b6924c1a8eaaf1661fd3d49fc68d39978fa0fa0f739f43d<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 JUnit Plugin:compile</li><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 OSGi Demo Bundle:compile</li><li>Struts 2 Velocity Plugin:compile</li><li>Struts 2 OSGi Admin Bundle:compile</li><li>Struts 2 Configuration Browser Plugin:compile</li><li>DEPRECATED: Struts 2 Embedded JSP Plugin:compile</li><li>Struts 2 Sitemesh Plugin:compile</li><li>Struts 2 Portlet Plugin:compile</li><li>Struts 2 Showcase Webapp:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 Portlet Tiles Plugin:compile</li><li>Struts 2 OSGi Plugin:compile</li></ul></p><h4 id="header222" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content222" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>velocity-tools-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>velocity-tools-view-jsp</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>view</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Apache Velocity Tools - JSP support</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.velocity.tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-url</td><td>https://velocity.apache.org/tools/devel/velocity-tools-view-jsp/</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.velocity.tools</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>velocity-tools-view-jsp</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>velocity-tools-view-jsp</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Apache Velocity Tools - JSP support</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>velocity-tools-view-jsp</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>view</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.velocity.tools</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>velocity</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Apache Velocity Tools - JSP support</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>tools</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>velocity-tools-parent</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-url</td><td>https://velocity.apache.org/tools/devel/velocity-tools-view-jsp/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.velocity.tools</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Apache Velocity Tools - JSP support</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>3.0</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>3.0</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>3.0</td><td>High</td></tr></table></div><h4 id="header223" class="subsectionheader white">Identifiers</h4><div id="content223" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/org.apache.velocity.tools/velocity-tools-view-jsp@3.0" target="_blank">pkg:maven/org.apache.velocity.tools/velocity-tools-view-jsp@3.0</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l100_5618fb1f032d4972287158e5754570992448695d"></a>webconsole.js</h3><div class="subsectioncontent notvulnerable"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/Projects/Apache/struts/core/src/main/resources/org/apache/struts2/interceptor/debugging/webconsole.js<br/><b>MD5:</b>&nbsp;a7202aefd2637c63ee607db0a608c6de<br/><b>SHA1:</b>&nbsp;5618fb1f032d4972287158e5754570992448695d<br/><b>SHA256:</b>9ab03200e9abb3ddb95ee83321b518d660ba0734683c3a6844c633a5c5dbabfd<br/><b>Referenced In Project/Scope:</b>Struts 2 Core</p><h4 id="header224" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content224" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr></table></div><h4 id="header225" class="subsectionheader expandable expandablesubsection white">Related Dependencies</h4><div id="content225" class="subsectioncontent standardsubsection hidden"><ul><li>struts2-core-2.6-SNAPSHOT.jar: webconsole.js<ul><li>File Path:&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts2-core/2.6-SNAPSHOT/struts2-core-2.6-SNAPSHOT.jar/org/apache/struts2/interceptor/debugging/webconsole.js</li><li>MD5:&nbsp;a7202aefd2637c63ee607db0a608c6de</li><li>SHA1:&nbsp;5618fb1f032d4972287158e5754570992448695d</li><li>SHA256:&nbsp;9ab03200e9abb3ddb95ee83321b518d660ba0734683c3a6844c633a5c5dbabfd</li></ul></li></ul></div><h4 id="header226" class="subsectionheader white">Identifiers</h4><div id="content226" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l101_989bb31963ed1758b95c7c4381a91592a9a8df61"></a>woodstox-core-6.1.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>
        Woodstox is a high-performance XML processor that
        implements Stax (JSR-173), SAX2 and Stax2 APIs
    </pre></p><p><b>License:</b><pre class="indent">The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.1.1/woodstox-core-6.1.1.jar<br/><b>MD5:</b>&nbsp;992e39013de489a1373f14b7e153f9da<br/><b>SHA1:</b>&nbsp;989bb31963ed1758b95c7c4381a91592a9a8df61<br/><b>SHA256:</b>f250662a245570fdd49c6916c1c3cd3d6511a8e5cd0d7460e989844b1d66ed67<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li></ul></p><h4 id="header227" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content227" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>FasterXML/woodstox</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.fasterxml.woodstox</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/woodstox</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>woodstox-core</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>FasterXML</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.fasterxml.woodstox</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Woodstox</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>fasterxml.woodstox</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>implementation-build-date</td><td>2020-02-28 02:50:45+0000</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://fasterxml.com</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>stax</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>FasterXML</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>FasterXML</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.woodstox.woodstox-core</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>woodstox-core</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>https://github.com/FasterXML/woodstox</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Woodstox</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.6))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Woodstox</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>woodstox-core</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>FasterXML/woodstox</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>woodstox-core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>Woodstox</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>osgi</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>oss-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://fasterxml.com</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.fasterxml</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Woodstox</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>fasterxml.woodstox</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>FasterXML</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>implementation-build-date</td><td>2020-02-28 