Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: SchemaSpy Maven Plugin

nl.geodienstencentrum.maven:schemaspy-maven-plugin:5.3.1-SNAPSHOT

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
aopalliance-1.0.jarpkg:maven/aopalliance/aopalliance@1.0 020
asm-7.3.1.jarpkg:maven/org.ow2.asm/asm@7.3.1 054
asm-analysis-7.3.1.jarpkg:maven/org.ow2.asm/asm-analysis@7.3.1 060
asm-commons-7.3.1.jarpkg:maven/org.ow2.asm/asm-commons@7.3.1 058
asm-tree-7.3.1.jarpkg:maven/org.ow2.asm/asm-tree@7.3.1 058
asm-util-7.3.1.jarpkg:maven/org.ow2.asm/asm-util@7.3.1 058
autolink-0.6.0.jarpkg:maven/org.nibor.autolink/autolink@0.6.0 024
checker-qual-3.42.0.jarpkg:maven/org.checkerframework/checker-qual@3.42.0 046
commons-beanutils-1.9.4.jarcpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*pkg:maven/commons-beanutils/commons-beanutils@1.9.4 0Highest168
commons-chain-1.1.jarpkg:maven/commons-chain/commons-chain@1.1 075
commons-codec-1.11.jarpkg:maven/commons-codec/commons-codec@1.11 0103
commons-collections-3.2.2.jarcpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*pkg:maven/commons-collections/commons-collections@3.2.2 0Highest84
commons-digester-1.8.jarpkg:maven/commons-digester/commons-digester@1.8 090
commons-lang-2.4.jarpkg:maven/commons-lang/commons-lang@2.4 0104
commons-lang3-3.8.1.jarpkg:maven/org.apache.commons/commons-lang3@3.8.1 0140
commons-logging-1.2.jarpkg:maven/commons-logging/commons-logging@1.2 0117
commons-text-1.3.jarcpe:2.3:a:apache:commons_text:1.3:*:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-text@1.3 0Highest67
compiler-0.9.10.jarpkg:maven/com.github.spullara.mustache.java/compiler@0.9.10 027
derby-10.15.2.0.jarcpe:2.3:a:apache:derby:10.15.2.0:*:*:*:*:*:*:*pkg:maven/org.apache.derby/derby@10.15.2.0CRITICAL1Highest28
derbyshared-10.15.2.0.jarcpe:2.3:a:apache:derby:10.15.2.0:*:*:*:*:*:*:*pkg:maven/org.apache.derby/derbyshared@10.15.2.0CRITICAL1Highest27
derbytools-10.15.2.0.jarcpe:2.3:a:apache:derby:10.15.2.0:*:*:*:*:*:*:*pkg:maven/org.apache.derby/derbytools@10.15.2.0CRITICAL1Highest33
dom4j-1.1.jarcpe:2.3:a:dom4j_project:dom4j:1.1:*:*:*:*:*:*:*pkg:maven/dom4j/dom4j@1.1CRITICAL2Highest17
doxia-core-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-core@1.11.1 026
doxia-decoration-model-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-decoration-model@1.11.1 026
doxia-integration-tools-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-integration-tools@1.11.1 028
doxia-logging-api-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-logging-api@1.11.1 028
doxia-module-xhtml-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-module-xhtml@1.11.1 028
doxia-module-xhtml5-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-module-xhtml5@1.11.1 028
doxia-sink-api-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-sink-api@1.11.1 028
doxia-site-renderer-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-site-renderer@1.11.1 026
doxia-skin-model-1.11.1.jarpkg:maven/org.apache.maven.doxia/doxia-skin-model@1.11.1 026
failureaccess-1.0.2.jarpkg:maven/com.google.guava/failureaccess@1.0.2 032
flexmark-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark@0.34.32 022
flexmark-ext-abbreviation-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-abbreviation@0.34.32 027
flexmark-ext-aside-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-aside@0.34.32 027
flexmark-ext-autolink-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-autolink@0.34.32 027
flexmark-ext-definition-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-definition@0.34.32 027
flexmark-ext-emoji-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-emoji@0.34.32 027
flexmark-ext-escaped-character-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-escaped-character@0.34.32 027
flexmark-ext-footnotes-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-footnotes@0.34.32 027
flexmark-ext-gfm-strikethrough-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-gfm-strikethrough@0.34.32 027
flexmark-ext-gfm-tasklist-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-gfm-tasklist@0.34.32 027
flexmark-ext-ins-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-ins@0.34.32 027
flexmark-ext-jekyll-front-matter-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-jekyll-front-matter@0.34.32 027
flexmark-ext-superscript-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-superscript@0.34.32 025
flexmark-ext-tables-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-tables@0.34.32 027
flexmark-ext-toc-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-toc@0.34.32 027
flexmark-ext-typographic-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-typographic@0.34.32 027
flexmark-ext-wikilink-0.34.32.jarcpe:2.3:a:links:links:0.34.32:*:*:*:*:*:*:*pkg:maven/com.vladsch.flexmark/flexmark-ext-wikilink@0.34.32 0Low27
flexmark-ext-yaml-front-matter-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-ext-yaml-front-matter@0.34.32 027
flexmark-formatter-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-formatter@0.34.32 025
flexmark-jira-converter-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-jira-converter@0.34.32 027
flexmark-profile-pegdown-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-profile-pegdown@0.34.32 025
flexmark-util-0.34.32.jarpkg:maven/com.vladsch.flexmark/flexmark-util@0.34.32 024
google-collections-1.0.jarpkg:maven/com.google.collections/google-collections@1.0 029
guava-33.2.1-jre.jarcpe:2.3:a:google:guava:33.2.1:*:*:*:*:*:*:*pkg:maven/com.google.guava/guava@33.2.1-jre 0Highest27
guice-5.1.0.jarpkg:maven/com.google.inject/guice@5.1.0 034
hamcrest-core-1.3.jarpkg:maven/org.hamcrest/hamcrest-core@1.3 024
hsqldb-2.7.3.jarcpe:2.3:a:hsqldb:hypersql_database:2.7.3:*:*:*:*:*:*:*pkg:maven/org.hsqldb/hsqldb@2.7.3 0Low45
httpclient-4.5.13.jarcpe:2.3:a:apache:httpclient:4.5.13:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient@4.5.13 0Highest32
httpcore-4.4.14.jarpkg:maven/org.apache.httpcomponents/httpcore@4.4.14 032
jakarta.annotation-api-1.3.5.jarcpe:2.3:a:oracle:projects:1.3.5:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@1.3.5 0Low35
javax.inject-1.jarpkg:maven/javax.inject/javax.inject@1 020
jcommander-1.69.jarpkg:maven/com.beust/jcommander@1.69 024
json-20230227.jarcpe:2.3:a:json-java_project:json-java:20230227:*:*:*:*:*:*:*pkg:maven/org.json/json@20230227HIGH1Highest30
jul-to-slf4j-1.7.30.jarpkg:maven/org.slf4j/jul-to-slf4j@1.7.30 026
log4j-api-2.12.1.jarcpe:2.3:a:apache:log4j:2.12.1:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-api@2.12.1LOW1Highest42
log4j-to-slf4j-2.12.1.jarpkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.12.1 040
logback-core-1.2.3.jarcpe:2.3:a:qos:logback:1.2.3:*:*:*:*:*:*:*pkg:maven/ch.qos.logback/logback-core@1.2.3HIGH2Highest31
maven-artifact-3.9.9.jarpkg:maven/org.apache.maven/maven-artifact@3.9.9 026
maven-builder-support-3.9.9.jarpkg:maven/org.apache.maven/maven-builder-support@3.9.9 024
maven-core-3.9.9.jarcpe:2.3:a:apache:maven:3.9.9:*:*:*:*:*:*:*pkg:maven/org.apache.maven/maven-core@3.9.9 0Highest24
maven-model-3.9.9.jarpkg:maven/org.apache.maven/maven-model@3.9.9 026
maven-model-builder-3.9.9.jarpkg:maven/org.apache.maven/maven-model-builder@3.9.9 032
maven-plugin-annotations-3.15.0.jarpkg:maven/org.apache.maven.plugin-tools/maven-plugin-annotations@3.15.0 026
maven-plugin-api-3.9.9.jarpkg:maven/org.apache.maven/maven-plugin-api@3.9.9 026
maven-reporting-api-3.1.1.jarpkg:maven/org.apache.maven.reporting/maven-reporting-api@3.1.1 035
maven-reporting-impl-3.2.0.jarpkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0 035
maven-repository-metadata-3.9.9.jarpkg:maven/org.apache.maven/maven-repository-metadata@3.9.9 026
maven-resolver-api-1.9.22.jarpkg:maven/org.apache.maven.resolver/maven-resolver-api@1.9.22 034
maven-resolver-impl-1.9.22.jarpkg:maven/org.apache.maven.resolver/maven-resolver-impl@1.9.22 032
