Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

Project: SchemaSpy Maven Plugin

nl.geodienstencentrum.maven:schemaspy-maven-plugin:5.4.0-SNAPSHOT

Scan Information (show all):

Summary

Summary of Vulnerable Dependencies (click to show all)

Dependency Vulnerability IDs Package Highest Severity CVE Count Confidence Evidence Count
aircompressor-0.27.jar pkg:maven/io.airlift/aircompressor@0.27   0 29
aopalliance-1.0.jar pkg:maven/aopalliance/aopalliance@1.0   0 20
asciidoctorj-2.5.10.jar cpe:2.3:a:asciidoctor:asciidoctor:2.5.10:*:*:*:*:*:*:*
cpe:2.3:a:jruby:jruby:2.5.10:*:*:*:*:*:*:* 		pkg:maven/org.asciidoctor/asciidoctorj@2.5.10   0 Highest 50
asciidoctorj-2.5.10.jar: concurrent_ruby.jar   0 7
asciidoctorj-2.5.10.jar: jruby_cache_backend.jar   0 8
asciidoctorj-api-2.5.10.jar cpe:2.3:a:asciidoctor:asciidoctor:2.5.10:*:*:*:*:*:*:* pkg:maven/org.asciidoctor/asciidoctorj-api@2.5.10   0 Highest 48
asm-9.9.jar pkg:maven/org.ow2.asm/asm@9.9   0 54
asm-analysis-7.3.1.jar pkg:maven/org.ow2.asm/asm-analysis@7.3.1   0 60
asm-commons-7.3.1.jar pkg:maven/org.ow2.asm/asm-commons@7.3.1   0 58
asm-tree-7.3.1.jar pkg:maven/org.ow2.asm/asm-tree@7.3.1   0 58
asm-util-7.3.1.jar pkg:maven/org.ow2.asm/asm-util@7.3.1   0 58
autolink-0.6.0.jar pkg:maven/org.nibor.autolink/autolink@0.6.0   0 24
backport9-1.12.jar pkg:maven/com.headius/backport9@1.12   0 22
checker-qual-3.52.0.jar pkg:maven/org.checkerframework/checker-qual@3.52.0   0 44
commons-beanutils-1.11.0.jar cpe:2.3:a:apache:commons_beanutils:1.11.0:*:*:*:*:*:*:* pkg:maven/commons-beanutils/commons-beanutils@1.11.0   0 Highest 170
commons-codec-1.19.0.jar pkg:maven/commons-codec/commons-codec@1.19.0   0 121
commons-collections-3.2.2.jar cpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:* pkg:maven/commons-collections/commons-collections@3.2.2   0 Highest 84
commons-compress-1.28.0.jar cpe:2.3:a:apache:commons_compress:1.28.0:*:*:*:*:*:*:* pkg:maven/org.apache.commons/commons-compress@1.28.0   0 Highest 108
commons-digester3-3.2.jar pkg:maven/org.apache.commons/commons-digester3@3.2   0 105
commons-lang3-3.20.0.jar cpe:2.3:a:apache:commons_lang:3.20.0:*:*:*:*:*:*:* pkg:maven/org.apache.commons/commons-lang3@3.20.0   0 Highest 145
commons-logging-1.3.5.jar pkg:maven/commons-logging/commons-logging@1.3.5   0 129
commons-text-1.12.0.jar cpe:2.3:a:apache:commons_text:1.12.0:*:*:*:*:*:*:* pkg:maven/org.apache.commons/commons-text@1.12.0   0 Highest 73
compiler-0.9.10.jar pkg:maven/com.github.spullara.mustache.java/compiler@0.9.10   0 27
derby-10.16.1.1.jar cpe:2.3:a:apache:derby:10.16.1.1:*:*:*:*:*:*:* pkg:maven/org.apache.derby/derby@10.16.1.1 CRITICAL 1 Highest 28
derbyshared-10.16.1.1.jar cpe:2.3:a:apache:derby:10.16.1.1:*:*:*:*:*:*:* pkg:maven/org.apache.derby/derbyshared@10.16.1.1 CRITICAL 1 Highest 27
derbytools-10.16.1.1.jar cpe:2.3:a:apache:derby:10.16.1.1:*:*:*:*:*:*:* pkg:maven/org.apache.derby/derbytools@10.16.1.1 CRITICAL 1 Highest 33
dirgra-0.3.jar pkg:maven/org.jruby/dirgra@0.3   0 24
doxia-core-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-core@2.0.0   0 26
doxia-integration-tools-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-integration-tools@2.0.0   0 28
doxia-module-apt-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-module-apt@2.0.0   0 28
doxia-module-xdoc-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-module-xdoc@2.0.0   0 28
doxia-module-xhtml5-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-module-xhtml5@2.0.0   0 28
doxia-sink-api-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-sink-api@2.0.0   0 28
doxia-site-model-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-site-model@2.0.0   0 28
doxia-site-renderer-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-site-renderer@2.0.0   0 26
doxia-skin-model-2.0.0.jar pkg:maven/org.apache.maven.doxia/doxia-skin-model@2.0.0   0 26
failureaccess-1.0.3.jar pkg:maven/com.google.guava/failureaccess@1.0.3   0 32
flexmark-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark@0.34.32   0 22
flexmark-ext-abbreviation-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-abbreviation@0.34.32   0 27
flexmark-ext-aside-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-aside@0.34.32   0 27
flexmark-ext-autolink-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-autolink@0.34.32   0 27
flexmark-ext-definition-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-definition@0.34.32   0 27
flexmark-ext-emoji-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-emoji@0.34.32   0 27
flexmark-ext-escaped-character-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-escaped-character@0.34.32   0 27
flexmark-ext-footnotes-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-footnotes@0.34.32   0 27
flexmark-ext-gfm-strikethrough-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-gfm-strikethrough@0.34.32   0 27
flexmark-ext-gfm-tasklist-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-gfm-tasklist@0.34.32   0 27
flexmark-ext-ins-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-ins@0.34.32   0 27
flexmark-ext-jekyll-front-matter-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-jekyll-front-matter@0.34.32   0 27
flexmark-ext-superscript-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-superscript@0.34.32   0 25
flexmark-ext-tables-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-tables@0.34.32   0 27
flexmark-ext-toc-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-toc@0.34.32   0 27
flexmark-ext-typographic-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-typographic@0.34.32   0 27
flexmark-ext-wikilink-0.34.32.jar cpe:2.3:a:links:links:0.34.32:*:*:*:*:*:*:* pkg:maven/com.vladsch.flexmark/flexmark-ext-wikilink@0.34.32   0 Low 27
flexmark-ext-yaml-front-matter-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-ext-yaml-front-matter@0.34.32   0 27
flexmark-formatter-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-formatter@0.34.32   0 25
flexmark-jira-converter-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-jira-converter@0.34.32   0 27
flexmark-profile-pegdown-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-profile-pegdown@0.34.32   0 25
flexmark-util-0.34.32.jar pkg:maven/com.vladsch.flexmark/flexmark-util@0.34.32   0 24
guava-33.5.0-jre.jar cpe:2.3:a:google:guava:33.5.0:*:*:*:*:*:*:* pkg:maven/com.google.guava/guava@33.5.0-jre   0 Highest 25