02:50:45+0000</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>stax</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>com.fasterxml.woodstox.woodstox-core</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>6.1.1</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>6.1.1</td><td>Low</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>6.1.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>6.1.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>6.1.1</td><td>High</td></tr></table></div><h4 id="header228" class="subsectionheader white">Identifiers</h4><div id="content228" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.fasterxml.woodstox/woodstox-core@6.1.1" target="_blank">pkg:maven/com.fasterxml.woodstox/woodstox-core@6.1.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l102_314ec72948d5c1fc71d553cbbd7a130caa6f9f13"></a>woodstox-core-6.1.1.jar (shaded: com.sun.xml.bind.jaxb:isorelax:20090621)</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>Unknown version of isorelax library used in JAXB project</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.1.1/woodstox-core-6.1.1.jar/META-INF/maven/com.sun.xml.bind.jaxb/isorelax/pom.xml<br/><b>MD5:</b>&nbsp;6fbb4bc95fbf2072bc6e3b790553fe81<br/><b>SHA1:</b>&nbsp;314ec72948d5c1fc71d553cbbd7a130caa6f9f13<br/><b>SHA256:</b>cda6451d0231a973352b592ff950e39224ba6ba1a2f35eeab66511b5c225dff1<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li></ul></p><h4 id="header229" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content229" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>JAXB isorelax library</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>net.java</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>isorelax</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>sun.xml.bind.jaxb</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>JAXB isorelax library</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>isorelax</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>jvnet-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>net.java</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>sun.xml.bind.jaxb</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>20090621</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>20090621</td><td>Low</td></tr></table></div><h4 id="header230" class="subsectionheader white">Identifiers</h4><div id="content230" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621" target="_blank">pkg:maven/com.sun.xml.bind.jaxb/isorelax@20090621</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l103_47f218a999411ed028f089d59ebef8f14e0fe914"></a>woodstox-core-6.1.1.jar (shaded: net.java.dev.msv:xsdlib:2013.6.1)</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>XML Schema datatypes library</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/fasterxml/woodstox/woodstox-core/6.1.1/woodstox-core-6.1.1.jar/META-INF/maven/net.java.dev.msv/xsdlib/pom.xml<br/><b>MD5:</b>&nbsp;aaf872ed9d1aabee25e03c2a132ffd8e<br/><b>SHA1:</b>&nbsp;47f218a999411ed028f089d59ebef8f14e0fe914<br/><b>SHA256:</b>d6e83c124436049d83238fc532a26c5d8ccd7e4ab10eba6d96043c850ac82f3c<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li></ul></p><h4 id="header231" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content231" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>net.java.dev.msv</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>msv</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>xsdlib</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>MSV XML Schema Library</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>xsdlib</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>msv</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>net.java.dev.msv</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>MSV XML Schema Library</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2013.6.1</td><td>Highest</td></tr></table></div><h4 id="header232" class="subsectionheader white">Identifiers</h4><div id="content232" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/net.java.dev.msv/xsdlib@2013.6.1" target="_blank">pkg:maven/net.java.dev.msv/xsdlib@2013.6.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l104_2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa"></a>xmlpull-1.1.3.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>License:</b><pre class="indent">Public Domain: http://www.xmlpull.org/v1/download/unpacked/LICENSE.txt</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/xmlpull/xmlpull/1.1.3.1/xmlpull-1.1.3.1.jar<br/><b>MD5:</b>&nbsp;cc57dacc720eca721a50e78934b822d2<br/><b>SHA1:</b>&nbsp;2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa<br/><b>SHA256:</b>34e08ee62116071cbb69c0ed70d15a7a5b208d62798c59f2120bb8929324cb63<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OVal Plugin:compile</li></ul></p><h4 id="header233" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content233" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>XML Pull Parsing API</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.xmlpull.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xmlpull</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>v1</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>xmlpull</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>xmlpull</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>XML Pull Parsing API</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.xmlpull.org</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>v1</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>xmlpull</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.1.3.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.1.3.1</td><td>Highest</td></tr></table></div><h4 id="header234" class="subsectionheader white">Identifiers</h4><div id="content234" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/xmlpull/xmlpull@1.1.3.1" target="_blank">pkg:maven/xmlpull/xmlpull@1.1.3.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l105_19d4e90b43059058f6e056f794f0ea4030d60b86"></a>xpp3_min-1.1.4c.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>MXP1 is a stable XmlPull parsing engine that is based on ideas from XPP and in particular XPP2 but completely revised and rewritten to take the best advantage of latest JIT JVMs such as Hotspot in JDK 1.4+.</pre></p><p><b>License:</b><pre class="indent">Indiana University Extreme! Lab Software License, vesion 1.1.1: http://www.extreme.indiana.edu/viewcvs/~checkout~/XPP3/java/LICENSE.txt