maven-resolver-named-locks-1.9.22.jarpkg:maven/org.apache.maven.resolver/maven-resolver-named-locks@1.9.22 033
maven-resolver-provider-3.9.9.jarpkg:maven/org.apache.maven/maven-resolver-provider@3.9.9 026
maven-resolver-spi-1.9.22.jarpkg:maven/org.apache.maven.resolver/maven-resolver-spi@1.9.22 032
maven-resolver-util-1.9.22.jarpkg:maven/org.apache.maven.resolver/maven-resolver-util@1.9.22 036
maven-settings-3.9.9.jarpkg:maven/org.apache.maven/maven-settings@3.9.9 026
maven-settings-builder-3.9.9.jarpkg:maven/org.apache.maven/maven-settings-builder@3.9.9 026
maven-shared-utils-3.4.2.jarcpe:2.3:a:apache:maven_shared_utils:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:utils_project:utils:3.4.2:*:*:*:*:*:*:*
pkg:maven/org.apache.maven.shared/maven-shared-utils@3.4.2 0Highest29
mssql-jdbc-12.8.1.jre11.jarcpe:2.3:a:www-sql_project:www-sql:12.8.1.jre11:*:*:*:*:*:*:*pkg:maven/com.microsoft.sqlserver/mssql-jdbc@12.8.1
pkg:maven/com.microsoft.sqlserver/mssql-jdbc@12.8.1.jre11
 0Highest36
mysql-connector-j-9.0.0.jarcpe:2.3:a:mysql:mysql:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_connector\/j:9.0.0:*:*:*:*:*:*:*
pkg:maven/com.mysql/mysql-connector-j@9.0.0 0Highest52
nashorn-core-15.4.jarpkg:maven/org.openjdk.nashorn/nashorn-core@15.4 023
nashorn-core-15.4.jar: base.js 00
nashorn-core-15.4.jar: bootstrap.js 00
nashorn-core-15.4.jar: controls.js 00
nashorn-core-15.4.jar: fxml.js 00
nashorn-core-15.4.jar: graphics.js 00
nashorn-core-15.4.jar: media.js 00
nashorn-core-15.4.jar: mozilla_compat.js 00
nashorn-core-15.4.jar: parser.js 00
nashorn-core-15.4.jar: swing.js 00
nashorn-core-15.4.jar: web.js 00
ojdbc11-23.5.0.24.07.jarcpe:2.3:a:oracle:jdbc:23.5.0.24.07:*:*:*:*:*:*:*pkg:maven/com.oracle.database.jdbc/ojdbc11@23.5.0.24.07 0Highest33
org.eclipse.sisu.inject-0.9.0.M3.jarpkg:maven/org.eclipse.sisu/org.eclipse.sisu.inject@0.9.0.M3 034
org.eclipse.sisu.plexus-0.9.0.M3.jarpkg:maven/org.eclipse.sisu/org.eclipse.sisu.plexus@0.9.0.M3 029
oro-2.0.8.jarpkg:maven/oro/oro@2.0.8 016
plexus-cipher-2.0.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:2.0:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-cipher@2.0HIGH2Highest20
plexus-classworlds-2.8.0.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:2.8.0:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-classworlds@2.8.0HIGH2Highest30
plexus-container-default-2.1.0.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:2.1.0:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-container-default@2.1.0HIGH2Highest24
plexus-i18n-1.0-beta-10.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:1.0.eta-10:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-i18n@1.0-beta-10HIGH2Highest24
plexus-interpolation-1.27.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:1.27:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-interpolation@1.27HIGH2Highest27
plexus-sec-dispatcher-2.0.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:2.0:*:*:*:*:*:*:*
cpe:2.3:a:sec_project:sec:2.0:*:*:*:*:*:*:*
pkg:maven/org.codehaus.plexus/plexus-sec-dispatcher@2.0HIGH2Highest20
plexus-utils-3.5.1.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:plexus-utils_project:plexus-utils:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:utils_project:utils:3.5.1:*:*:*:*:*:*:*
pkg:maven/org.codehaus.plexus/plexus-utils@3.5.1 0Highest27
plexus-velocity-1.2.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:1.2:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-velocity@1.2HIGH2Highest25
plexus-xml-3.0.0.jarcpe:2.3:a:codehaus-plexus_project:codehaus-plexus:3.0.0:*:*:*:*:*:*:*pkg:maven/org.codehaus.plexus/plexus-xml@3.0.0HIGH2Highest24
postgresql-42.7.4.jarcpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.4:*:*:*:*:*:*:*pkg:maven/org.postgresql/postgresql@42.7.4 0Low68
protobuf-java-4.26.1.jarcpe:2.3:a:google:protobuf-java:4.26.1:*:*:*:*:*:*:*
cpe:2.3:a:protobuf:protobuf:4.26.1:*:*:*:*:*:*:*
pkg:maven/com.google.protobuf/protobuf-java@4.26.1HIGH1Highest27
schemaspy-6.2.4.jarpkg:maven/org.schemaspy/schemaspy@6.2.4 038
schemaspy-6.2.4.jar: anchor.min.js 00
schemaspy-6.2.4.jar: anomalies.js 00
schemaspy-6.2.4.jar: app.js 00
schemaspy-6.2.4.jar: app.min.js 00
schemaspy-6.2.4.jar: bootstrap.jspkg:javascript/bootstrap@3.3.7MEDIUM83
schemaspy-6.2.4.jar: bootstrap.min.jspkg:javascript/bootstrap@3.3.7MEDIUM83
schemaspy-6.2.4.jar: buttons.bootstrap.js 00
schemaspy-6.2.4.jar: buttons.bootstrap.min.js 00
schemaspy-6.2.4.jar: buttons.colVis.js 00
schemaspy-6.2.4.jar: buttons.colVis.min.js 00
schemaspy-6.2.4.jar: buttons.flash.js 00
schemaspy-6.2.4.jar: buttons.flash.min.js 00
schemaspy-6.2.4.jar: buttons.html5.js 00
schemaspy-6.2.4.jar: buttons.html5.min.js 00
schemaspy-6.2.4.jar: buttons.print.js 00
schemaspy-6.2.4.jar: buttons.print.min.js 00
schemaspy-6.2.4.jar: codemirror.js 00
schemaspy-6.2.4.jar: column.js 00
schemaspy-6.2.4.jar: constraint.js 00
schemaspy-6.2.4.jar: dashboard.js 00
schemaspy-6.2.4.jar: dashboard2.js 00
schemaspy-6.2.4.jar: dataTables.bootstrap.js 00
schemaspy-6.2.4.jar: dataTables.bootstrap.min.js 00
schemaspy-6.2.4.jar: dataTables.buttons.js 00
schemaspy-6.2.4.jar: dataTables.buttons.min.js 00
schemaspy-6.2.4.jar: demo.js 00
schemaspy-6.2.4.jar: fastclick.js 00
schemaspy-6.2.4.jar: fastclick.min.js 00
schemaspy-6.2.4.jar: html5shiv.min.js 00
schemaspy-6.2.4.jar: jquery-2.2.3.min.jspkg:javascript/jquery@2.2.3.minMEDIUM53
schemaspy-6.2.4.jar: jquery-ui.jspkg:javascript/jquery-ui-dialog@1.11.4
pkg:javascript/jquery-ui@1.11.4
MEDIUM55
schemaspy-6.2.4.jar: jquery-ui.min.jspkg:javascript/jquery-ui-dialog@1.11.4
pkg:javascript/jquery-ui@1.11.4
MEDIUM55
schemaspy-6.2.4.jar: jquery.dataTables.min.jspkg:javascript/jquery.datatables@1.10.15HIGH43
schemaspy-6.2.4.jar: jquery.jspkg:javascript/jquery@3.2.1MEDIUM33
schemaspy-6.2.4.jar: jquery.slimscroll.js 00
schemaspy-6.2.4.jar: jquery.slimscroll.min.js 00
schemaspy-6.2.4.jar: main.js 00
schemaspy-6.2.4.jar: npm.js 00
schemaspy-6.2.4.jar: pdfmake.min.js 00
schemaspy-6.2.4.jar: relationships.js 00
schemaspy-6.2.4.jar: respond.min.js 00
schemaspy-6.2.4.jar: routine.js 00
schemaspy-6.2.4.jar: routines.js 00
schemaspy-6.2.4.jar: salvattore.min.js 00
schemaspy-6.2.4.jar: schemaSpy.js 00
schemaspy-6.2.4.jar: sql.js 00
schemaspy-6.2.4.jar: table.js 00
schemaspy-6.2.4.jar: vfs_fonts.js 00
schemaspy-6.2.4.jar: viz.js 00
schemaspy-6.2.4.jar: xlsx.full.min.js 00
serializer-2.7.2.jarcpe:2.3:a:apache:xalan-java:2.7.2:*:*:*:*:*:*:*pkg:maven/xalan/serializer@2.7.2HIGH1Highest32
slf4j-api-1.7.36.jarpkg:maven/org.slf4j/slf4j-api@1.7.36 029
snakeyaml-1.25.jarcpe:2.3:a:snakeyaml_project:snakeyaml:1.25:*:*:*:*:*:*:*pkg:maven/org.yaml/snakeyaml@1.25CRITICAL8Highest44
spring-boot-2.2.11.RELEASE.jarcpe:2.3:a:vmware:spring_boot:2.2.11:release:*:*:*:*:*:*pkg:maven/org.springframework.boot/spring-boot@2.2.11.RELEASECRITICAL2Highest39
spring-core-5.2.10.RELEASE.jarcpe:2.3:a:pivotal_software:spring_framework:5.2.10:release:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.2.10:release:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.10:release:*:*:*:*:*:*
pkg:maven/org.springframework/spring-core@5.2.10.RELEASECRITICAL*10Highest36
spring-expression-5.2.10.RELEASE.jarcpe:2.3:a:pivotal_software:spring_framework:5.2.10:release:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.2.10:release:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:5.2.10:release:*:*:*:*:*:*
pkg:maven/org.springframework/spring-expression@5.2.10.RELEASECRITICAL*11Highest36
velocity-1.7.jarcpe:2.3:a:apache:velocity_engine:1.7:*:*:*:*:*:*:*pkg:maven/org.apache.velocity/velocity@1.7HIGH1Low76
velocity-tools-2.0.jarcpe:2.3:a:apache:velocity_tools:2.0:*:*:*:*:*:*:*pkg:maven/org.apache.velocity/velocity-tools@2.0MEDIUM1Highest76
xalan-2.7.2.jarcpe:2.3:a:apache:xalan-java:2.7.2:*:*:*:*:*:*:*pkg:maven/xalan/xalan@2.7.2HIGH1Highest66
xbean-reflect-3.7.jarpkg:maven/org.apache.xbean/xbean-reflect@3.7 025
xml-apis-1.3.04.jarpkg:maven/xml-apis/xml-apis@1.3.04 071