guice-5.1.0-classes.jar pkg:maven/com.google.inject/guice@5.1.0   0 32
hamcrest-2.2.jar pkg:maven/org.hamcrest/hamcrest@2.2   0 40
hamcrest-core-2.2.jar pkg:maven/org.hamcrest/hamcrest-core@2.2   0 36
hsqldb-2.7.4.jar cpe:2.3:a:hsqldb:hypersql_database:2.7.4:*:*:*:*:*:*:* pkg:maven/org.hsqldb/hsqldb@2.7.4   0 Low 45
invokebinder-1.12.jar pkg:maven/com.headius/invokebinder@1.12   0 28
jansi-2.4.0.jar pkg:maven/org.fusesource.jansi/jansi@2.4.0   0 48
jansi-2.4.0.jar: jansi.dll   0 2
jansi-2.4.0.jar: jansi.dll   0 2
javax.inject-1.jar pkg:maven/javax.inject/javax.inject@1   0 20
jcl-over-slf4j-2.0.7.jar pkg:maven/org.slf4j/jcl-over-slf4j@2.0.7   0 29
jcodings-1.0.58.jar pkg:maven/org.jruby.jcodings/jcodings@1.0.58   0 30
jcommander-1.69.jar pkg:maven/com.beust/jcommander@1.69   0 24
jffi-1.3.10-native.jar pkg:maven/com.github.jnr/jffi@1.3.10   0 12
jffi-1.3.10-native.jar: jffi-1.2.dll   0 4
jffi-1.3.10-native.jar: jffi-1.2.dll   0 4
jffi-1.3.10.jar pkg:maven/com.github.jnr/jffi@1.3.10   0 29
jitescript-0.4.1.jar pkg:maven/me.qmx.jitescript/jitescript@0.4.1   0 30
jnr-a64asm-1.0.0.jar pkg:maven/com.github.jnr/jnr-a64asm@1.0.0   0 24
jnr-constants-0.10.4.jar pkg:maven/com.github.jnr/jnr-constants@0.10.4   0 39
jnr-enxio-0.32.14.jar pkg:maven/com.github.jnr/jnr-enxio@0.32.14   0 31
jnr-ffi-2.2.13.jar pkg:maven/com.github.jnr/jnr-ffi@2.2.13   0 37
jnr-netdb-1.2.0.jar pkg:maven/com.github.jnr/jnr-netdb@1.2.0   0 25
jnr-posix-3.1.16.jar pkg:maven/com.github.jnr/jnr-posix@3.1.16   0 42
jnr-unixsocket-0.38.19.jar pkg:maven/com.github.jnr/jnr-unixsocket@0.38.19   0 35
jnr-x86asm-1.0.2.jar pkg:maven/com.github.jnr/jnr-x86asm@1.0.2   0 28
joda-time-2.10.10.jar pkg:maven/joda-time/joda-time@2.10.10   0 47
joni-2.1.48.jar pkg:maven/org.jruby.joni/joni@2.1.48   0 20
jruby-9.4.2.0.jar cpe:2.3:a:jruby:jruby:9.4.2.0:*:*:*:*:*:*:* pkg:maven/org.jruby/jruby@9.4.2.0 MEDIUM 1 Highest 15
jruby-stdlib-9.4.2.0.jar: bcpkix-jdk18on-1.71.jar   0 39
jruby-stdlib-9.4.2.0.jar: bcprov-jdk18on-1.71.jar cpe:2.3:a:bouncycastle:bouncy-castle-crypto-package:1.71:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_crypto_package:1.71:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:bouncy_castle_for_java:1.71:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle:1.71:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:legion-of-the-bouncy-castle-java-crytography-api:1.71:*:*:*:*:*:*:*
cpe:2.3:a:bouncycastle:the_bouncy_castle_crypto_package_for_java:1.71:*:*:*:*:*:*:* 		MEDIUM 1 Highest 41
jruby-stdlib-9.4.2.0.jar: bctls-jdk18on-1.71.jar   0 43
jruby-stdlib-9.4.2.0.jar: bcutil-jdk18on-1.71.jar   0 39
jruby-stdlib-9.4.2.0.jar: cparse-jruby.jar   0 5
jruby-stdlib-9.4.2.0.jar: darkfish.js   0 0
jruby-stdlib-9.4.2.0.jar: digest.jar   0 7
jruby-stdlib-9.4.2.0.jar: escape.jar   0 8
jruby-stdlib-9.4.2.0.jar: generator.jar   0 5
jruby-stdlib-9.4.2.0.jar: jline-2.14.6.jar cpe:2.3:a:jline:jline:2.14.6:*:*:*:*:*:*:* pkg:maven/jline/jline@2.14.6 MEDIUM 1 Highest 34
jruby-stdlib-9.4.2.0.jar: jline-2.14.6.jar: jansi.dll   0 2
jruby-stdlib-9.4.2.0.jar: jline-2.14.6.jar: jansi.dll   0 2
jruby-stdlib-9.4.2.0.jar: jopenssl.jar (shaded: rubygems:jruby-openssl:0.14.0) pkg:maven/rubygems/jruby-openssl@0.14.0   0 17
jruby-stdlib-9.4.2.0.jar: jopenssl.jar   0 7
jruby-stdlib-9.4.2.0.jar: jruby.dll   0 2
jruby-stdlib-9.4.2.0.jar: jruby.exe   0 2
jruby-stdlib-9.4.2.0.jar: jrubyw.exe   0 2
jruby-stdlib-9.4.2.0.jar: navigation.js   0 0
jruby-stdlib-9.4.2.0.jar: parser.jar   0 5
jruby-stdlib-9.4.2.0.jar: psych.jar   0 7
jruby-stdlib-9.4.2.0.jar: readline.jar (shaded: rubygems:jruby-readline:1.3.7) pkg:maven/rubygems/jruby-readline@1.3.7   0 13
jruby-stdlib-9.4.2.0.jar: readline.jar   0 7
jruby-stdlib-9.4.2.0.jar: search.js   0 0
jruby-stdlib-9.4.2.0.jar: searcher.js   0 0
jruby-stdlib-9.4.2.0.jar: snakeyaml-engine-2.6.jar cpe:2.3:a:snakeyaml_project:snakeyaml:2.6:*:*:*:*:*:*:* pkg:maven/org.snakeyaml/snakeyaml-engine@2.6   0 Highest 41
jruby-stdlib-9.4.2.0.jar: stringio.jar   0 7
jruby-stdlib-9.4.2.0.jar: strscan.jar   0 7
jruby-stdlib-9.4.2.0.jar: wait.jar   0 8
json-20231013.jar pkg:maven/org.json/json@20231013   0 32
json-simple-3.0.2.jar pkg:maven/com.github.cliftonlabs/json-simple@3.0.2   0 33
jspecify-1.0.0.jar pkg:maven/org.jspecify/jspecify@1.0.0   0 32
jul-to-slf4j-2.0.7.jar pkg:maven/org.slf4j/jul-to-slf4j@2.0.7   0 35
jzlib-1.1.3.jar cpe:2.3:a:jcraft:jzlib:1.1.3:*:*:*:*:*:*:* pkg:maven/com.jcraft/jzlib@1.1.3   0 Highest 34
log4j-over-slf4j-2.0.7.jar pkg:maven/org.slf4j/log4j-over-slf4j@2.0.7   0 31
logback-core-1.4.12.jar cpe:2.3:a:qos:logback:1.4.12:*:*:*:*:*:*:* pkg:maven/ch.qos.logback/logback-core@1.4.12   0 Highest 36
maven-archiver-3.6.6.jar pkg:maven/org.apache.maven/maven-archiver@3.6.6   0 29
maven-artifact-3.9.12.jar pkg:maven/org.apache.maven/maven-artifact@3.9.12   0 26
maven-builder-support-3.9.12.jar pkg:maven/org.apache.maven/maven-builder-support@3.9.12   0 24
maven-core-3.9.12.jar cpe:2.3:a:apache:maven:3.9.12:*:*:*:*:*:*:* pkg:maven/org.apache.maven/maven-core@3.9.12   0 Highest 24
maven-model-3.9.12.jar pkg:maven/org.apache.maven/maven-model@3.9.12   0 26
maven-model-builder-3.9.12.jar pkg:maven/org.apache.maven/maven-model-builder@3.9.12   0 32
maven-plugin-annotations-3.15.2.jar pkg:maven/org.apache.maven.plugin-tools/maven-plugin-annotations@3.15.2   0 26
maven-plugin-api-3.9.12.jar pkg:maven/org.apache.maven/maven-plugin-api@3.9.12   0 26
maven-reporting-api-4.0.0.jar pkg:maven/org.apache.maven.reporting/maven-reporting-api@4.0.0   0 29
maven-reporting-impl-4.0.0.jar pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0   0 29
maven-repository-metadata-3.9.12.jar pkg:maven/org.apache.maven/maven-repository-metadata@3.9.12   0 26
maven-resolver-api-1.9.25.jar pkg:maven/org.apache.maven.resolver/maven-resolver-api@1.9.25   0 34
maven-resolver-impl-1.9.25.jar pkg:maven/org.apache.maven.resolver/maven-resolver-impl@1.9.25   0 32
maven-resolver-named-locks-1.9.25.jar pkg:maven/org.apache.maven.resolver/maven-resolver-named-locks@1.9.25   0 33
maven-resolver-provider-3.9.12.jar pkg:maven/org.apache.maven/maven-resolver-provider@3.9.12   0 26
maven-resolver-spi-1.9.25.jar pkg:maven/org.apache.maven.resolver/maven-resolver-spi@1.9.25   0 32
maven-resolver-util-1.9.25.jar pkg:maven/org.apache.maven.resolver/maven-resolver-util@1.9.25   0 36
maven-settings-3.9.12.jar pkg:maven/org.apache.maven/maven-settings@3.9.12   0 26