Public Domain: http://creativecommons.org/licenses/publicdomain</pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar<br/><b>MD5:</b>&nbsp;dcd95bcb84b09897b2b66d4684c040da<br/><b>SHA1:</b>&nbsp;19d4e90b43059058f6e056f794f0ea4030d60b86<br/><b>SHA256:</b>bfc90e9e32d0eab1f397fb974b5f150a815188382ac41f372a7149d5bc178008<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OVal Plugin:compile</li></ul></p><h4 id="header235" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content235" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>organization url</td><td>http://www.extreme.indiana.edu/</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://www.extreme.indiana.edu/xgws/xsoap/xpp/mxp1/</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>xpp3_min</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xmlpull</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>mxp1</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>MXP1: Xml Pull Parser 3rd Edition (XPP3)</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>xpp3_min</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>organization name</td><td>Extreme! Lab, Indiana University</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>xpp3</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>v1</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>xpp3_min</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization name</td><td>Extreme! Lab, Indiana University</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>mxp1</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>organization url</td><td>http://www.extreme.indiana.edu/</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://www.extreme.indiana.edu/xgws/xsoap/xpp/mxp1/</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>MXP1: Xml Pull Parser 3rd Edition (XPP3)</td><td>High</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>xpp3_min</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>xpp3</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>v1</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xmlpull</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.1.4c</td><td>Highest</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.1.4c</td><td>High</td></tr></table></div><h4 id="header236" class="subsectionheader white">Identifiers</h4><div id="content236" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/xpp3/xpp3_min@1.1.4c" target="_blank">pkg:maven/xpp3/xpp3_min@1.1.4c</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li></ul></div></div><h3 class="subsectionheader standardsubsection notvulnerable"><a name="l106_6c120c45a8c480bb2fea5b56502e3993ddd74fd2"></a>xstream-1.4.11.1.jar</h3><div class="subsectioncontent notvulnerable"><p><b>Description:</b><pre>XStream is a serialization library from Java objects to XML and back.</pre></p><p><b>License:</b><pre class="indent"><a href="http://x-stream.github.io/license.html">http://x-stream.github.io/license.html</a></pre><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/com/thoughtworks/xstream/xstream/1.4.11.1/xstream-1.4.11.1.jar<br/><b>MD5:</b>&nbsp;0eb564c0c83b6d4fea7ff1a9cc5bc6bc<br/><b>SHA1:</b>&nbsp;6c120c45a8c480bb2fea5b56502e3993ddd74fd2<br/><b>SHA256:</b>5e59757590948b5a08ec946f6eb69fb25927c465125370b1a7861261dafc6b36<br/><b>Referenced In Projects/Scopes:</b><ul><li>Struts 2 Rest Showcase Webapp:compile</li><li>Struts 2 REST Plugin:compile</li><li>Struts 2 Assembly:compile</li><li>Struts 2 OVal Plugin:compile</li></ul></p><h4 id="header237" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content237" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>java_1_6_home</td><td>/opt/sun-jdk-1.6.0.45</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>x-compile-source</td><td>1.4</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>x-compile-target</td><td>1.4</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor-Id</td><td>com.thoughtworks.xstream</td><td>Medium</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>xstream</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>thoughtworks.xstream</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>XStream Core</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>com.thoughtworks.xstream</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>java_1_5_home</td><td>/opt/sun-jdk-1.5.0.22</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>x-build-time</td><td>2018-10-26T19:06:47Z</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-symbolicname</td><td>xstream</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>java_1_8_home</td><td>/opt/oracle-jdk-bin-1.8.0.192</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>xstream</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>x-build-os</td><td>Linux</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>java_1_4_home</td><td>/opt/blackdown-jdk-1.4.2.03</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>java_1_7_home</td><td>/opt/oracle-jdk-bin-1.7.0.80</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>x-builder</td><td>Maven 