* indicates the dependency has a known exploited vulnerability

Dependencies (vulnerable)

aopalliance-1.0.jar

Description:

AOP Alliance

License:

Public Domain
File Path: /home/runner/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256:0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
aopalliance-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

asm-7.3.1.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm/7.3.1/asm-7.3.1.jar
MD5: 542c066ed00a4fa9857e9343e2c595b9
SHA1: 7ec32f922315924e82bf58b36ee1b673b2a9b820
SHA256:2f67e11ceec819ebd88ddee5300aba699b1cbab2e20c22e97cf027d3be93959b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

asm-analysis-7.3.1.jar

Description:

Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-analysis/7.3.1/asm-analysis-7.3.1.jar
MD5: b5b082ef17f6d6bb3d8ed9c129161bdb
SHA1: 045dfd299ea0c17d534499c4f06417ceccfa2d02
SHA256:46b8a8efd4b94facb5ab4b35afe30ee0546ae7a43d2c64e6def56c2f168fefa5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-analysis-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

asm-commons-7.3.1.jar

Description:

Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-commons/7.3.1/asm-commons-7.3.1.jar
MD5: be985ed0af52424f8f5d27ec71c249ab
SHA1: daaa79ef260eb67404b9a52bc319a024c7f49cfe
SHA256:87cd8bb3c6bf6bcbb33fca48060c5065f66ebf6a3d7de9bf18bff51bcf156ebc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-commons-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

asm-tree-7.3.1.jar

Description:

Tree API of ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-tree/7.3.1/asm-tree-7.3.1.jar
MD5: 3ef0bd9837a905e0b2d443de9199a409
SHA1: 587ce54d243145b2e89598bfcea7823ded73be5d
SHA256:f91a4a8aa868c5c4665bb4fd134019a91f9f8b9216527fba295e3c8b5422b78b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-tree-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

asm-util-7.3.1.jar

Description:

Utilities for ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-util/7.3.1/asm-util-7.3.1.jar
MD5: 181141e54fdd56474937d7ebfb325ba3
SHA1: cac1bf54c2fb86671c357d281d1060fe5d50a0de
SHA256:182128592742ed4883ac82bf205f137b6bfbe1234c68e6feb13759e75a85b729
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-util-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

autolink-0.6.0.jar

Description:

        Java library to extract links (URLs, email addresses) from plain text;
        fast, small and smart about recognizing where links end
    

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/org/nibor/autolink/autolink/0.6.0/autolink-0.6.0.jar
MD5: f2633571471a5957ee12e61b184e6219
SHA1: 3986d016a14e8c81afeec752f19af29b20e8367b
SHA256:a80be030f6386f18111cad9161c0b6983157352a1b59a59e6002172f0d321c04
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
autolink-0.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

checker-qual-3.42.0.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.42.0/checker-qual-3.42.0.jar
MD5: 4c55448dcbfe9c3702f7758fc8fe0086
SHA1: 638ec33f363a94d41a4f03c3e7d3dcfba64e402d
SHA256:ccaedd33af0b7894d9f2f3b644f4d19e43928e32902e61ac4d10777830f5aac7
Referenced In Project/Scope: SchemaSpy Maven Plugin:runtime
checker-qual-3.42.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.postgresql/postgresql@42.7.4

Identifiers

commons-beanutils-1.9.4.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256:7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

commons-chain-1.1.jar

Description:

An implmentation of the GoF Chain of Responsibility pattern

License:

The Apache Software License, Version 2.0: /LICENSE.txt
File Path: /home/runner/.m2/repository/commons-chain/commons-chain/1.1/commons-chain-1.1.jar
MD5: d4ce482153073855e7c6453dc3c725cb
SHA1: 3038bd41dcdb2b63b8c6dcc8c15f0fdf3f389012
SHA256:e408f72da5ed4c5db6ae19e8c3b7ee36259c36c05f7a77f15509a014bfe7bcaa
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-chain-1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

commons-codec-1.11.jar

Description:

     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.11/commons-codec-1.11.jar
MD5: 567159b1ae257a43e1391a8f59d24cfe
SHA1: 3acb4705652e16236558f0f4f2192cc33c3bd189
SHA256:e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-codec-1.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-beanutils/commons-beanutils@1.9.4

Identifiers

commons-digester-1.8.jar

Description:

The Digester package lets you configure an XML->Java object mapping module
    which triggers certain actions called rules whenever a particular 
    pattern of nested XML elements is recognized.

License:

The Apache Software License, Version 2.0: /LICENSE.txt
File Path: /home/runner/.m2/repository/commons-digester/commons-digester/1.8/commons-digester-1.8.jar
MD5: cf89c593f0378e9509a06fce7030aeba
SHA1: dc6a73fdbd1fa3f0944e8497c6c872fa21dca37e
SHA256:05662373044f3dff112567b7bb5dfa1174e91e074c0c727b4412788013f49d56
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-digester-1.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

commons-lang-2.4.jar

Description:

        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-lang/commons-lang/2.4/commons-lang-2.4.jar
MD5: 237a8e845441bad2e535c57d985c8204
SHA1: 16313e02a793435009f1e458fa4af5d879f6fb11
SHA256:2c73b940c91250bc98346926270f13a6a10bb6e29d2c9316a70d134e382c873e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-lang-2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

commons-lang3-3.8.1.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.8.1/commons-lang3-3.8.1.jar
MD5: 540b1256d887a6993ecbef23371a3302
SHA1: 6505a72a097d9270f7a9e7bf42c4238283247755
SHA256:dac807f65b07698ff39b1b07bfef3d87ae3fd46d91bbf8a2bc02b2a831616f68
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-lang3-3.8.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

commons-logging-1.2.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-logging-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-beanutils/commons-beanutils@1.9.4

Identifiers

commons-text-1.3.jar

Description:

Apache Commons Text is a library focused on algorithms working on strings.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.3/commons-text-1.3.jar
MD5: e12b93c4a7fa6326e8afe557243c8651
SHA1: 9abf61708a66ab5e55f6169a200dbfc584b546d9
SHA256:8185b3a5311092d83ed1f184c2d093b3105d726bbd76867c32b3511542bb99a8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-text-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

compiler-0.9.10.jar

Description:

Implementation of mustache.js for Java

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/com/github/spullara/mustache/java/compiler/0.9.10/compiler-0.9.10.jar
MD5: 5638fc78a17d5063cc4b0d00f6e87491
SHA1: 6111ae24e3be9ecbd75f5fe908583fc14b4f0174
SHA256:2b5a9217811cb99846a473fa8e0d233eb33629347b7f44941f6c0fbd4cdf1038
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
compiler-0.9.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

derby-10.15.2.0.jar

Description:

Contains the core Apache Derby database engine, which also includes the embedded JDBC driver.

File Path: /home/runner/.m2/repository/org/apache/derby/derby/10.15.2.0/derby-10.15.2.0.jar
MD5: abff01351b19bc62a188bac08a8bb58b
SHA1: b64da6681994f33ba5783ffae55cdb44885b9e70
SHA256:3afe424625f4caea05ff2f9022be2d98634be4d69dee3529697dab6d9fe1142f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
derby-10.15.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

CVE-2022-46337  

A cleverly devised username might bypass LDAP authentication checks. In 
LDAP-authenticated Derby installations, this could let an attacker fill 
up the disk by creating junk Derby databases. In LDAP-authenticated 
Derby installations, this could also allow the attacker to execute 
malware which was visible to and executable by the account which booted 
the Derby server. In LDAP-protected databases which weren't also 
protected by SQL GRANT/REVOKE authorization, this vulnerability could 
also let an attacker view and corrupt sensitive data and run sensitive 
database functions and procedures.

Mitigation:

Users should upgrade to Java 21 and Derby 10.17.1.0.

Alternatively, users who wish to remain on older Java versions should 
build their own Derby distribution from one of the release families to 
which the fix was backported: 10.16, 10.15, and 10.14. Those are the 
releases which correspond, respectively, with Java LTS versions 17, 11, 
and 8.

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

derbyshared-10.15.2.0.jar

Description:

The code which is shared across all Derby configurations.