maven-settings-builder-3.9.12.jar pkg:maven/org.apache.maven/maven-settings-builder@3.9.12   0 26
maven-shared-utils-3.4.2.jar cpe:2.3:a:apache:maven_shared_utils:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:utils_project:utils:3.4.2:*:*:*:*:*:*:* 		pkg:maven/org.apache.maven.shared/maven-shared-utils@3.4.2   0 Highest 29
mssql-jdbc-13.2.1.jre11.jar cpe:2.3:a:microsoft:jdbc_driver_for_sql_server:13.2.1.jre11:*:*:*:*:*:*:*
cpe:2.3:a:www-sql_project:www-sql:13.2.1.jre11:*:*:*:*:*:*:* 		pkg:maven/com.microsoft.sqlserver/mssql-jdbc@13.2.1
pkg:maven/com.microsoft.sqlserver/mssql-jdbc@13.2.1.jre11 		  0 Highest 36
mysql-connector-j-9.6.0.jar cpe:2.3:a:oracle:mysql_connector\/j:9.6.0:*:*:*:*:*:*:* pkg:maven/com.mysql/mysql-connector-j@9.6.0   0 Highest 52
nashorn-core-15.4.jar pkg:maven/org.openjdk.nashorn/nashorn-core@15.4   0 23
nashorn-core-15.4.jar: base.js   0 0
nashorn-core-15.4.jar: bootstrap.js   0 0
nashorn-core-15.4.jar: controls.js   0 0
nashorn-core-15.4.jar: fxml.js   0 0
nashorn-core-15.4.jar: graphics.js   0 0
nashorn-core-15.4.jar: media.js   0 0
nashorn-core-15.4.jar: mozilla_compat.js   0 0
nashorn-core-15.4.jar: parser.js   0 0
nashorn-core-15.4.jar: swing.js   0 0
nashorn-core-15.4.jar: web.js   0 0
ojdbc11-23.26.0.0.0.jar cpe:2.3:a:oracle:jdbc:23.26.0.0.0:*:*:*:*:*:*:* pkg:maven/com.oracle.database.jdbc/ojdbc11@23.26.0.0.0   0 Highest 33
options-1.6.jar pkg:maven/com.headius/options@1.6   0 26
org.eclipse.sisu.inject-0.9.0.M4.jar pkg:maven/org.eclipse.sisu/org.eclipse.sisu.inject@0.9.0.M4   0 36
org.eclipse.sisu.plexus-0.9.0.M4.jar pkg:maven/org.eclipse.sisu/org.eclipse.sisu.plexus@0.9.0.M4   0 31
plexus-archiver-4.10.4.jar cpe:2.3:a:codehaus-plexus:plexus-archiver:4.10.4:*:*:*:*:*:*:* pkg:maven/org.codehaus.plexus/plexus-archiver@4.10.4   0 Highest 29
plexus-cipher-2.0.jar pkg:maven/org.codehaus.plexus/plexus-cipher@2.0   0 20
plexus-classworlds-2.9.0.jar pkg:maven/org.codehaus.plexus/plexus-classworlds@2.9.0   0 35
plexus-component-annotations-2.2.0.jar pkg:maven/org.codehaus.plexus/plexus-component-annotations@2.2.0   0 23
plexus-i18n-1.0-beta-10.jar pkg:maven/org.codehaus.plexus/plexus-i18n@1.0-beta-10   0 24
plexus-interpolation-1.29.jar pkg:maven/org.codehaus.plexus/plexus-interpolation@1.29   0 34
plexus-io-3.6.0.jar pkg:maven/org.codehaus.plexus/plexus-io@3.6.0   0 29
plexus-sec-dispatcher-2.0.jar cpe:2.3:a:sec_project:sec:2.0:*:*:*:*:*:*:* pkg:maven/org.codehaus.plexus/plexus-sec-dispatcher@2.0   0 Highest 20
plexus-utils-3.6.0.jar cpe:2.3:a:codehaus-plexus:plexus-utils:3.6.0:*:*:*:*:*:*:*
cpe:2.3:a:utils_project:utils:3.6.0:*:*:*:*:*:*:* 		pkg:maven/org.codehaus.plexus/plexus-utils@3.6.0   0 Highest 33
plexus-velocity-2.2.0.jar pkg:maven/org.codehaus.plexus/plexus-velocity@2.2.0   0 27
plexus-xml-3.0.2.jar pkg:maven/org.codehaus.plexus/plexus-xml@3.0.2   0 29
postgresql-42.7.9.jar cpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.9:*:*:*:*:*:*:* pkg:maven/org.postgresql/postgresql@42.7.9   0 Low 72
protobuf-java-4.31.1.jar cpe:2.3:a:google:protobuf-java:4.31.1:*:*:*:*:*:*:* pkg:maven/com.google.protobuf/protobuf-java@4.31.1   0 Highest 25
schemaspy-7.0.2.jar cpe:2.3:a:ada:ada:7.0.2:*:*:*:*:*:*:* pkg:maven/org.schemaspy/schemaspy@7.0.2 MEDIUM 1 Low 44
schemaspy-7.0.2.jar: anchor.min.js   0 0
schemaspy-7.0.2.jar: anomalies.js   0 0
schemaspy-7.0.2.jar: app.js   0 0
schemaspy-7.0.2.jar: app.min.js   0 0
schemaspy-7.0.2.jar: bootstrap.js pkg:javascript/bootstrap@3.3.7 MEDIUM 9 3
schemaspy-7.0.2.jar: bootstrap.min.js pkg:javascript/bootstrap@3.3.7 MEDIUM 9 3
schemaspy-7.0.2.jar: buttons.bootstrap.js   0 0
schemaspy-7.0.2.jar: buttons.bootstrap.min.js   0 0
schemaspy-7.0.2.jar: buttons.colVis.js   0 0
schemaspy-7.0.2.jar: buttons.colVis.min.js   0 0
schemaspy-7.0.2.jar: buttons.flash.js   0 0
schemaspy-7.0.2.jar: buttons.flash.min.js   0 0
schemaspy-7.0.2.jar: buttons.html5.js   0 0
schemaspy-7.0.2.jar: buttons.html5.min.js   0 0
schemaspy-7.0.2.jar: buttons.print.js   0 0
schemaspy-7.0.2.jar: buttons.print.min.js   0 0
schemaspy-7.0.2.jar: codemirror.js   0 0
schemaspy-7.0.2.jar: column.js   0 0
schemaspy-7.0.2.jar: constraint.js   0 0
schemaspy-7.0.2.jar: dashboard.js   0 0
schemaspy-7.0.2.jar: dashboard2.js   0 0
schemaspy-7.0.2.jar: dataTables.bootstrap.js   0 0
schemaspy-7.0.2.jar: dataTables.bootstrap.min.js   0 0
schemaspy-7.0.2.jar: dataTables.buttons.js   0 0
schemaspy-7.0.2.jar: dataTables.buttons.min.js   0 0
schemaspy-7.0.2.jar: demo.js   0 0
schemaspy-7.0.2.jar: fastclick.js   0 0
schemaspy-7.0.2.jar: fastclick.min.js   0 0
schemaspy-7.0.2.jar: html5shiv.min.js   0 0
schemaspy-7.0.2.jar: jquery-2.2.3.min.js pkg:javascript/jquery@2.2.3.min MEDIUM* 6 3
schemaspy-7.0.2.jar: jquery-ui.js pkg:javascript/jquery-ui-dialog@1.11.4
pkg:javascript/jquery-ui@1.11.4 		MEDIUM 5 5
schemaspy-7.0.2.jar: jquery-ui.min.js pkg:javascript/jquery-ui-dialog@1.11.4
pkg:javascript/jquery-ui@1.11.4 		MEDIUM 5 5
schemaspy-7.0.2.jar: jquery.dataTables.min.js pkg:javascript/jquery.datatables@1.10.15 HIGH 4 3
schemaspy-7.0.2.jar: jquery.js pkg:javascript/jquery@3.2.1 MEDIUM* 3 3
schemaspy-7.0.2.jar: jquery.slimscroll.js   0 0
schemaspy-7.0.2.jar: jquery.slimscroll.min.js   0 0
schemaspy-7.0.2.jar: main.js   0 0
schemaspy-7.0.2.jar: npm.js   0 0
schemaspy-7.0.2.jar: pdfmake.min.js   0 0
schemaspy-7.0.2.jar: relationships.js   0 0
schemaspy-7.0.2.jar: respond.min.js   0 0
schemaspy-7.0.2.jar: routine.js   0 0
schemaspy-7.0.2.jar: routines.js   0 0
schemaspy-7.0.2.jar: salvattore.min.js   0 0
schemaspy-7.0.2.jar: schemaSpy.js   0 0
schemaspy-7.0.2.jar: sql.js   0 0
schemaspy-7.0.2.jar: table.js   0 0
schemaspy-7.0.2.jar: vfs_fonts.js   0 0
schemaspy-7.0.2.jar: viz.js   0 0
schemaspy-7.0.2.jar: xlsx.full.min.js   0 0
slf4j-api-1.7.36.jar pkg:maven/org.slf4j/slf4j-api@1.7.36   0 29
velocity-engine-core-2.4.jar cpe:2.3:a:apache:velocity_engine:2.4:*:*:*:*:*:*:* pkg:maven/org.apache.velocity/velocity-engine-core@2.4   0 Highest 30
velocity-tools-generic-3.1.jar cpe:2.3:a:apache:velocity_tools:3.1:*:*:*:*:*:*:* pkg:maven/org.apache.velocity.tools/velocity-tools-generic@3.1   0 Highest 28
xz-1.10.jar pkg:maven/org.tukaani/xz@1.10   0 39
zstd-jni-1.5.7-6.jar pkg:maven/com.github.luben/zstd-jni@1.5.7-6   0 41
zstd-jni-1.5.7-6.jar: libzstd-jni-1.5.7-6.dll   0 4
zstd-jni-1.5.7-6.jar: libzstd-jni-1.5.7-6.dll   0 4
zstd-jni-1.5.7-6.jar: libzstd-jni-1.5.7-6.dll   0 4