3.5.4</td><td>Low</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>xstream</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>thoughtworks</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>xstream-parent</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>XStream</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>java_9_home</td><td>/opt/oracle-jdk-bin-9.0.4</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>com.thoughtworks.xstream</td><td>Medium</td></tr><tr><td>Vendor</td><td>Manifest</td><td>bundle-docurl</td><td>http://x-stream.github.io</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>XStream</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>xstream</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>java_1_6_home</td><td>/opt/sun-jdk-1.6.0.45</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>x-compile-source</td><td>1.4</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>x-compile-target</td><td>1.4</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xstream</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>require-capability</td><td>osgi.ee;filter:=&quot;(&amp;(osgi.ee=JavaSE)(version=1.8))&quot;</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>thoughtworks.xstream</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>XStream Core</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>Bundle-Name</td><td>XStream Core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>java_1_5_home</td><td>/opt/sun-jdk-1.5.0.22</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>x-build-time</td><td>2018-10-26T19:06:47Z</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-symbolicname</td><td>xstream</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>java_1_8_home</td><td>/opt/oracle-jdk-bin-1.8.0.192</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>XStream Core</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>x-build-os</td><td>Linux</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>core</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>java_1_4_home</td><td>/opt/blackdown-jdk-1.4.2.03</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>java_1_7_home</td><td>/opt/oracle-jdk-bin-1.7.0.80</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>x-builder</td><td>Maven 3.5.4</td><td>Low</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>xstream</td><td>High</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>thoughtworks</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>xml</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>io</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>java_9_home</td><td>/opt/oracle-jdk-bin-9.0.4</td><td>Low</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>xstream-parent</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>com.thoughtworks.xstream</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>bundle-docurl</td><td>http://x-stream.github.io</td><td>Low</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>XStream Core</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.4.11.1</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.4.11.1</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.4.11.1</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Bundle-Version</td><td>1.4.11.1</td><td>High</td></tr></table></div><h4 id="header238" class="subsectionheader white">Identifiers</h4><div id="content238" class="subsectioncontent standardsubsection"><ul><li><a href="https://ossindex.sonatype.org/component/pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1" target="_blank">pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1</a>&nbsp;&nbsp;(<i>Confidence</i>:High)</li><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Axstream_project&amp;cpe_product=cpe%3A%2F%3Axstream_project%3Axstream&amp;cpe_version=cpe%3A%2F%3Axstream_project%3Axstream%3A1.4.11.1" target="_blank">cpe:2.3:a:xstream_project:xstream:1.4.11.1:*:*:*:*:*:*:*</a>&nbsp;&nbsp;(<i>Confidence</i>:Highest)&nbsp;&nbsp;<button class="copybutton" title="Generate Suppression XML for the identified vulnerability identifier" data-display-name="xstream-1.4.11.1.jar" data-sha1="6c120c45a8c480bb2fea5b56502e3993ddd74fd2" data-pkgurl="pkg:maven/com.thoughtworks.xstream/xstream@1.4.11.1" data-type-to-suppress="cpe" data-id-to-suppress="cpe:/a:xstream_project:xstream">suppress</button></li></ul></div></div><h2 id="header239" class="expandable">Suppressed Vulnerabilities</h2><div id="content239" class="hidden"><h3 class="subsectionheader standardsubsection">bsh-2.0b4.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>BeanShell</pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/beanshell/bsh/2.0b4/bsh-2.0b4.jar<br/><b>MD5:</b>&nbsp;a1c60aa83c9c9a6cb2391c1c1b85eb00<br/><b>SHA1:</b>&nbsp;a05f0a0feefa8d8467ac80e16e7de071489f0d9c<br/><b>SHA256:</b>&nbsp;91395c07885839a8c6986d5b7c577cd9bacf01bf129c89141f35e8ea858427b6</p><h4 id="header240" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content240" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>http://www.beanshell.org/</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Pat Niemeyer (pat@pat.net)</td><td>High</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>bsh</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>beanshell</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.beanshell</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>beanshell</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>BeanShell</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>bsh</td><td>Low</td></tr><tr><td>Vendor</td><td>hint analyzer</td><td>vendor</td><td>beanshell_project</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.beanshell</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>bsh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>BeanShell</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>BeanShell</td><td>Medium</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>org</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>beanshell</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>bsh</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>bsh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>beanshell</td><td>Highest</td></tr><tr><td>Product</td><td>hint analyzer</td><td>product</td><td>beanshell</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>bsh</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.beanshell</td><td>Medium</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>2.0b4</td><td>Highest</td></tr></table></div><h4 id="header241" class="subsectionheader white">Suppressed Identifiers</h4><div id="content241" class="subsectioncontent standardsubsection"><ul><li><b>None</b></li></ul></div><h4 id="header242" class="subsectionheader expandable collaspablesubsection white">Suppressed Vulnerabilities</h4><div id="content242" class="subsectioncontent standardsubsection"><p><b>CVE-2016-2510</b> (OSSINDEX)&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler.</pre>Notes: file name: bsh-2.0b4.jar<br/><br/>CVSSv3:<ul><li>HIGH (8.1)</li><li>/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H</li></ul><br/>References: <ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vuln/5313797e-76b5-4eaa-8d05-c57a15f898ad">[CVE-2016-2510]  Data Handling</a></li></ul></p><p>Vulnerable Software &amp; Versions (OSSINDEX):<ul><li class="vs21">cpe:2.3:a:org.beanshell:bsh:2.0b4:*:*:*:*:*:*:*</li></ul></p></div></div><h3 class="subsectionheader standardsubsection">plexus-utils-1.2.jar</h3><div class="subsectioncontent"><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/codehaus/plexus/plexus-utils/1.2/plexus-utils-1.2.jar<br/><b>MD5:</b>&nbsp;4e05dbd6dbfdf2e976921e80079f9d38<br/><b>SHA1:</b>&nbsp;9756b92f7f380e4372d1e34f7d194bc0a5767849<br/><b>SHA256:</b>&nbsp;990608ac834a8762e9272c65404aeeee68325199b7eb10f63b22a06535fcb90c</p><h4 id="header243" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content243" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>plexus-utils</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>Codehaus</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Plexus Common Utilities</td><td>High</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>plexus</td><td>Low</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.codehaus.plexus</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>extension-name</td><td>plexus-utils</td><td>Medium</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td><td>Medium</td></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>plexus-utils</td><td>High</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>Codehaus</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>codehaus.plexus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>plexus</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>codehaus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>plexus-utils</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>plexus-utils</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>extension-name</td><td>plexus-utils</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.codehaus.plexus</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>plexus-utils</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>plexus</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>codehaus.plexus</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Plexus Common Utilities</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.2</td><td>Low</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.2</td><td>Highest</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.2</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.2</td><td>High</td></tr></table></div><h4 id="header244" class="subsectionheader white">Suppressed Identifiers</h4><div id="content244" class="subsectioncontent standardsubsection"><ul><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aplexus-utils_project&amp;cpe_product=cpe%3A%2F%3Aplexus-utils_project%3Aplexus-utils&amp;cpe_version=cpe%3A%2F%3Aplexus-utils_project%3Aplexus-utils%3A1.2" target="_blank">cpe:2.3:a:plexus-utils_project:plexus-utils:1.2:*:*:*:*:*:*:*</a>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span>&nbsp;&nbsp;(<i>Confidence</i>:Highest)<ul><li>Notes: file name: plexus-utils-1.2.jar</li></ul></li></ul></div><h4 id="header245" class="subsectionheader expandable collaspablesubsection white">Suppressed Vulnerabilities</h4><div id="content245" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000487">CVE-2017-1000487</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.</pre>CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')<br/><br/>CVSSv2:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P</li></ul>CVSSv3:<ul><li>CRITICAL (9.8)</li><li>/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</li></ul><br/>References: <ul><li>CONFIRM - <a target="_blank" href="https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41">https://github.com/codehaus-plexus/plexus-utils/commit/b38a1b3a4352303e4312b2bb601a0d7ec6e28f41</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2018/dsa-4146">DSA-4146</a></li><li>DEBIAN - <a target="_blank" href="https://www.debian.org/security/2018/dsa-4149">DSA-4149</a></li><li>MISC - <a target="_blank" href="https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522">https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSPLEXUS-31522</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2018/01/msg00010.html">[debian-lts-announce] 20180109 [SECURITY] [DLA 1236-1] plexus-utils security update</a></li><li>MLIST - <a target="_blank" href="https://lists.debian.org/debian-lts-announce/2018/01/msg00011.html">[debian-lts-announce] 20180109 [SECURITY] [DLA 1237-1] plexus-utils2 security update</a></li><li>MLIST - <a target="_blank" href="https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E">[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities</a></li><li>REDHAT - <a target="_blank" href="https://access.redhat.com/errata/RHSA-2018:1322">RHSA-2018:1322</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs22"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aplexus-utils_project%3Aplexus-utils">cpe:2.3:a:plexus-utils_project:plexus-utils:*:*:*:*:*:*:*:* versions up to (excluding) 3.0.16</a></li></ul></p><p><b>Directory traversal in org.codehaus.plexus.util.Expand</b> (OSSINDEX)&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>&gt; org.codehaus.plexus.util.Expand does not guard against directory traversal, but such protection is generally expected from unarchiving tools.
&gt; 
&gt; -- [github.com](https://github.com/codehaus-plexus/plexus-utils/issues/4)</pre>Notes: file name: plexus-utils-1.2.jar<br/><br/>Unscored:<ul><li>Severity: Unknown</li></ul><br/>References: <ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vuln/a2f46413-d41e-46e3-9864-d89d15b433be">Directory traversal in org.codehaus.plexus.util.Expand</a></li></ul></p><p>Vulnerable Software &amp; Versions (OSSINDEX):<ul><li class="vs23">cpe:2.3:a:org.codehaus.plexus:plexus-utils:1.2:*:*:*:*:*:*:*</li></ul></p><p><b>Possible XML Injection</b> (OSSINDEX)&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>&gt; `org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment(XMLWriter, String, int, int, int)` does not check if the comment includes a `&quot;--&gt;&quot;` sequence.  This means that text contained in the command string could be interpreted as XML, possibly leading to XML injection issues, depending on how this method is being called.