File Path: /home/runner/.m2/repository/org/apache/derby/derbyshared/10.15.2.0/derbyshared-10.15.2.0.jar
MD5: 2cb9ab8b9cfb06c2da5a1d3825d04344
SHA1: ff2dfb3e2a92d593cf111baad242d156947abbc1
SHA256:55365ab97e698080c6ccec65dbf7b8c63e4b4b77ad08f794d11458b1f2ea272c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
derbyshared-10.15.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.derby/derby@10.15.2.0

Identifiers

CVE-2022-46337  

A cleverly devised username might bypass LDAP authentication checks. In 
LDAP-authenticated Derby installations, this could let an attacker fill 
up the disk by creating junk Derby databases. In LDAP-authenticated 
Derby installations, this could also allow the attacker to execute 
malware which was visible to and executable by the account which booted 
the Derby server. In LDAP-protected databases which weren't also 
protected by SQL GRANT/REVOKE authorization, this vulnerability could 
also let an attacker view and corrupt sensitive data and run sensitive 
database functions and procedures.

Mitigation:

Users should upgrade to Java 21 and Derby 10.17.1.0.

Alternatively, users who wish to remain on older Java versions should 
build their own Derby distribution from one of the release families to 
which the fix was backported: 10.16, 10.15, and 10.14. Those are the 
releases which correspond, respectively, with Java LTS versions 17, 11, 
and 8.

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

derbytools-10.15.2.0.jar

Description:

Contains Apache Derby tools like ij, sysinfo, and dblook.

File Path: /home/runner/.m2/repository/org/apache/derby/derbytools/10.15.2.0/derbytools-10.15.2.0.jar
MD5: d41578eeb336b0e479be8f30bfd9ab9b
SHA1: d63722381e0e893d797e4d531e219e2917898364
SHA256:45d6dc34af9790f7f8fafb9b15d8525f3b429950fca4b4051e7e4f81f9170cd9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
derbytools-10.15.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

CVE-2022-46337  

A cleverly devised username might bypass LDAP authentication checks. In 
LDAP-authenticated Derby installations, this could let an attacker fill 
up the disk by creating junk Derby databases. In LDAP-authenticated 
Derby installations, this could also allow the attacker to execute 
malware which was visible to and executable by the account which booted 
the Derby server. In LDAP-protected databases which weren't also 
protected by SQL GRANT/REVOKE authorization, this vulnerability could 
also let an attacker view and corrupt sensitive data and run sensitive 
database functions and procedures.

Mitigation:

Users should upgrade to Java 21 and Derby 10.17.1.0.

Alternatively, users who wish to remain on older Java versions should 
build their own Derby distribution from one of the release families to 
which the fix was backported: 10.16, 10.15, and 10.14. Those are the 
releases which correspond, respectively, with Java LTS versions 17, 11, 
and 8.

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

dom4j-1.1.jar

File Path: /home/runner/.m2/repository/dom4j/dom4j/1.1/dom4j-1.1.jar
MD5: f1c39d0d2b2c6f5ffb0046841a34b5c9
SHA1: 0690b3108a502c8f033ea87e7278aec309ffa668
SHA256:50bd5c21b5fbd27b8bbb5f8050544b53f49a4480fd347ce9c46d55c706015156
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
dom4j-1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

CVE-2020-10683  

dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j.
CWE-611 Improper Restriction of XML External Entity Reference

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2018-1000632 (OSSINDEX)  

dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. Methods: addElement, addAttribute that can result in an attacker tampering with XML documents through XML injection. This attack appear to be exploitable via an attacker specifying attributes or elements in the XML document. This vulnerability appears to have been fixed in 2.1.1 or later.
CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:dom4j:dom4j:1.1:*:*:*:*:*:*:*

doxia-core-1.11.1.jar

Description:

Doxia core classes and interfaces.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-core/1.11.1/doxia-core-1.11.1.jar
MD5: a5f49cc5f7dadd2fa104974dfa3a6766
SHA1: 0b0438a61c2c1208b4d2e2b38241478383dd758b
SHA256:d79801594566bdd7168b1adf927c3cc40cf17a95dd4480b4151e45eb30128cd7
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-core-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-decoration-model-1.11.1.jar

Description:

The Decoration Model handles the decoration descriptor for sites, also known as site.xml.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-decoration-model/1.11.1/doxia-decoration-model-1.11.1.jar
MD5: 927ed3e7c39b6fed77875ed385b63447
SHA1: 1e10f4e9268b49edf40bca721eef07271bc91de5
SHA256:411fc167774f2e3573f280c57a278fbe7bae677ee596a8ad24bd6c6bb2c5bbce
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-decoration-model-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-integration-tools-1.11.1.jar

Description:

A collection of tools to help the integration of Doxia Sitetools in Maven plugins.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-integration-tools/1.11.1/doxia-integration-tools-1.11.1.jar
MD5: 1f3abb6a2c7c65b6f68f3ad45a76b3f5
SHA1: fdc4c4f29d10b0e2b5b9d7f9eea16812d496e478
SHA256:eee789dcb86f37f290c6c22198ea56bf529edf21590294e549a77a490ed21dbe
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-integration-tools-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-logging-api-1.11.1.jar

Description:

Doxia Logging API.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-logging-api/1.11.1/doxia-logging-api-1.11.1.jar
MD5: 6452e33a36b87939630e0b18f8ffcff0
SHA1: ee28757cce6ee0215bac550dead25074c97c532d
SHA256:243c66f842cd2b3ded7c6d2c36b177a65c3f5d94800cef988ba3e29ec8cf60c9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-logging-api-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-module-xhtml-1.11.1.jar

Description:

    A Doxia module for Xhtml source documents.
    Xhtml format is supported both as source and target formats.
  

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-xhtml/1.11.1/doxia-module-xhtml-1.11.1.jar
MD5: 82c4cfb79b666b922e1a8cf7b919df22
SHA1: f1b755a09934cd9c51d87b606c8e8ddf07719ebf
SHA256:3d298e2da1e11dba952cf4e5d750fafc41713470767b57c4f6969123c0892a23
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-module-xhtml-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-module-xhtml5-1.11.1.jar

Description:

    A Doxia module for Xhtml5 source documents.
    Xhtml5 format is supported both as source and target formats.
  

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-xhtml5/1.11.1/doxia-module-xhtml5-1.11.1.jar
MD5: 37208526e7ed1051bc8c7f8dc076e5c9
SHA1: e4ee721555ff063d7ef9042d6b9237386c6b33e0
SHA256:3583ae17f9ae97db41da038dc67552a386e7a9f850f45fa6fdb0d2b9ef36a31c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-module-xhtml5-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-sink-api-1.11.1.jar

Description:

Doxia Sink API.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-sink-api/1.11.1/doxia-sink-api-1.11.1.jar
MD5: b1bd5c9efde9f14969fa881b87fe709b
SHA1: 59c2255f58c78fbbcb7e638e82bd2914e78aec8b
SHA256:39ac38bb7d752ea003be17a0065522e4e1b076a4f7e374bea55259f3e133f28f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-sink-api-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-site-renderer-1.11.1.jar

Description:

The Site Renderer handles the rendering of sites, merging site decoration with document content.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-site-renderer/1.11.1/doxia-site-renderer-1.11.1.jar
MD5: 871abead02f713fb9c02d5ba36f65bf7
SHA1: 414e3b2049aa6f6710ecca4fa905d9d2ce318773
SHA256:f279a087910d3e0728daad9114da8f3211cfb49b5e8457d05ee9ee5f04284527
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-site-renderer-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

doxia-skin-model-1.11.1.jar

Description:

The Skin Model defines metadata for Doxia Sitetools skins.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-skin-model/1.11.1/doxia-skin-model-1.11.1.jar
MD5: 6fa7b3005dad9f4b285a889b3b68d8aa
SHA1: b6994a60da09eb429c01362e9a6a510e0f83d24e
SHA256:5337efbe45413d24b71422d145062f84bde96271dab9f3a5caa3fab461974bf4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-skin-model-1.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

failureaccess-1.0.2.jar

Description:

    Contains
    com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
    InternalFutures. Most users will never need to use this artifact. Its
    classes are conceptually a part of Guava, but they're in this separate
    artifact so that Android libraries can use them without pulling in all of
    Guava (just as they can use ListenableFuture by depending on the
    listenablefuture artifact).
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/guava/failureaccess/1.0.2/failureaccess-1.0.2.jar
MD5: 3f75955b49b6758fd6d1e1bd9bf777b3
SHA1: c4a06a64e650562f30b7bf9aaec1bfed43aca12b
SHA256:8a8f81cf9b359e3f6dfa691a1e776985c061ef2f223c9b2c80753e1b458e8064
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
failureaccess-1.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

flexmark-0.34.32.jar

Description:

Core of flexmark-java (implementation of CommonMark for parsing markdown and rendering to HTML)

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark/0.34.32/flexmark-0.34.32.jar
MD5: 382b5c90335fad2eb5d28fde5a55a0d4
SHA1: c2c2bf0e9c67757eb5996afe0ade71195227253b
SHA256:60fff3390d6836ddcf45be0a0f0e6b4602ce2f26508762851286b3a082648b53
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-abbreviation-0.34.32.jar

Description:

flexmark-java extension for defining abbreviations and turning appearance of these abbreviations in text into links with titles consisting of the expansion of the abbreviation

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-abbreviation/0.34.32/flexmark-ext-abbreviation-0.34.32.jar
MD5: f663f0f2d098231cfd98a853a822e464
SHA1: 785fe944a8f5b5b54b30a4c40735f0f82d53aa25
SHA256:714ed71edd9e5c56ccd6f210b0eb79cf7240923ddf37bfd9ad8d03635f758f5e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-abbreviation-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-aside-0.34.32.jar