* indicates the dependency has a known exploited vulnerability

Dependencies (vulnerable)

aircompressor-0.27.jar

Description:

Compression algorithms

License:

Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0.html
File Path: /home/runner/.m2/repository/io/airlift/aircompressor/0.27/aircompressor-0.27.jar
MD5: 2c1137bd68ec7a65655fc1adca94742b
SHA1: 5b3b5e7932a1d088ad1f13d109ffd688ab59ef9d
SHA256:fdbef3137a28f63bb0cb93487803080ede746a4ec3d421e36c6f0c305c35e5e4
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
aircompressor-0.27.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/io.airlift/aircompressor@0.27   (Confidence:High)

aopalliance-1.0.jar

Description:

AOP Alliance

License:

Public Domain
File Path: /home/runner/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256:0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
aopalliance-1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/aopalliance/aopalliance@1.0   (Confidence:High)

asciidoctorj-2.5.10.jar

Description:

AsciidoctorJ provides Java bindings for the Asciidoctor RubyGem (asciidoctor) using JRuby.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/asciidoctor/asciidoctorj/2.5.10/asciidoctorj-2.5.10.jar
MD5: c3e92d689545a4acaf3fe55fe72c8435
SHA1: 4498251352f8643be0d226cd6347c3de2df56ed7
SHA256:d975de80afa7b7929d102b7f46b4ec7dad691366c87f83af236cc989078d0583
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asciidoctorj-2.5.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

asciidoctorj-2.5.10.jar: concurrent_ruby.jar

File Path: /home/runner/.m2/repository/org/asciidoctor/asciidoctorj/2.5.10/asciidoctorj-2.5.10.jar/gems/concurrent-ruby-1.1.7/lib/concurrent-ruby/concurrent/concurrent_ruby.jar
MD5: 92015e73fc2e79f2dfc4994e6865d15b
SHA1: f7535d0a5efb585fd5f49c6d18952e191ed6e2c7
SHA256:7c35aee1609b885f760688733eaa5f4d53f2ef68558f7b19edd6a7179b5e381f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

asciidoctorj-2.5.10.jar: jruby_cache_backend.jar

File Path: /home/runner/.m2/repository/org/asciidoctor/asciidoctorj/2.5.10/asciidoctorj-2.5.10.jar/gems/thread_safe-0.3.6-java/lib/thread_safe/jruby_cache_backend.jar
MD5: 7f40e133c093c0e7baddce14ea90114b
SHA1: 993f3706b397773d989d6a02fa4e91a9ea8b0a24
SHA256:fd26af853ae547cdc0ff51d5875fe8cadc61edd23dc207651012217c4ff4257a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

asciidoctorj-api-2.5.10.jar

Description:

API for AsciidoctorJ

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/asciidoctor/asciidoctorj-api/2.5.10/asciidoctorj-api-2.5.10.jar
MD5: b92b78c9ee25265a1babb9fb11a59734
SHA1: 9ec17d03c402235f4a280522b4c2f383c55108ab
SHA256:c3093a5bcb613025fe5f1f44c03ee3994a15ed534e23190d6afa6bd526323707
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asciidoctorj-api-2.5.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

asm-9.9.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm/9.9/asm-9.9.jar
MD5: 6d1dd0482c03a6dc1807d9d004456021
SHA1: c29635c8a7afa03d74b33c1884df8abb2b3f3dcc
SHA256:03d99a74ad1ee5c71334ef67437f4ef4fe3488caa7c96d8645abc73c8e2017d4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-9.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.ow2.asm/asm@9.9   (Confidence:High)

asm-analysis-7.3.1.jar

Description:

Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-analysis/7.3.1/asm-analysis-7.3.1.jar
MD5: b5b082ef17f6d6bb3d8ed9c129161bdb
SHA1: 045dfd299ea0c17d534499c4f06417ceccfa2d02
SHA256:46b8a8efd4b94facb5ab4b35afe30ee0546ae7a43d2c64e6def56c2f168fefa5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-analysis-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.ow2.asm/asm-analysis@7.3.1   (Confidence:High)

asm-commons-7.3.1.jar

Description:

Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-commons/7.3.1/asm-commons-7.3.1.jar
MD5: be985ed0af52424f8f5d27ec71c249ab
SHA1: daaa79ef260eb67404b9a52bc319a024c7f49cfe
SHA256:87cd8bb3c6bf6bcbb33fca48060c5065f66ebf6a3d7de9bf18bff51bcf156ebc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-commons-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.ow2.asm/asm-commons@7.3.1   (Confidence:High)

asm-tree-7.3.1.jar

Description:

Tree API of ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-tree/7.3.1/asm-tree-7.3.1.jar
MD5: 3ef0bd9837a905e0b2d443de9199a409
SHA1: 587ce54d243145b2e89598bfcea7823ded73be5d
SHA256:f91a4a8aa868c5c4665bb4fd134019a91f9f8b9216527fba295e3c8b5422b78b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-tree-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.ow2.asm/asm-tree@7.3.1   (Confidence:High)

asm-util-7.3.1.jar

Description:

Utilities for ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /home/runner/.m2/repository/org/ow2/asm/asm-util/7.3.1/asm-util-7.3.1.jar
MD5: 181141e54fdd56474937d7ebfb325ba3
SHA1: cac1bf54c2fb86671c357d281d1060fe5d50a0de
SHA256:182128592742ed4883ac82bf205f137b6bfbe1234c68e6feb13759e75a85b729
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
asm-util-7.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.ow2.asm/asm-util@7.3.1   (Confidence:High)

autolink-0.6.0.jar

Description:

        Java library to extract links (URLs, email addresses) from plain text;
        fast, small and smart about recognizing where links end

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/org/nibor/autolink/autolink/0.6.0/autolink-0.6.0.jar
MD5: f2633571471a5957ee12e61b184e6219
SHA1: 3986d016a14e8c81afeec752f19af29b20e8367b
SHA256:a80be030f6386f18111cad9161c0b6983157352a1b59a59e6002172f0d321c04
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
autolink-0.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.nibor.autolink/autolink@0.6.0   (Confidence:High)

backport9-1.12.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/headius/backport9/1.12/backport9-1.12.jar
MD5: cf013aeba341a294bd27fe8aceeb316a
SHA1: 48995f1910bb87a5b53d8720092879fce54e04b8
SHA256:c3e2e6a5981e7eb832854f6fe4884bf561bdc70b7e9dc98cab61420db2f55235
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
backport9-1.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.headius/backport9@1.12   (Confidence:High)

checker-qual-3.52.0.jar

Description:

checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.52.0/checker-qual-3.52.0.jar
MD5: d7eeaac6d7810375c2484fd4faeb2f69
SHA1: 9c17f496846ab1fca8975c6a50ceac0b3bbe63f0
SHA256:0b5bb1a4bdc4e4b1217482fe598efcaab4e1fba7b37f9412639178fc8116fc05
Referenced In Project/Scope: SchemaSpy Maven Plugin:runtime
checker-qual-3.52.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.postgresql/postgresql@42.7.9

Identifiers

  • pkg:maven/org.checkerframework/checker-qual@3.52.0   (Confidence:High)

commons-beanutils-1.11.0.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.11.0/commons-beanutils-1.11.0.jar
MD5: 32ed51f196dfda19e0dc1ce53eeed29e
SHA1: ac03ea606d13de04c2e4508227680faff151f491
SHA256:9e44ba68ec9a3f21286fa2a8bbb003b735c0f69101bb43144b79f4f8aaa74709
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-beanutils-1.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

commons-codec-1.19.0.jar

Description:

     The Apache Commons Codec component contains encoders and decoders for
     formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.19.0/commons-codec-1.19.0.jar
MD5: e46fa78c69544eb6239c4e8447e72544
SHA1: 8c0dbe3ae883fceda9b50a6c76e745e548073388
SHA256:5c3881e4f556855e9c532927ee0c9dfde94cc66760d5805c031a59887070af5f
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
commons-codec-1.19.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/commons-codec/commons-codec@1.19.0   (Confidence:High)

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-beanutils/commons-beanutils@1.11.0

Identifiers

commons-compress-1.28.0.jar

Description:

Apache Commons Compress defines an API for working with
compression and archive formats. These include bzip2, gzip, pack200,
LZMA, XZ, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-compress/1.28.0/commons-compress-1.28.0.jar
MD5: f33efe616d561f8281ef7bf9f2576ad0
SHA1: e482f2c7a88dac3c497e96aa420b6a769f59c8d7
SHA256:e1522945218456f3649a39bc4afd70ce4bd466221519dba7d378f2141a4642ca
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
commons-compress-1.28.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

commons-digester3-3.2.jar

Description:

    The Apache Commons Digester package lets you configure an XML to Java
    object mapping module which triggers certain actions called rules whenever
    a particular pattern of nested XML elements is recognized.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-digester3/3.2/commons-digester3-3.2.jar
MD5: 41d2c62c7aedafa7a3627794abc83f71
SHA1: c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79
SHA256:1c150e3d2df4b4237b47e28fea2079fb0da324578d5cca6a5fed2e37a62082ec
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-digester3-3.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.commons/commons-digester3@3.2   (Confidence:High)

commons-lang3-3.20.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

  The code is tested using the latest revision of the JDK for supported
  LTS releases: 8, 11, 17, 21 and 25 currently.
  See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
  
  Please ensure your build environment is up-to-date and kindly report any build issues.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.20.0/commons-lang3-3.20.0.jar
MD5: 4b29562ded527aa074e1d44f8646dac5
SHA1: 65897b3e5731220962e659e001904af3c3cbeba9
SHA256:69e5c9fa35da7a51a5fd2099dfe56a2d8d32cf233e2f6d770e796146440263f4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-lang3-3.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

commons-logging-1.3.5.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well-known logging systems.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar
MD5: 9ca067b073153c86c2da350c0f2cdf70
SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1
SHA256:6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-logging-1.3.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-beanutils/commons-beanutils@1.11.0

Identifiers

  • pkg:maven/commons-logging/commons-logging@1.3.5   (Confidence:High)

commons-text-1.12.0.jar

Description:

Apache Commons Text is a set of utility functions and reusable components for the purpose of processing
    and manipulating text that should be of use in a Java environment.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.12.0/commons-text-1.12.0.jar
MD5: 544add6fbc8d4b100b07c3692d08099e
SHA1: 66aa90dc099701c4d3b14bd256c328f592ccf0d6
SHA256:de023257ff166044a56bd1aa9124e843cd05dac5806cc705a9311f3556d5a15f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
commons-text-1.12.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

compiler-0.9.10.jar

Description:

Implementation of mustache.js for Java

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/com/github/spullara/mustache/java/compiler/0.9.10/compiler-0.9.10.jar
MD5: 5638fc78a17d5063cc4b0d00f6e87491
SHA1: 6111ae24e3be9ecbd75f5fe908583fc14b4f0174
SHA256:2b5a9217811cb99846a473fa8e0d233eb33629347b7f44941f6c0fbd4cdf1038
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
compiler-0.9.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.spullara.mustache.java/compiler@0.9.10   (Confidence:High)

derby-10.16.1.1.jar

Description:

Contains the core Apache Derby database engine, which also includes the embedded JDBC driver.

File Path: /home/runner/.m2/repository/org/apache/derby/derby/10.16.1.1/derby-10.16.1.1.jar
MD5: d9c38ece80f4ec0756f54b06716a3dd6
SHA1: f9ca2054b3e33ec3f3f19df4a7490352d82de54a
SHA256:ede804cb04e871d7c52d2414e952ab939f9ef243abb7bd0ce7dbeb6e1e28bd0b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
derby-10.16.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

CVE-2022-46337  

A cleverly devised username might bypass LDAP authentication checks. In 
LDAP-authenticated Derby installations, this could let an attacker fill 
up the disk by creating junk Derby databases. In LDAP-authenticated 
Derby installations, this could also allow the attacker to execute 
malware which was visible to and executable by the account which booted 
the Derby server. In LDAP-protected databases which weren't also 
protected by SQL GRANT/REVOKE authorization, this vulnerability could 
also let an attacker view and corrupt sensitive data and run sensitive 
database functions and procedures.