&gt; 
&gt; -- [github.com](https://github.com/codehaus-plexus/plexus-utils/issues/3)</pre>Notes: file name: plexus-utils-1.2.jar<br/><br/>Unscored:<ul><li>Severity: Unknown</li></ul><br/>References: <ul><li>OSSINDEX - <a target="_blank" href="https://ossindex.sonatype.org/vuln/53d58c08-d32b-4d21-92f4-d0930e6b3210">Possible XML Injection</a></li></ul></p><p>Vulnerable Software &amp; Versions (OSSINDEX):<ul><li class="vs24">cpe:2.3:a:org.codehaus.plexus:plexus-utils:1.2:*:*:*:*:*:*:*</li></ul></p></div></div><h3 class="subsectionheader standardsubsection">struts-annotations-1.0.7.jar</h3><div class="subsectioncontent"><p><b>Description:</b><pre>
        struts-annotations adds annotations processor support for struts based annotated projects,
        such as TLD and documentation generation from annotated component classes as used in struts2
    </pre></p><p><b>File&nbsp;Path:</b>&nbsp;/Users/lukaszlenart/.m2/repository/org/apache/struts/struts-annotations/1.0.7/struts-annotations-1.0.7.jar<br/><b>MD5:</b>&nbsp;cde5d067c06bf2cd8fe0742d8c4d461e<br/><b>SHA1:</b>&nbsp;3fe2a1266e5224b66ade1cc57b92b178023a4ae9<br/><b>SHA256:</b>&nbsp;f7dc6b8f8536bcf29bc1cbd58099c560f2313450340d2505686be214c5931cdd</p><h4 id="header246" class="subsectionheader expandable expandablesubsection white">Evidence</h4><div id="content246" class="subsectioncontent standardsubsection hidden"><table class="lined fullwidth" border="0"><tr><th class="left" style="width:10%;">Type</th><th class="left" style="width:10%;">Source</th><th class="left" style="width:20%;">Name</th><th class="left" style="width:50%;">Value</th><th class="left" style="width:10%;">Confidence</th></tr><tr><td>Vendor</td><td>file</td><td>name</td><td>struts-annotations</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>specification-vendor</td><td>The Apache Software Foundation</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-artifactid</td><td>struts-master</td><td>Low</td></tr><tr><td>Vendor</td><td>Manifest</td><td>Implementation-Vendor</td><td>The Apache Software Foundation</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>artifactid</td><td>struts-annotations</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>annotations</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>url</td><td>http://struts.apache.org</td><td>Highest</td></tr><tr><td>Vendor</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Vendor</td><td>jar</td><td>package name</td><td>struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>name</td><td>Struts Annotations</td><td>High</td></tr><tr><td>Vendor</td><td>pom</td><td>groupid</td><td>org.apache.struts</td><td>Highest</td></tr><tr><td>Vendor</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>file</td><td>name</td><td>struts-annotations</td><td>High</td></tr><tr><td>Product</td><td>pom</td><td>groupid</td><td>apache.struts</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>artifactid</td><td>struts-annotations</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>apache</td><td>Highest</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>annotations</td><td>Highest</td></tr><tr><td>Product</td><td>Manifest</td><td>build-jdk-spec</td><td>1.8</td><td>Low</td></tr><tr><td>Product</td><td>jar</td><td>package name</td><td>struts</td><td>Highest</td></tr><tr><td>Product</td><td>pom</td><td>name</td><td>Struts Annotations</td><td>High</td></tr><tr><td>Product</td><td>Manifest</td><td>specification-title</td><td>Struts Annotations</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>url</td><td>http://struts.apache.org</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-groupid</td><td>org.apache.struts</td><td>Medium</td></tr><tr><td>Product</td><td>pom</td><td>parent-artifactid</td><td>struts-master</td><td>Medium</td></tr><tr><td>Product</td><td>Manifest</td><td>Implementation-Title</td><td>Struts Annotations</td><td>High</td></tr><tr><td>Version</td><td>file</td><td>version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>Manifest</td><td>Implementation-Version</td><td>1.0.7</td><td>High</td></tr><tr><td>Version</td><td>pom</td><td>version</td><td>1.0.7</td><td>Highest</td></tr><tr><td>Version</td><td>pom</td><td>parent-version</td><td>1.0.7</td><td>Low</td></tr></table></div><h4 id="header247" class="subsectionheader white">Suppressed Identifiers</h4><div id="content247" class="subsectioncontent standardsubsection"><ul><li><a href="https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;results_type=overview&amp;search_type=all&amp;cpe_vendor=cpe%3A%2F%3Aapache&amp;cpe_product=cpe%3A%2F%3Aapache%3Astruts&amp;cpe_version=cpe%3A%2F%3Aapache%3Astruts%3A1.0.7" target="_blank">cpe:2.3:a:apache:struts:1.0.7:*:*:*:*:*:*:*</a>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span>&nbsp;&nbsp;(<i>Confidence</i>:Highest)<ul><li>Notes: file name: struts-annotations-1.0.6.jar</li></ul></li></ul></div><h4 id="header248" class="subsectionheader expandable collaspablesubsection white">Suppressed Vulnerabilities</h4><div id="content248" class="subsectioncontent standardsubsection"><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1546">CVE-2006-1546</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check.</pre>NVD-CWE-Other<br/><br/>CVSSv2:<ul><li>Base Score: HIGH (7.5)</li><li>Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P</li></ul><br/>References: <ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/17342">17342</a></li><li>CONFIRM - <a target="_blank" href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38374">http://issues.apache.org/bugzilla/show_bug.cgi?id=38374</a></li><li>CONFIRM - <a target="_blank" href="http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html">http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html</a></li><li>MLIST - <a target="_blank" href="http://mail-archives.apache.org/mod_mbox/struts-dev/200601.mbox/%3cdr169r$623$2@sea.gmane.org%3e">[struts-devel] 20060122 Re: Validation Security Hole?</a></li><li>MLIST - <a target="_blank" href="http://mail-archives.apache.org/mod_mbox/struts-user/200601.mbox/%3c20060121221800.15814.qmail@web32607.mail.mud.yahoo.com%3e">[struts-user] 20060121 Validation Security Hole?</a></li><li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1015856">1015856</a></li><li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/19493">19493</a></li><li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/20117">20117</a></li><li>SUSE - <a target="_blank" href="http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html">SUSE-SR:2006:010</a></li><li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2006/1205">ADV-2006-1205</a></li><li>XF - <a target="_blank" href="https://exchange.xforce.ibmcloud.com/vulnerabilities/25612">struts-iscancelled-security-bypass(25612)</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs25"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 1.2.8</a></li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1547">CVE-2006-1547</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils.</pre>NVD-CWE-Other<br/><br/>CVSSv2:<ul><li>Base Score: HIGH (7.8)</li><li>Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:C</li></ul><br/>References: <ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/17342">17342</a></li><li>CONFIRM - <a target="_blank" href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38534">http://issues.apache.org/bugzilla/show_bug.cgi?id=38534</a></li><li>CONFIRM - <a target="_blank" href="http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html">http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html</a></li><li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1015856">1015856</a></li><li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/19493">19493</a></li><li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/20117">20117</a></li><li>SUSE - <a target="_blank" href="http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html">SUSE-SR:2006:010</a></li><li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2006/1205">ADV-2006-1205</a></li><li>XF - <a target="_blank" href="https://exchange.xforce.ibmcloud.com/vulnerabilities/25613">struts-actionform-dos(25613)</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs26">show all</a>)<ul><li class="vs26"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 1.2.8</a></li><li class="vs26">...</li><li class="vs26 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 1.2.8</a></li><li class="vs26 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A1.2.7">cpe:2.3:a:apache:struts:1.2.7:*:*:*:*:*:*:*</a></li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-1548">CVE-2006-1548</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message.</pre>NVD-CWE-Other<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul><br/>References: <ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/17342">17342</a></li><li>CONFIRM - <a target="_blank" href="http://issues.apache.org/bugzilla/show_bug.cgi?id=38749">http://issues.apache.org/bugzilla/show_bug.cgi?id=38749</a></li><li>CONFIRM - <a target="_blank" href="http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html">http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html</a></li><li>CONFIRM - <a target="_blank" href="https://issues.apache.org/struts/browse/STR-2781">https://issues.apache.org/struts/browse/STR-2781</a></li><li>SECTRACK - <a target="_blank" href="http://securitytracker.com/id?1015856">1015856</a></li><li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/19493">19493</a></li><li>SECUNIA - <a target="_blank" href="http://secunia.com/advisories/20117">20117</a></li><li>SUSE - <a target="_blank" href="http://lists.suse.com/archive/suse-security-announce/2006-May/0004.html">SUSE-SR:2006:010</a></li><li>VUPEN - <a target="_blank" href="http://www.vupen.com/english/advisories/2006/1205">ADV-2006-1205</a></li><li>XF - <a target="_blank" href="https://exchange.xforce.ibmcloud.com/vulnerabilities/25614">struts-lookupmap-xss(25614)</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs27"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 1.2.8</a></li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0394">CVE-2012-0394</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors.  NOTE: the vendor characterizes this behavior as not &quot;a security vulnerability itself.&quot;</pre>CWE-94 Improper Control of Generation of Code ('Code Injection')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (6.8)</li><li>Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P</li></ul><br/>References: <ul><li>BUGTRAQ - <a target="_blank" href="http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.html">20120105 SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2</a></li><li>EXPLOIT-DB - <a target="_blank" href="http://www.exploit-db.com/exploits/18329">18329</a></li><li>EXPLOIT-DB - <a target="_blank" href="http://www.exploit-db.com/exploits/31434">31434</a></li><li>MISC - <a target="_blank" href="http://struts.apache.org/2.x/docs/s2-008.html">http://struts.apache.org/2.x/docs/s2-008.html</a></li><li>MISC - <a target="_blank" href="http://struts.apache.org/2.x/docs/version-notes-2311.html">http://struts.apache.org/2.x/docs/version-notes-2311.html</a></li><li>MISC - <a target="_blank" href="https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt">https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt</a></li><li>OSVDB - <a target="_blank" href="http://www.osvdb.org/78276">78276</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs28">show all</a>)<ul><li class="vs28"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 2.2.3</a></li><li class="vs28">...</li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 2.2.3</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.0">cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.1">cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.2">cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.3">cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.4">cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.5">cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.6">cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.7">cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.8">cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.9">cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.10">cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11">cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11.1">cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11.2">cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.12">cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.13">cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.14">cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.0">cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.1">cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.2">cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.3">cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.4">cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.5">cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.6">cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.8">cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.8.1">cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.1">cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*</a></li><li class="vs28 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.1.1">cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*</a></li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2115">CVE-2013-2115</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.