Description:

flexmark-java extension for converting | to aside tags

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-aside/0.34.32/flexmark-ext-aside-0.34.32.jar
MD5: 2a54188164a2b5c0b22c280845a3160f
SHA1: 017d27b92514cd5b5c2494e1d2fe2cb3b695058c
SHA256:9bd05330490936009172b2b7bd9395c388839e36ca8bbaefd470b875d46c7e28
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-aside-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-autolink-0.34.32.jar

Description:

flexmark-java extension for turning plain URLs and email addresses into links

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-autolink/0.34.32/flexmark-ext-autolink-0.34.32.jar
MD5: 2be49f92ce3fc05f3a80b767a39bb72f
SHA1: 6a499f9ebf555ce8545382818103aaaf991af123
SHA256:072e2d8ea66caea1b214becb697271a3337f22fd0a3e6cfff4c7812c98d0a37e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-autolink-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-definition-0.34.32.jar

Description:

flexmark-java extension for definition

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-definition/0.34.32/flexmark-ext-definition-0.34.32.jar
MD5: 06175b13310b36c4a42e9f41fb0a725f
SHA1: 1af7506590f76e6a81f78395a7b3ffa41cec8ff5
SHA256:27c05f0736294540a6922cd2369eb5178bab8c427977ebb49c5593754a5e3a72
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-definition-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-emoji-0.34.32.jar

Description:

flexmark-java extension for emoji shortcuts using Emoji-Cheat-Sheet.com http://www.emoji-cheat-sheet.com/

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-emoji/0.34.32/flexmark-ext-emoji-0.34.32.jar
MD5: b76e06cc514d0d3fde84ef695c6fe29f
SHA1: acbf86eabcaffeb0a5a90a9ab1933367f57ce2bb
SHA256:a9dc9e21e1b96718cfb45efe00e816b06d52a02c9451097f9ba3c17072c21661
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-emoji-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-escaped-character-0.34.32.jar

Description:

flexmark-java extension for escaped_character

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-escaped-character/0.34.32/flexmark-ext-escaped-character-0.34.32.jar
MD5: e3f75f4076188a21d4b0ccd43ba8425d
SHA1: e6d8328b599e9af5c2ddff3a9559dfe3545f9008
SHA256:654fbb2f164aa6ba3ce35cd43ac6bc65801c9a7f36ddb160963a5fb2730d0064
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-escaped-character-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-footnotes-0.34.32.jar

Description:

flexmark-java extension for footnote inline elments and footnote definitions

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-footnotes/0.34.32/flexmark-ext-footnotes-0.34.32.jar
MD5: 79bb8079973223f14f06231fd9623bf6
SHA1: b4e1426e8658312dc2f61df1d64f8abc40fe385f
SHA256:f4d92a042d3f64cb94deb7fe8dc52b5dab9a6efea01cf54b844cb0ea77a91992
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-footnotes-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-gfm-strikethrough-0.34.32.jar

Description:

flexmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown)

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-gfm-strikethrough/0.34.32/flexmark-ext-gfm-strikethrough-0.34.32.jar
MD5: a5a9e5ebfb9a1f58873d9ecd27dd348d
SHA1: acc88a9aabb0ac71d6d63c7bcccb2b082ba38b73
SHA256:2678273cae59d949007172fd439157f8c5f2b777f856587ad305c2bf3a55113d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-gfm-strikethrough-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-gfm-tasklist-0.34.32.jar

Description:

flexmark-java extension to convert bullet list items that start with [ ] to a TaskListItem node

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-gfm-tasklist/0.34.32/flexmark-ext-gfm-tasklist-0.34.32.jar
MD5: 6b0c5a675ca4154683a20da590e68188
SHA1: ea598ab99f7c961370f7119897a0b8efc2275566
SHA256:0fb4e680ab4ed40d67ac3399dc0ad2d95cbe902036abee994995eda53ce08fdc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-gfm-tasklist-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-ins-0.34.32.jar

Description:

flexmark-java extension for ins

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-ins/0.34.32/flexmark-ext-ins-0.34.32.jar
MD5: 6de13c82fedd06bde84a659a7f97d318
SHA1: 198876100bb1561e2bebb67bdfb05053aac92252
SHA256:8db30a0569f722fd33671df895bd465d36aad56782f8fb132fe41bef138fc8ac
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-ins-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-jekyll-front-matter-0.34.32.jar

Description:

flexmark-java extension for jekyll_front_matter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-jekyll-front-matter/0.34.32/flexmark-ext-jekyll-front-matter-0.34.32.jar
MD5: d75e222b62c266ebf19b1481cf0c6f08
SHA1: 3ba2481406202ffb2a3dd1ef888a0be7e6050b8c
SHA256:4fc8404e83cf4d23ea3850dd607553db56141f4dc787dd5ecbcf7c8151e63e14
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-jekyll-front-matter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-superscript-0.34.32.jar

Description:

flexmark-java extension for superscript

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-superscript/0.34.32/flexmark-ext-superscript-0.34.32.jar
MD5: 32e7f7e13440b5a9d087845fba2b9fcb
SHA1: 2f9413cedcc339dd20328249cce6fcee63161a57
SHA256:538175c28416be2b150ce63986d5594df42d7f069592733fb94c81f08fe2f127
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-superscript-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-tables-0.34.32.jar

Description:

flexmark-java extension for tables using "|" pipes with optional column spans and table caption

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-tables/0.34.32/flexmark-ext-tables-0.34.32.jar
MD5: 0475a524aaca5cf09e242aa968034041
SHA1: 550d1891263034068014daa137c38b6b5854aafb
SHA256:662e9e726abe00c7e68b1d7e9f65a5a2e7fa77f7a32ef7e109783a7cbb2304cd
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-tables-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-toc-0.34.32.jar

Description:

flexmark-java extension for toc

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-toc/0.34.32/flexmark-ext-toc-0.34.32.jar
MD5: 5d5bed0edcf1c3c7d80520a47b1cf8ac
SHA1: f01a984c6c8c37015079c012e700417d182b0d5f
SHA256:6a3b44c952b76165196babc54a3ad85bc454d051b3331498348cf32810382772
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-toc-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-typographic-0.34.32.jar

Description:

flexmark-java extension for typographic

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-typographic/0.34.32/flexmark-ext-typographic-0.34.32.jar
MD5: 493f416bb0399faa70c9ef4565425fbc
SHA1: 0c8c5babe652bc1e87999ea07ef54818ae12c0d3
SHA256:6d5d09963cf211b9013ddf7cced1658edea3d6484e99af4dfd903ca239e2f2aa
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-typographic-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-wikilink-0.34.32.jar

Description:

flexmark-java extension parsing and rendering wiki links

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-wikilink/0.34.32/flexmark-ext-wikilink-0.34.32.jar
MD5: 6ff6ff0e5c7dd48d4d35328428878538
SHA1: 7e40b4e8bf1d409e593b8b69604a504835303df2
SHA256:865745f068c7ff1a5e363b893651330b1336282c6664a7b635634263a4ed7898
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-wikilink-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-ext-yaml-front-matter-0.34.32.jar

Description:

flexmark-java extension for YAML front matter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-yaml-front-matter/0.34.32/flexmark-ext-yaml-front-matter-0.34.32.jar
MD5: 3de9fc9e100d6f4e6b2644b79a8db5e4
SHA1: 0509b24c760f37699d155e63443138977f519373
SHA256:7cdb249e1906b89d84399d6de54c7afe7f4715d6ad2c30ec60f5f756d7b9e475
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-yaml-front-matter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-formatter-0.34.32.jar

Description:

flexmark-java extension for formatter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-formatter/0.34.32/flexmark-formatter-0.34.32.jar
MD5: bae1cc2191f3bd80d09d5cfcb432a68d
SHA1: 5d35d76873bce4f5707c2df5c6be47ca42f59901
SHA256:6d8e8b4bf0e34c993a4727873e5eab86015a3121dc7bf169d97d71d45c9dd78e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-formatter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-jira-converter-0.34.32.jar

Description:

flexmark-java extension for jira_converter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-jira-converter/0.34.32/flexmark-jira-converter-0.34.32.jar
MD5: 676e66b37015c3a02a249dbdb3d6666a
SHA1: 75ca8726c7a24efa1bfa74e5fe879cd929ec0cfe
SHA256:a6a33938ff6dfe5be0f2c5ba630a84b47e9f36334c5e415bb9069366ad96e2e3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-jira-converter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-profile-pegdown-0.34.32.jar

Description:

flexmark-java extension for setting flexmark options by using pegdown extension flags

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-profile-pegdown/0.34.32/flexmark-profile-pegdown-0.34.32.jar
MD5: a7808bb410e1ae87e66b42c3825888ab
SHA1: 30226a940419942e37a88b0a4c79a676ca78f788
SHA256:e62eaf00d9249aeb921eea709c492f5ffd085e75a15f2ca2a3944165351dd834
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-profile-pegdown-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

flexmark-util-0.34.32.jar

Description:

flexmark-java utility classes

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util/0.34.32/flexmark-util-0.34.32.jar
MD5: 240493638f5833ff8563a0b8b0ecd37f
SHA1: a06050bd9933ac68bc1f266d47c16e772675fea9
SHA256:2ee09f5826e303f37b2b88e3ae5bb7dcc70935ed1736c3a986e8bb8786f8f89c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-util-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

google-collections-1.0.jar

Description:

Google Collections Library is a suite of new collections and collection-related goodness for Java 5.0

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/collections/google-collections/1.0/google-collections-1.0.jar
MD5: 7c882c8d734e50112000e4a88e06c535
SHA1: 9ffe71ac6dcab6bc03ea13f5c2e7b2804e69b357
SHA256:81b8d638af0083c4b877099d56aa0fee714485cd2ace1b6a09cab867cadb375d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
google-collections-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

guava-33.2.1-jre.jar

Description:

    Guava is a suite of core and expanded libraries that include
    utility classes, Google's collections, I/O classes, and
    much more.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/guava/guava/33.2.1-jre/guava-33.2.1-jre.jar
MD5: 872309e5982530bdc7e68096c0d53cd2
SHA1: 818e780da2c66c63bbb6480fef1f3855eeafa3e4
SHA256:452b2d9787b7d366fa8cf5ed9a1c40404542d05effa7a598da03bbbbb76d9f31
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
guava-33.2.1-jre.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

guice-5.1.0.jar

Description:

Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/inject/guice/5.1.0/guice-5.1.0.jar
MD5: 2560169296aa94492af34af2115e9511
SHA1: da25056c694c54ba16e78e4fc35f17fc60f0d1b4
SHA256:4130e50bfac48099c860f0d903b91860c81a249c90f38245f8fed58fc817bc26
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
guice-5.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

hamcrest-core-1.3.jar

Description:

    This is the core API of hamcrest matcher framework to be used by third-party framework providers. This includes the a foundation set of matcher implementations for common operations.
  

File Path: /home/runner/.m2/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
MD5: 6393363b47ddcbba82321110c3e07519
SHA1: 42a25dc3219429f0e5d060061f71acb49bf010a0
SHA256:66fdef91e9739348df7a096aa384a5685f4e875584cce89386a7a47251c4d8e9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
hamcrest-core-1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/junit/junit@4.13.2

Identifiers

hsqldb-2.7.3.jar

Description:

HSQLDB - Lightweight 100% Java SQL Database Engine

License:

HSQLDB License, a BSD open source license: http://hsqldb.org/web/hsqlLicense.html
File Path: /home/runner/.m2/repository/org/hsqldb/hsqldb/2.7.3/hsqldb-2.7.3.jar
MD5: 724301ab61ff54755deec86c7a724505
SHA1: 85b49338b36f3051d217295596cf92beb92e4bfb
SHA256:6f2f77eedbe75cfbe26bf30d73b13de0cc57fb7cdb27a92ed8c1a012f0e2363a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
hsqldb-2.7.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

httpclient-4.5.13.jar

Description:

   Apache HttpComponents Client
  

File Path: /home/runner/.m2/repository/org/apache/httpcomponents/httpclient/4.5.13/httpclient-4.5.13.jar
MD5: 40d6b9075fbd28fa10292a45a0db9457
SHA1: e5f6cae5ca7ecaac1ec2827a9e2d65ae2869cada
SHA256:6fe9026a566c6a5001608cf3fc32196641f6c1e5e1986d1037ccdbd5f31ef743
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
httpclient-4.5.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

httpcore-4.4.14.jar

Description:

   Apache HttpComponents Core (blocking I/O)
  

File Path: /home/runner/.m2/repository/org/apache/httpcomponents/httpcore/4.4.14/httpcore-4.4.14.jar
MD5: 2b3991eda121042765a5ee299556c200
SHA1: 9dd1a631c082d92ecd4bd8fd4cf55026c720a8c1
SHA256:f956209e450cb1d0c51776dfbd23e53e9dd8db9a1298ed62b70bf0944ba63b28
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
httpcore-4.4.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

jakarta.annotation-api-1.3.5.jar

Description:

Jakarta Annotations API

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /home/runner/.m2/repository/jakarta/annotation/jakarta.annotation-api/1.3.5/jakarta.annotation-api-1.3.5.jar
MD5: 8b165cf58df5f8c2a222f637c0a07c97
SHA1: 59eb84ee0d616332ff44aba065f3888cf002cd2d
SHA256:85fb03fc054cdf4efca8efd9b6712bbb418e1ab98241c4539c8585bbc23e1b8a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jakarta.annotation-api-1.3.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

javax.inject-1.jar

Description:

The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
javax.inject-1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

jcommander-1.69.jar

Description:

Command line parsing

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/com/beust/jcommander/1.69/jcommander-1.69.jar
MD5: 45bed2649f8429973c486579631c69c7
SHA1: bdf17915d565a7c88a2a0fe05afb5b99ecf24555
SHA256:c2534833996d60581127ddc5139bb94f27f46badc77e1356746d58d9a3dcd99e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jcommander-1.69.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

json-20230227.jar

Description:

        JSON is a light-weight, language independent, data interchange format.
        See http://www.JSON.org/

        The files in this package implement JSON encoders/decoders in Java.
        It also includes the capability to convert between JSON and XML, HTTP
        headers, Cookies, and CDL.

        This is a reference implementation. There is a large number of JSON packages
        in Java. Perhaps someday the Java community will standardize on one. Until
        then, choose carefully.
    

License:

Public Domain: https://github.com/stleary/JSON-java/blob/master/LICENSE
File Path: /home/runner/.m2/repository/org/json/json/20230227/json-20230227.jar
MD5: 6b9a69b21979b0c3cb5733db19ea51b1
SHA1: 7a0d4aca76513d8ce81f9b044ce8126b84809ad8
SHA256:9ed26791dc2d8629fdf8a207f1aebadcb50d641be637664310ef51c0f73e269b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
json-20230227.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

CVE-2023-5072  

Denial of Service  in JSON-Java versions up to and including 20230618.  A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

jul-to-slf4j-1.7.30.jar

Description:

JUL to SLF4J bridge

File Path: /home/runner/.m2/repository/org/slf4j/jul-to-slf4j/1.7.30/jul-to-slf4j-1.7.30.jar
MD5: f2c78cb93d70dc5dea0c50f36ace09c1
SHA1: d58bebff8cbf70ff52b59208586095f467656c30
SHA256:bbcbfdaa72572255c4f85207a9bfdb24358dc993e41252331bd4d0913e4988b9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jul-to-slf4j-1.7.30.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

log4j-api-2.12.1.jar

Description:

The Apache Log4j API

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-api/2.12.1/log4j-api-2.12.1.jar
MD5: 4a6f276d4fb426c8d489343c0325bb75
SHA1: a55e6d987f50a515c9260b0451b4fa217dc539cb
SHA256:429534d03bdb728879ab551d469e26f6f7ff4c8a8627f59ac68ab6ef26063515
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
log4j-api-2.12.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

CVE-2020-9488  

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
CWE-295 Improper Certificate Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: LOW (3.7)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:2.2/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

log4j-to-slf4j-2.12.1.jar

Description:

The Apache Log4j binding between Log4j 2 API and SLF4J.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-to-slf4j/2.12.1/log4j-to-slf4j-2.12.1.jar
MD5: a6fdf03c03b6f5fac5a978031a06777e
SHA1: dfb42ea8ce1a399bcf7218efe8115a0b7ab3788a
SHA256:69d4aa504294033ea0d1236aabe81ed3f6393b6eb42e61899b197a51a3df73e9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
log4j-to-slf4j-2.12.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

logback-core-1.2.3.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar
MD5: 841fc80c6edff60d947a3872a2db4d45
SHA1: 864344400c3d4d92dfeb0a305dc87d953677c03c
SHA256:5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
logback-core-1.2.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

CVE-2023-6378  

A serialization vulnerability in logback receiver component part of 
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service 
attack by sending poisoned data.

CWE-502 Deserialization of Untrusted Data

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2021-42550  

In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers.
CWE-502 Deserialization of Untrusted Data

CVSSv2:
  • Base Score: HIGH (8.5)
  • Vector: /AV:N/AC:M/Au:S/C:C/I:C/A:C
CVSSv3:
  • Base Score: MEDIUM (6.6)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:0.7/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

maven-artifact-3.9.9.jar

File Path: /home/runner/.m2/repository/org/apache/maven/maven-artifact/3.9.9/maven-artifact-3.9.9.jar
MD5: fcb27c2b8225edec3f2356973fa39e98
SHA1: a130ec431ef32e12a4424f9b074735bb58e15d2d
SHA256:30f015d1c1a393e19c18cd4f43532089c36d4ca328608ce3dda78b74d3d31515
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-artifact-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

maven-builder-support-3.9.9.jar

Description:

Support for descriptor builders (model, setting, toolchains)

File Path: /home/runner/.m2/repository/org/apache/maven/maven-builder-support/3.9.9/maven-builder-support-3.9.9.jar
MD5: 0266bb9314b63d9fde8aff0d190f48d6
SHA1: 812c13c808e42c54d3f4abdaab603e5262bf8ab8
SHA256:2ca4a967bdd12a9e85d40e012374f86e63d4a1030c199da4832e3d0a1c6770d8
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-builder-support-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-core-3.9.9.jar

Description:

Maven Core classes.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-core/3.9.9/maven-core-3.9.9.jar
MD5: eed2eb37f03ccdea7ef9dab069c0b5d8
SHA1: b58645e3f14348024b05735c171425e19d30c02e
SHA256:7fab37fc6044f20ae004376ab8414373636cf51e26ad0b1efa6b3f1cd2bec503
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-core-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

maven-model-3.9.9.jar

Description:

Model for Maven POM (Project Object Model)

File Path: /home/runner/.m2/repository/org/apache/maven/maven-model/3.9.9/maven-model-3.9.9.jar
MD5: 813d4aceaaa8e16f8a83c95a96afa22c
SHA1: 585bff8f220ddc1c08c5263b7dee26c49fc7df94
SHA256:8f59b0a16fe9c933be749a60ae0705a0cb337bb5abaf38801b40b740ff775727
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-model-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

maven-model-builder-3.9.9.jar

Description:

The effective model builder, with inheritance, profile activation, interpolation, ...