Mitigation:

Users should upgrade to Java 21 and Derby 10.17.1.0.

Alternatively, users who wish to remain on older Java versions should 
build their own Derby distribution from one of the release families to 
which the fix was backported: 10.16, 10.15, and 10.14. Those are the 
releases which correspond, respectively, with Java LTS versions 17, 11, 
and 8.
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

derbyshared-10.16.1.1.jar

Description:

The code which is shared across all Derby configurations.

File Path: /home/runner/.m2/repository/org/apache/derby/derbyshared/10.16.1.1/derbyshared-10.16.1.1.jar
MD5: e423cba3150f195debaf7ff0d307ecf6
SHA1: 77a3ec6b9791c7c29c76148c5d56fc1f3f12d638
SHA256:27d4be683a45f6c15940167277ce39bb7e26b9f6dc0bc05efbcf813cac5d2b8f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
derbyshared-10.16.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.derby/derby@10.16.1.1

Identifiers

CVE-2022-46337  

A cleverly devised username might bypass LDAP authentication checks. In 
LDAP-authenticated Derby installations, this could let an attacker fill 
up the disk by creating junk Derby databases. In LDAP-authenticated 
Derby installations, this could also allow the attacker to execute 
malware which was visible to and executable by the account which booted 
the Derby server. In LDAP-protected databases which weren't also 
protected by SQL GRANT/REVOKE authorization, this vulnerability could 
also let an attacker view and corrupt sensitive data and run sensitive 
database functions and procedures.

Mitigation:

Users should upgrade to Java 21 and Derby 10.17.1.0.

Alternatively, users who wish to remain on older Java versions should 
build their own Derby distribution from one of the release families to 
which the fix was backported: 10.16, 10.15, and 10.14. Those are the 
releases which correspond, respectively, with Java LTS versions 17, 11, 
and 8.
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

derbytools-10.16.1.1.jar

Description:

Contains Apache Derby tools like ij, sysinfo, and dblook.

File Path: /home/runner/.m2/repository/org/apache/derby/derbytools/10.16.1.1/derbytools-10.16.1.1.jar
MD5: 25b138905deb681ff167a5a04d29c3c6
SHA1: 32a5335f9087022cd8ca5c85f35f8c844b1360a9
SHA256:db052f92508e966ee8b0c5c9eca84cb11cbf0b0d78e608dc89340d4bb6c07314
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
derbytools-10.16.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

CVE-2022-46337  

A cleverly devised username might bypass LDAP authentication checks. In 
LDAP-authenticated Derby installations, this could let an attacker fill 
up the disk by creating junk Derby databases. In LDAP-authenticated 
Derby installations, this could also allow the attacker to execute 
malware which was visible to and executable by the account which booted 
the Derby server. In LDAP-protected databases which weren't also 
protected by SQL GRANT/REVOKE authorization, this vulnerability could 
also let an attacker view and corrupt sensitive data and run sensitive 
database functions and procedures.

Mitigation:

Users should upgrade to Java 21 and Derby 10.17.1.0.

Alternatively, users who wish to remain on older Java versions should 
build their own Derby distribution from one of the release families to 
which the fix was backported: 10.16, 10.15, and 10.14. Those are the 
releases which correspond, respectively, with Java LTS versions 17, 11, 
and 8.
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

dirgra-0.3.jar

Description:

Simple Directed Graph

License:

EPL: http://www.eclipse.org/legal/epl-v10.html
File Path: /home/runner/.m2/repository/org/jruby/dirgra/0.3/dirgra-0.3.jar
MD5: 67c71ad64192513616e71c8fc75b5e2d
SHA1: fcdf20c966ff7bd3299c3d7fb3e7bfb14e38d4ee
SHA256:9ee2b48dcdfe0f6261200b81852a3f8c02af702269457c82f485d36d6e078360
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
dirgra-0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.jruby/dirgra@0.3   (Confidence:High)

doxia-core-2.0.0.jar

Description:

Doxia core classes and interfaces.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-core/2.0.0/doxia-core-2.0.0.jar
MD5: c0fb5fa304380a070a896e79a62b6932
SHA1: 6b8dd422ff321fdbf32a0196b85cce3d63cfe68c
SHA256:939183cf5ced6741745b2475a4adf78ca85885ee0dad6dae28dd3f25bd447ff3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-core-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-core@2.0.0   (Confidence:High)

doxia-integration-tools-2.0.0.jar

Description:

A collection of tools to help the integration of Doxia Sitetools in Maven plugins.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-integration-tools/2.0.0/doxia-integration-tools-2.0.0.jar
MD5: b8e18118b11a20e0ddc66b235989682e
SHA1: ce08d289ed826416983860fb2adced6dd7ade550
SHA256:4aee72f9b30b507964c2f52b63f70e7b41fb9d957359cb5dc13c428abb4b6189
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-integration-tools-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-integration-tools@2.0.0   (Confidence:High)

doxia-module-apt-2.0.0.jar

Description:

A Doxia module for Almost Plain Text source documents.
    APT format is supported both as source and target formats.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-apt/2.0.0/doxia-module-apt-2.0.0.jar
MD5: f6613830c1f558b909b32d3e3e271911
SHA1: 0505b4e8d57eb3f8c3d66adcca85ce09311742ba
SHA256:f4a846c448ca85358279184a310f6ee3f46fa39688f74a72961c1bfe222f28a6
Referenced In Project/Scope: SchemaSpy Maven Plugin:runtime
doxia-module-apt-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-module-apt@2.0.0   (Confidence:High)

doxia-module-xdoc-2.0.0.jar

Description:

A Doxia module for Xdoc source documents.
    Xdoc format is supported both as source and target formats.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-xdoc/2.0.0/doxia-module-xdoc-2.0.0.jar
MD5: dd12065dc641017da7006cb39f0490e5
SHA1: fe3a51c0226cb7cdfdcc97b73681f6ee80fad72c
SHA256:7956aca14f8adbc48bac86b218701dd44cc990063a69edbfca363b105994a474
Referenced In Project/Scope: SchemaSpy Maven Plugin:runtime
doxia-module-xdoc-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-module-xdoc@2.0.0   (Confidence:High)

doxia-module-xhtml5-2.0.0.jar

Description:

A Doxia module for Xhtml5 source documents.
    Xhtml5 format is supported both as source and target formats.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-xhtml5/2.0.0/doxia-module-xhtml5-2.0.0.jar
MD5: 2369dd687d9b13d115157299d09ca7d4
SHA1: 15fbcfe42e0a50eb33adbc061c9b4db84ec0470e
SHA256:c91557679a0eb9fde3175055628ceb7b8fd5ab6d308340770d236fb06265dc26
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-module-xhtml5-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-module-xhtml5@2.0.0   (Confidence:High)

doxia-sink-api-2.0.0.jar

Description:

Doxia Sink API.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-sink-api/2.0.0/doxia-sink-api-2.0.0.jar
MD5: 0ac989158733a584c6b82e6ab1edc8ec
SHA1: d767d78857c1fb3cbd21ae3a7870894476ecb0fc
SHA256:fba33eaee3b01547bcd14b05ebc37f7dacef1819ad9ee7a5b27899afd3472cf4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-sink-api-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-sink-api@2.0.0   (Confidence:High)

doxia-site-model-2.0.0.jar

Description:

The Site Model handles the descriptor for sites, also known as site.xml.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-site-model/2.0.0/doxia-site-model-2.0.0.jar
MD5: 4da689094c6e4a2d6457d21ce959ac42
SHA1: 6a43c5b58b9acbf789618efdda23d5cb9fb0981f
SHA256:f6ec9ef75a41d1b826e5ecf02d92c5de90a6bc70ea93d5340988703223bf2205
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-site-model-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-site-model@2.0.0   (Confidence:High)

doxia-site-renderer-2.0.0.jar

Description:

The Site Renderer handles the rendering of sites, merging site model with document content.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-site-renderer/2.0.0/doxia-site-renderer-2.0.0.jar
MD5: 0af057ade4d5bc3b41a06cf1100bbd93
SHA1: b68214ec1d3250a4594f598f054977d961e66ac8
SHA256:6cdee370194f4b9f742d12ef46528042f480d9bdf3de832de2792e1ae9ffc68d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-site-renderer-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-site-renderer@2.0.0   (Confidence:High)

doxia-skin-model-2.0.0.jar

Description:

The Skin Model defines metadata for Doxia Sitetools skins.