</pre>CWE-94 Improper Control of Generation of Code ('Code Injection')<br/><br/>CVSSv2:<ul><li>Base Score: HIGH (9.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C</li></ul><br/>References: <ul><li>BID - <a target="_blank" href="http://www.securityfocus.com/bid/60167">60167</a></li><li>CONFIRM - <a target="_blank" href="http://struts.apache.org/development/2.x/docs/s2-014.html">http://struts.apache.org/development/2.x/docs/s2-014.html</a></li><li>MISC - <a target="_blank" href="https://bugzilla.redhat.com/show_bug.cgi?id=967656">https://bugzilla.redhat.com/show_bug.cgi?id=967656</a></li><li>MISC - <a target="_blank" href="https://cwiki.apache.org/confluence/display/WW/S2-014">https://cwiki.apache.org/confluence/display/WW/S2-014</a></li></ul></p><p>Vulnerable Software &amp; Versions:&nbsp;(<a href="#" class="versionToggle" data-toggle=".vs29">show all</a>)<ul><li class="vs29"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 2.3.14.1</a></li><li class="vs29">...</li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (including) 2.3.14.1</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.0">cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.1">cpe:2.3:a:apache:struts:2.0.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.2">cpe:2.3:a:apache:struts:2.0.2:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.3">cpe:2.3:a:apache:struts:2.0.3:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.4">cpe:2.3:a:apache:struts:2.0.4:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.5">cpe:2.3:a:apache:struts:2.0.5:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.6">cpe:2.3:a:apache:struts:2.0.6:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.7">cpe:2.3:a:apache:struts:2.0.7:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.8">cpe:2.3:a:apache:struts:2.0.8:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.9">cpe:2.3:a:apache:struts:2.0.9:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.10">cpe:2.3:a:apache:struts:2.0.10:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11">cpe:2.3:a:apache:struts:2.0.11:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11.1">cpe:2.3:a:apache:struts:2.0.11.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.11.2">cpe:2.3:a:apache:struts:2.0.11.2:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.12">cpe:2.3:a:apache:struts:2.0.12:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.13">cpe:2.3:a:apache:struts:2.0.13:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.0.14">cpe:2.3:a:apache:struts:2.0.14:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.0">cpe:2.3:a:apache:struts:2.1.0:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.1">cpe:2.3:a:apache:struts:2.1.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.2">cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.3">cpe:2.3:a:apache:struts:2.1.3:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.4">cpe:2.3:a:apache:struts:2.1.4:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.5">cpe:2.3:a:apache:struts:2.1.5:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.6">cpe:2.3:a:apache:struts:2.1.6:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.8">cpe:2.3:a:apache:struts:2.1.8:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.1.8.1">cpe:2.3:a:apache:struts:2.1.8.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.1">cpe:2.3:a:apache:struts:2.2.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.1.1">cpe:2.3:a:apache:struts:2.2.1.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.3">cpe:2.3:a:apache:struts:2.2.3:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.2.3.1">cpe:2.3:a:apache:struts:2.2.3.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.1">cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.1.1">cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.1.2">cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.3">cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.4">cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.4.1">cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.7">cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.8">cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.12">cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*</a></li><li class="vs29 hidden"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts%3A2.3.14">cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*</a></li></ul></p><p><b><a target="_blank" href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2992">CVE-2015-2992</a></b>&nbsp;&nbsp;<span class="suppressedLabel" >suppressed</span></p><p><pre>Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.</pre>CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')<br/><br/>CVSSv2:<ul><li>Base Score: MEDIUM (4.3)</li><li>Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N</li></ul>CVSSv3:<ul><li>MEDIUM (6.1)</li><li>/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N</li></ul><br/>References: <ul><li>CONFIRM - <a target="_blank" href="https://security.netapp.com/advisory/ntap-20200330-0001/">https://security.netapp.com/advisory/ntap-20200330-0001/</a></li><li>MISC - <a target="_blank" href="http://jvn.jp/en/jp/JVN88408929/index.html">http://jvn.jp/en/jp/JVN88408929/index.html</a></li><li>MISC - <a target="_blank" href="http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000124.html">http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000124.html</a></li><li>MISC - <a target="_blank" href="http://www.securityfocus.com/bid/76624">http://www.securityfocus.com/bid/76624</a></li></ul></p><p>Vulnerable Software &amp; Versions:<ul><li class="vs30"><a target="_blank" href="https://web.nvd.nist.gov/view/vuln/search-results?adv_search=true&cves=on&cpe_version=cpe%3A%2Fa%3Aapache%3Astruts">cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* versions up to (excluding) 2.3.20</a></li></ul></p></div></div></div></div></div><div><br/><br/>This report contains data retrieved from the <a href="https://nvd.nist.gov">National Vulnerability Database</a>.<br/>This report may contain data retrieved from the <a href="https://www.npmjs.com/advisories">NPM Public Advisories</a>.<br/>This report may contain data retrieved from <a href="https://retirejs.github.io/retire.js/">RetireJS</a>.<br/>This report may contain data retrieved from the <a href="https://ossindex.sonatype.org">Sonatype OSS Index</a>.</div></body></html>