File Path: /home/runner/.m2/repository/org/apache/maven/maven-model-builder/3.9.9/maven-model-builder-3.9.9.jar
MD5: a48ea3e9ceec85a9bff88e88048148d9
SHA1: 6dcd87768eb615301aef0c2221dd168a2d36bc7b
SHA256:a4377182ac2e5adfe16be3b3c81981a5ecddab014184de72ae1e522f04a77602
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-model-builder-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-plugin-annotations-3.15.0.jar

Description:

Java annotations to use in Mojos

File Path: /home/runner/.m2/repository/org/apache/maven/plugin-tools/maven-plugin-annotations/3.15.0/maven-plugin-annotations-3.15.0.jar
MD5: 1f9ec4ed57ee3fd27f3d83b16c496079
SHA1: 979c83420a249a3504fbbba54ef68ff1e8a0049c
SHA256:8aa6b0054bf9240fb89d5def9353b5e274eacf0151fd8d2571b9e803f401660a
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-plugin-annotations-3.15.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

maven-plugin-api-3.9.9.jar

Description:

The API for plugins - Mojos - development.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-plugin-api/3.9.9/maven-plugin-api-3.9.9.jar
MD5: 0bf1ae393ffac0c034ce8f3a4b7fc406
SHA1: 7e06aef37b14f8452928e5efaa88bcf2ee8aed02
SHA256:2b491d38db45b0e8eef522e8f7889a3366e546e58b376b07fcb56e34c424e932
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-plugin-api-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

maven-reporting-api-3.1.1.jar

Description:

API to manage report generation.

File Path: /home/runner/.m2/repository/org/apache/maven/reporting/maven-reporting-api/3.1.1/maven-reporting-api-3.1.1.jar
MD5: 1e1e0b2f189c861995e33a2a746501bb
SHA1: 74ca00a13e46d065071cdf6376d7d231e0208916
SHA256:25be6603c97d28fa3dcd122073054271c8fcaf667d220dce7a26a61a6f3cffd1
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-reporting-api-3.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

maven-reporting-impl-3.2.0.jar

Description:

Abstract classes to manage report generation.

File Path: /home/runner/.m2/repository/org/apache/maven/reporting/maven-reporting-impl/3.2.0/maven-reporting-impl-3.2.0.jar
MD5: 468bb08c4330fd7647405b33edf769be
SHA1: 97ffee6a6c3f81e341f42f641651a37f077759c6
SHA256:28f42c2f49f11dcba6d14ab3e365375442a9ed78ca2ec588e3e1f43455a4a14d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-reporting-impl-3.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

maven-repository-metadata-3.9.9.jar

Description:

Per-directory local and remote repository metadata.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-repository-metadata/3.9.9/maven-repository-metadata-3.9.9.jar
MD5: d341cdcc9abac2d01546301a305f12b3
SHA1: 33a43f0af3371225d1dcaaa20a824df59c692172
SHA256:137c297e6a52d489b76663c82324d54e40f5d498a8fc015c0203fd91df8623b0
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-repository-metadata-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-resolver-api-1.9.22.jar

Description:

The application programming interface for the repository system.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-api/1.9.22/maven-resolver-api-1.9.22.jar
MD5: c59d27b3750461be99f8d38e1f503f56
SHA1: 756660687ea077b85be02b019d593ef2758e7db6
SHA256:63f5f665e44a09ef55463b3b91fda0b78ff07dd24b1060d56e79c10b6e32cbfb
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-api-1.9.22.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-resolver-impl-1.9.22.jar

Description:

An implementation of the repository system.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-impl/1.9.22/maven-resolver-impl-1.9.22.jar
MD5: 965f1348220f046c6cbde059c971685d
SHA1: 19b7a728c9000f8db615f64552d95fe74b413617
SHA256:e4dafb8acc13d736377c02d2170d869438dd74b98b860745909d238726babcbb
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-impl-1.9.22.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-resolver-named-locks-1.9.22.jar

Description:

A synchronization utility implementation using Named locks.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-named-locks/1.9.22/maven-resolver-named-locks-1.9.22.jar
MD5: 3d3855f4775bc27f9962f999ea88919b
SHA1: 121433b079aad9be7ed266b19f2122eeb0e2d111
SHA256:0685f29ec3b548d9b6917c527f13c667685a3394b955aaa5b25d0559818b7fc5
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-named-locks-1.9.22.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-resolver-provider-3.9.9.jar

Description:

Extensions to Maven Resolver for utilizing Maven POM and repository metadata.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-resolver-provider/3.9.9/maven-resolver-provider-3.9.9.jar
MD5: ea2fccfc4c499dbaa570a26da14050d9
SHA1: ea361822cd25ae6c9153c594aef805e853031224
SHA256:5dea05049c94f952f48ce2bfe0111afdf986acc591fcc11d23fe3b8dcb70291e
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-provider-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-resolver-spi-1.9.22.jar

Description:

The service provider interface for repository system implementations and repository connectors.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-spi/1.9.22/maven-resolver-spi-1.9.22.jar
MD5: 7ae784f1d4088fff396386ed6966cafc
SHA1: c3101acaa4ec053557028cf1917f1d22112b100d
SHA256:99ad721e4631d9bd0c4f9e29c869672577c66f2a674a5723ce38eff13c75cbfd
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-spi-1.9.22.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-resolver-util-1.9.22.jar

Description:

A collection of utility classes to ease usage of the repository system.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-util/1.9.22/maven-resolver-util-1.9.22.jar
MD5: 4e84c0379667d2436a99fced60a74b5d
SHA1: d5febed69ca2fe0dacffec95b6cb0760b0270fd1
SHA256:4aaea1584c39294ca926fc474723d9684473609ef4490c4eb169d6ea7daca6b5
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-util-1.9.22.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-settings-3.9.9.jar

Description:

Maven Settings model.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings/3.9.9/maven-settings-3.9.9.jar
MD5: a5eede8fe9b01b7bb3c6dad06a738365
SHA1: a82024d87a107965ae274d944c844c9186ff410d
SHA256:68edf1b510e0d759ec501271a5d05e3a6e425462fbb84126c16e8a6f89abdada
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-settings-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-settings-builder-3.9.9.jar

Description:

The effective settings builder, with inheritance and password decryption.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings-builder/3.9.9/maven-settings-builder-3.9.9.jar
MD5: 4fb4ae61642d42cba66821d8698a670a
SHA1: 71a9bee9618839ffaf7c0de3b53ac1c408b57ae0
SHA256:094640f3fdce47250cb06968a143f40c4e2f1c22be979c73caac2f49f3c38373
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-settings-builder-3.9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

maven-shared-utils-3.4.2.jar

Description:

Shared utilities for use by Maven core and plugins

File Path: /home/runner/.m2/repository/org/apache/maven/shared/maven-shared-utils/3.4.2/maven-shared-utils-3.4.2.jar
MD5: 53a038f77a81cb5816ad2b1c7daa8711
SHA1: bfa28296272a5915b08de9f11f34a94b0a818fd0
SHA256:b613357e1bad4dfc1dead801691c9460f9585fe7c6b466bc25186212d7d18487
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-shared-utils-3.4.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

mssql-jdbc-12.8.1.jre11.jar

Description:

		Microsoft JDBC Driver for SQL Server.
	

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/com/microsoft/sqlserver/mssql-jdbc/12.8.1.jre11/mssql-jdbc-12.8.1.jre11.jar
MD5: 7708ca290ebb81546eda0b1c55477081
SHA1: 1f641274a8cc1ff71d05eb6d5c9f8e8a6d217c54
SHA256:e6933c0711e598a224060e52ed31392f720a4a7664e85d8ae37c52a85b67ebb0
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
mssql-jdbc-12.8.1.jre11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

mysql-connector-j-9.0.0.jar

Description:

JDBC Type 4 driver for MySQL.

License:

The GNU General Public License, v2 with Universal FOSS Exception, v1.0
File Path: /home/runner/.m2/repository/com/mysql/mysql-connector-j/9.0.0/mysql-connector-j-9.0.0.jar
MD5: 6499a1e1d41a037ad8e155c7960cb361
SHA1: 6fc50f53a8e364ad82886588a4b55d1f7460e6a5
SHA256:a221c4106b7fe68a45912cdbf8351f1b43ad3c53a43c3bc966181cc14f86fa30
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
mysql-connector-j-9.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

nashorn-core-15.4.jar

Description:

Nashorn is an Open Source JavaScript (ECMAScript 5.1 and some 6 features) engine for the JVM.