File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-skin-model/2.0.0/doxia-skin-model-2.0.0.jar
MD5: 9daee5a484a8a9cb32b2fe6cfea42531
SHA1: 86913a4d7f1acbf26d426c97adecb18e21938ebf
SHA256:3ced0d90353f49e8eb1458f54664b93ec117d79b9789a576da41e2f6f99723e0
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
doxia-skin-model-2.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.doxia/doxia-skin-model@2.0.0   (Confidence:High)

failureaccess-1.0.3.jar

Description:

    Contains
    com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
    InternalFutures. Most users will never need to use this artifact. Its
    classes are conceptually a part of Guava, but they're in this separate
    artifact so that Android libraries can use them without pulling in all of
    Guava (just as they can use ListenableFuture by depending on the
    listenablefuture artifact).

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/guava/failureaccess/1.0.3/failureaccess-1.0.3.jar
MD5: 29a782e90f6b37218b18bb880d2a8f4a
SHA1: aeaffd00d57023a2c947393ed251f0354f0985fc
SHA256:cbfc3906b19b8f55dd7cfd6dfe0aa4532e834250d7f080bd8d211a3e246b59cb
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
failureaccess-1.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/com.google.guava/failureaccess@1.0.3   (Confidence:High)

flexmark-0.34.32.jar

Description:

Core of flexmark-java (implementation of CommonMark for parsing markdown and rendering to HTML)

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark/0.34.32/flexmark-0.34.32.jar
MD5: 382b5c90335fad2eb5d28fde5a55a0d4
SHA1: c2c2bf0e9c67757eb5996afe0ade71195227253b
SHA256:60fff3390d6836ddcf45be0a0f0e6b4602ce2f26508762851286b3a082648b53
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark@0.34.32   (Confidence:High)

flexmark-ext-abbreviation-0.34.32.jar

Description:

flexmark-java extension for defining abbreviations and turning appearance of these abbreviations in text into links with titles consisting of the expansion of the abbreviation

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-abbreviation/0.34.32/flexmark-ext-abbreviation-0.34.32.jar
MD5: f663f0f2d098231cfd98a853a822e464
SHA1: 785fe944a8f5b5b54b30a4c40735f0f82d53aa25
SHA256:714ed71edd9e5c56ccd6f210b0eb79cf7240923ddf37bfd9ad8d03635f758f5e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-abbreviation-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-abbreviation@0.34.32   (Confidence:High)

flexmark-ext-aside-0.34.32.jar

Description:

flexmark-java extension for converting | to aside tags

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-aside/0.34.32/flexmark-ext-aside-0.34.32.jar
MD5: 2a54188164a2b5c0b22c280845a3160f
SHA1: 017d27b92514cd5b5c2494e1d2fe2cb3b695058c
SHA256:9bd05330490936009172b2b7bd9395c388839e36ca8bbaefd470b875d46c7e28
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-aside-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-aside@0.34.32   (Confidence:High)

flexmark-ext-autolink-0.34.32.jar

Description:

flexmark-java extension for turning plain URLs and email addresses into links

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-autolink/0.34.32/flexmark-ext-autolink-0.34.32.jar
MD5: 2be49f92ce3fc05f3a80b767a39bb72f
SHA1: 6a499f9ebf555ce8545382818103aaaf991af123
SHA256:072e2d8ea66caea1b214becb697271a3337f22fd0a3e6cfff4c7812c98d0a37e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-autolink-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-autolink@0.34.32   (Confidence:High)

flexmark-ext-definition-0.34.32.jar

Description:

flexmark-java extension for definition

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-definition/0.34.32/flexmark-ext-definition-0.34.32.jar
MD5: 06175b13310b36c4a42e9f41fb0a725f
SHA1: 1af7506590f76e6a81f78395a7b3ffa41cec8ff5
SHA256:27c05f0736294540a6922cd2369eb5178bab8c427977ebb49c5593754a5e3a72
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-definition-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-definition@0.34.32   (Confidence:High)

flexmark-ext-emoji-0.34.32.jar

Description:

flexmark-java extension for emoji shortcuts using Emoji-Cheat-Sheet.com http://www.emoji-cheat-sheet.com/

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-emoji/0.34.32/flexmark-ext-emoji-0.34.32.jar
MD5: b76e06cc514d0d3fde84ef695c6fe29f
SHA1: acbf86eabcaffeb0a5a90a9ab1933367f57ce2bb
SHA256:a9dc9e21e1b96718cfb45efe00e816b06d52a02c9451097f9ba3c17072c21661
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-emoji-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-emoji@0.34.32   (Confidence:High)

flexmark-ext-escaped-character-0.34.32.jar

Description:

flexmark-java extension for escaped_character

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-escaped-character/0.34.32/flexmark-ext-escaped-character-0.34.32.jar
MD5: e3f75f4076188a21d4b0ccd43ba8425d
SHA1: e6d8328b599e9af5c2ddff3a9559dfe3545f9008
SHA256:654fbb2f164aa6ba3ce35cd43ac6bc65801c9a7f36ddb160963a5fb2730d0064
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-escaped-character-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-escaped-character@0.34.32   (Confidence:High)

flexmark-ext-footnotes-0.34.32.jar

Description:

flexmark-java extension for footnote inline elments and footnote definitions

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-footnotes/0.34.32/flexmark-ext-footnotes-0.34.32.jar
MD5: 79bb8079973223f14f06231fd9623bf6
SHA1: b4e1426e8658312dc2f61df1d64f8abc40fe385f
SHA256:f4d92a042d3f64cb94deb7fe8dc52b5dab9a6efea01cf54b844cb0ea77a91992
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-footnotes-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-footnotes@0.34.32   (Confidence:High)

flexmark-ext-gfm-strikethrough-0.34.32.jar

Description:

flexmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown)

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-gfm-strikethrough/0.34.32/flexmark-ext-gfm-strikethrough-0.34.32.jar
MD5: a5a9e5ebfb9a1f58873d9ecd27dd348d
SHA1: acc88a9aabb0ac71d6d63c7bcccb2b082ba38b73
SHA256:2678273cae59d949007172fd439157f8c5f2b777f856587ad305c2bf3a55113d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-gfm-strikethrough-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-gfm-strikethrough@0.34.32   (Confidence:High)

flexmark-ext-gfm-tasklist-0.34.32.jar

Description:

flexmark-java extension to convert bullet list items that start with [ ] to a TaskListItem node