License:

GPL v2 with the Classpath exception: https://github.com/openjdk/nashorn/blob/main/LICENSE
File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar
MD5: a9b3360e6a486cf62c1952c7816b7d97
SHA1: f67f5ffaa5f5130cf6fb9b133da00c7df3b532a5
SHA256:6f816e84dfd63a81d4eaa7829c08337bbaff3ec683ff3bf6bbd90d017a00dc6f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
nashorn-core-15.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@6.2.4

Identifiers

nashorn-core-15.4.jar: base.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/base.js
MD5: 93c3e1b9f9491fb5b5df96a41441162c
SHA1: 6f2cfb7815fd7028792731ee5cd13651036e60bd
SHA256:824c73ce701b9820cc1b799e9af043f3663a72114be2a560ce1933ae1e4e496a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: bootstrap.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/bootstrap.js
MD5: 948cb0239b8abc93e84e813e2da8d6dc
SHA1: 79559bab4c6ae8b0ab573e37b82b50013f647956
SHA256:9ec201c6fcff2c9a2a536f80f8ea14f604092768011b5c4f59ec7b313cf359c4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: controls.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/controls.js
MD5: 4f9093fd24e64162c92385e1def8747f
SHA1: 016d3d27e7f9e8a6054d6248e1c2cfe72b062efd
SHA256:a065a17b974ffc3ac4c98a5177c21d39ccd70fa50eb9a4d10ed96074904285c8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: fxml.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/fxml.js
MD5: 262095de4844ffde10c018ef296107ee
SHA1: 5d41efdc93dac1dcecd4d6f3625f43a36af961bf
SHA256:0e411601888672288fdfa6c0018710c2156a2efef619cfd11719cdb0d63a2dfb
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: graphics.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/graphics.js
MD5: 471022fc763c3ec65292a7f1689c58ff
SHA1: 014c1893d89dc76adbca7a30992b1c8db36c4db5
SHA256:8c12199afd230a5d936f7390a290bf899d536a731cc2b240478ecb077c3dd292
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: media.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/media.js
MD5: 6eb77f5d138fab0f13d3601b0e68c2e1
SHA1: 385eb91d9f5d96d0575facda44c9cf1064c70a21
SHA256:e096e61fa52ef7109adae7011f5c7d004ca87aeeb43647af982e45dac77c2b0f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: mozilla_compat.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/mozilla_compat.js
MD5: dcd9c8927badf397f82274077a7a9b82
SHA1: f953a1b5e422f41c66bbf32f314f8de4e8de1995
SHA256:f52167e7cec0601b53af50e3e3d9359057c37356cb3fd6fbfe0ba451bd70ff04
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: parser.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/parser.js
MD5: b1c71079ce0792c735ce93bb05f77f04
SHA1: 1436e8c38788e10b774eb97bddb186f417a2352f
SHA256:bb1b0b23cd2f74fdaf9cb508cc0dfd9b37529c72086e4279cb27dad664e4a261
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: swing.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/swing.js
MD5: d92f35751bc4d6f50e6817884e7bd10e
SHA1: ebb47348ccaddb3f4dac31d91b839ce9bbc03d50
SHA256:7f1334e91b0d15bbcfcbd87b19ebf83f254065477f61e1a353ef1eaf9aaffe38
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: web.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/web.js
MD5: c46659f1ba056770e2627807fc5f06d9
SHA1: c733b0eed6f6a37639039a77c496f9e4c2323cd4
SHA256:af7127f5a5af79f7c641a80b1dfa4de3bc6500c0a50258131379c7ec54b85484
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

ojdbc11-23.5.0.24.07.jar

Description:

 Oracle JDBC Driver compatible with JDK11, JDK17, JDK19, and JDK21

License:

Oracle Free Use Terms and Conditions (FUTC): https://www.oracle.com/downloads/licenses/oracle-free-license.html
File Path: /home/runner/.m2/repository/com/oracle/database/jdbc/ojdbc11/23.5.0.24.07/ojdbc11-23.5.0.24.07.jar
MD5: 25bb25e0f730e2ec02405e1f12b0b3c9
SHA1: 6e07003d57be5e280ef0492209e20fa27edec5b6
SHA256:2cc69b821da842c5f5be8877444631cf9fa89561f1f6f5ad7bf1293eb669fc27
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
ojdbc11-23.5.0.24.07.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.3.1-SNAPSHOT

Identifiers

org.eclipse.sisu.inject-0.9.0.M3.jar

Description:

JSR330-based container; supports classpath scanning, auto-binding, and dynamic auto-wiring

License:

"Eclipse Public License, Version 2.0";link="https://www.eclipse.org/legal/epl-v20.html"
File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.inject/0.9.0.M3/org.eclipse.sisu.inject-0.9.0.M3.jar
MD5: 643a13084e0ac59cdda06319e1b348ea
SHA1: 3665002ba4d16dfa779ef658a63d0608c4bd898b
SHA256:15335c4dcf082f599fb8eddcfb58d6a7e9a9c97de2883c257089a479b9b24522
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
org.eclipse.sisu.inject-0.9.0.M3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

org.eclipse.sisu.plexus-0.9.0.M3.jar

Description:

Plexus-JSR330 adapter; adds Plexus support to the Sisu-Inject container

License:

"Eclipse Public License, Version 2.0";link="https://www.eclipse.org/legal/epl-v20.html"
File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.plexus/0.9.0.M3/org.eclipse.sisu.plexus-0.9.0.M3.jar
MD5: 964e7bc9837b270566f18b87af65f5d7
SHA1: b493c7abcc6e04fa0a6a20d489a3db0395c76f70
SHA256:c99674d3773e26154885661711f0b6d63aa5008f5cc99227a236756d4ad9de5e
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
org.eclipse.sisu.plexus-0.9.0.M3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

oro-2.0.8.jar

File Path: /home/runner/.m2/repository/oro/oro/2.0.8/oro-2.0.8.jar
MD5: 42e940d5d2d822f4dc04c65053e630ab
SHA1: 5592374f834645c4ae250f4c9fbb314c9369d698
SHA256:e00ccdad5df7eb43fdee44232ef64602bf63807c2d133a7be83ba09fd49af26e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
oro-2.0.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

plexus-cipher-2.0.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-cipher/2.0/plexus-cipher-2.0.jar
MD5: 55d612839faf248cbe3e273969c002c2
SHA1: 425ea8e534716b4bff1ea90f39bd76be951d651b
SHA256:9a7f1b5c5a9effd61eadfd8731452a2f76a8e79111fac391ef75ea801bea203a
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
plexus-cipher-2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

CVE-2022-4244  

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2022-4245  

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

plexus-classworlds-2.8.0.jar

Description:

A class loader framework

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-classworlds/2.8.0/plexus-classworlds-2.8.0.jar
MD5: 92089dee35db6423c2128559238430cb
SHA1: 5d0d8c71b61b38ce127a46702a453f9aa09a4ee2
SHA256:081b40e0eab033cd5ac72d2501bfff4f5fd2a3eef827051111730ea152681c72
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-classworlds-2.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

CVE-2022-4244  

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2022-4245  

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

plexus-container-default-2.1.0.jar

Description:

    The Plexus IoC container API and its default implementation.
  

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-container-default/2.1.0/plexus-container-default-2.1.0.jar
MD5: 38bb4378dcf8868a6ef203b0f4a2ddae
SHA1: c189df3d30aa7707c36aa2746fae55ebe11d711e
SHA256:6dceb1246b188153bdcb6f962d543d51ddb672cca07cad94a78fbabc9edf0a39
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-container-default-2.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

CVE-2022-4244  

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2022-4245  

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

plexus-i18n-1.0-beta-10.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-i18n/1.0-beta-10/plexus-i18n-1.0-beta-10.jar
MD5: 7f36c0459c853750c627f682ec7bcf52
SHA1: 27506f59e54cc80b8c28b977c2bcd0478094e0cc
SHA256:b87f25b512ffafcafbf4a05ab943812e9c6915291370c6b46016eb3836886c41
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-i18n-1.0-beta-10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@3.2.0

Identifiers

CVE-2022-4244  

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2022-4245  

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

plexus-interpolation-1.27.jar

Description:

The Plexus project provides a full software stack for creating and executing software projects.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.27/plexus-interpolation-1.27.jar
MD5: c2edbe0dbc934692794aaeac6006055a
SHA1: 8dc73f4ff5eafcbb7ec035ba54736e828b272533
SHA256:3fb4fb6143fdf964024c3cb738551524b9ea84e5c211cd660c559ad0703e5230
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-interpolation-1.27.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

CVE-2022-4244  

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2022-4245  

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

plexus-sec-dispatcher-2.0.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-sec-dispatcher/2.0/plexus-sec-dispatcher-2.0.jar
MD5: e68635a721630177ac70173e441336b6
SHA1: f89c5080614ffd0764e49861895dbedde1b47237
SHA256:873139960c4c780176dda580b003a2c4bf82188bdce5bb99234e224ef7acfceb
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
plexus-sec-dispatcher-2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.9

Identifiers

CVE-2022-4244  

A flaw was found in codeplex-codehaus. A directory traversal attack (also known as path traversal) aims to access files and directories stored outside the intended folder. By manipulating files with "dot-dot-slash (../)" sequences and their variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system, including application source code, configuration, and other critical system files.
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2022-4245  

A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment fails to sanitize comments for a --> sequence. This issue means that text contained in the command string could be interpreted as XML and allow for XML injection.
CWE-611 Improper Restriction of XML External Entity Reference, CWE-91 XML Injection (aka Blind XPath Injection)

CVSSv3:
  • Base Score: MEDIUM (4.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)