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-gfm-tasklist/0.34.32/flexmark-ext-gfm-tasklist-0.34.32.jar
MD5: 6b0c5a675ca4154683a20da590e68188
SHA1: ea598ab99f7c961370f7119897a0b8efc2275566
SHA256:0fb4e680ab4ed40d67ac3399dc0ad2d95cbe902036abee994995eda53ce08fdc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-gfm-tasklist-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-gfm-tasklist@0.34.32   (Confidence:High)

flexmark-ext-ins-0.34.32.jar

Description:

flexmark-java extension for ins

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-ins/0.34.32/flexmark-ext-ins-0.34.32.jar
MD5: 6de13c82fedd06bde84a659a7f97d318
SHA1: 198876100bb1561e2bebb67bdfb05053aac92252
SHA256:8db30a0569f722fd33671df895bd465d36aad56782f8fb132fe41bef138fc8ac
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-ins-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-ins@0.34.32   (Confidence:High)

flexmark-ext-jekyll-front-matter-0.34.32.jar

Description:

flexmark-java extension for jekyll_front_matter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-jekyll-front-matter/0.34.32/flexmark-ext-jekyll-front-matter-0.34.32.jar
MD5: d75e222b62c266ebf19b1481cf0c6f08
SHA1: 3ba2481406202ffb2a3dd1ef888a0be7e6050b8c
SHA256:4fc8404e83cf4d23ea3850dd607553db56141f4dc787dd5ecbcf7c8151e63e14
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-jekyll-front-matter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-jekyll-front-matter@0.34.32   (Confidence:High)

flexmark-ext-superscript-0.34.32.jar

Description:

flexmark-java extension for superscript

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-superscript/0.34.32/flexmark-ext-superscript-0.34.32.jar
MD5: 32e7f7e13440b5a9d087845fba2b9fcb
SHA1: 2f9413cedcc339dd20328249cce6fcee63161a57
SHA256:538175c28416be2b150ce63986d5594df42d7f069592733fb94c81f08fe2f127
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-superscript-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-superscript@0.34.32   (Confidence:High)

flexmark-ext-tables-0.34.32.jar

Description:

flexmark-java extension for tables using "|" pipes with optional column spans and table caption

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-tables/0.34.32/flexmark-ext-tables-0.34.32.jar
MD5: 0475a524aaca5cf09e242aa968034041
SHA1: 550d1891263034068014daa137c38b6b5854aafb
SHA256:662e9e726abe00c7e68b1d7e9f65a5a2e7fa77f7a32ef7e109783a7cbb2304cd
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-tables-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-tables@0.34.32   (Confidence:High)

flexmark-ext-toc-0.34.32.jar

Description:

flexmark-java extension for toc

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-toc/0.34.32/flexmark-ext-toc-0.34.32.jar
MD5: 5d5bed0edcf1c3c7d80520a47b1cf8ac
SHA1: f01a984c6c8c37015079c012e700417d182b0d5f
SHA256:6a3b44c952b76165196babc54a3ad85bc454d051b3331498348cf32810382772
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-toc-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-toc@0.34.32   (Confidence:High)

flexmark-ext-typographic-0.34.32.jar

Description:

flexmark-java extension for typographic

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-typographic/0.34.32/flexmark-ext-typographic-0.34.32.jar
MD5: 493f416bb0399faa70c9ef4565425fbc
SHA1: 0c8c5babe652bc1e87999ea07ef54818ae12c0d3
SHA256:6d5d09963cf211b9013ddf7cced1658edea3d6484e99af4dfd903ca239e2f2aa
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-typographic-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-typographic@0.34.32   (Confidence:High)

flexmark-ext-wikilink-0.34.32.jar

Description:

flexmark-java extension parsing and rendering wiki links

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-wikilink/0.34.32/flexmark-ext-wikilink-0.34.32.jar
MD5: 6ff6ff0e5c7dd48d4d35328428878538
SHA1: 7e40b4e8bf1d409e593b8b69604a504835303df2
SHA256:865745f068c7ff1a5e363b893651330b1336282c6664a7b635634263a4ed7898
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-wikilink-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-wikilink@0.34.32   (Confidence:High)
  • cpe:2.3:a:links:links:0.34.32:*:*:*:*:*:*:*   (Confidence:Low)   

flexmark-ext-yaml-front-matter-0.34.32.jar

Description:

flexmark-java extension for YAML front matter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-ext-yaml-front-matter/0.34.32/flexmark-ext-yaml-front-matter-0.34.32.jar
MD5: 3de9fc9e100d6f4e6b2644b79a8db5e4
SHA1: 0509b24c760f37699d155e63443138977f519373
SHA256:7cdb249e1906b89d84399d6de54c7afe7f4715d6ad2c30ec60f5f756d7b9e475
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-ext-yaml-front-matter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-ext-yaml-front-matter@0.34.32   (Confidence:High)

flexmark-formatter-0.34.32.jar

Description:

flexmark-java extension for formatter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-formatter/0.34.32/flexmark-formatter-0.34.32.jar
MD5: bae1cc2191f3bd80d09d5cfcb432a68d
SHA1: 5d35d76873bce4f5707c2df5c6be47ca42f59901
SHA256:6d8e8b4bf0e34c993a4727873e5eab86015a3121dc7bf169d97d71d45c9dd78e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-formatter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-formatter@0.34.32   (Confidence:High)

flexmark-jira-converter-0.34.32.jar

Description:

flexmark-java extension for jira_converter

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-jira-converter/0.34.32/flexmark-jira-converter-0.34.32.jar
MD5: 676e66b37015c3a02a249dbdb3d6666a
SHA1: 75ca8726c7a24efa1bfa74e5fe879cd929ec0cfe
SHA256:a6a33938ff6dfe5be0f2c5ba630a84b47e9f36334c5e415bb9069366ad96e2e3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-jira-converter-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-jira-converter@0.34.32   (Confidence:High)

flexmark-profile-pegdown-0.34.32.jar

Description:

flexmark-java extension for setting flexmark options by using pegdown extension flags

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-profile-pegdown/0.34.32/flexmark-profile-pegdown-0.34.32.jar
MD5: a7808bb410e1ae87e66b42c3825888ab
SHA1: 30226a940419942e37a88b0a4c79a676ca78f788
SHA256:e62eaf00d9249aeb921eea709c492f5ffd085e75a15f2ca2a3944165351dd834
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-profile-pegdown-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-profile-pegdown@0.34.32   (Confidence:High)

flexmark-util-0.34.32.jar

Description:

flexmark-java utility classes

File Path: /home/runner/.m2/repository/com/vladsch/flexmark/flexmark-util/0.34.32/flexmark-util-0.34.32.jar
MD5: 240493638f5833ff8563a0b8b0ecd37f
SHA1: a06050bd9933ac68bc1f266d47c16e772675fea9
SHA256:2ee09f5826e303f37b2b88e3ae5bb7dcc70935ed1736c3a986e8bb8786f8f89c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
flexmark-util-0.34.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.vladsch.flexmark/flexmark-util@0.34.32   (Confidence:High)

guava-33.5.0-jre.jar

Description:

    Guava is a suite of core and expanded libraries that include
    utility classes, Google's collections, I/O classes, and
    much more.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/guava/guava/33.5.0-jre/guava-33.5.0-jre.jar
MD5: d9fbf39a41a5bab891348f07668e18c5
SHA1: 8699de25f2f979108d6c1b804a7ba38cda1116bc
SHA256:1e301f0c52ac248b0b14fdc3d12283c77252d4d6f48521d572e7d8c4c2cc4ac7
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
guava-33.5.0-jre.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

guice-5.1.0-classes.jar

Description:

Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/inject/guice/5.1.0/guice-5.1.0-classes.jar
MD5: d4d4d9bf878b98862116e8ccc0a5c34e
SHA1: e7ba4c25bec3761840f67c73f166c0d509d01d1d
SHA256:142ad4475e19524d2fe3ac995b3f7cbc962fc726f2edb9dbdccc61feab9b2bf9
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
guice-5.1.0-classes.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/com.google.inject/guice@5.1.0   (Confidence:Highest)

hamcrest-2.2.jar

Description:

Core API and libraries of hamcrest matcher framework.

License:

BSD License 3: http://opensource.org/licenses/BSD-3-Clause
File Path: /home/runner/.m2/repository/org/hamcrest/hamcrest/2.2/hamcrest-2.2.jar
MD5: 10b47e837f271d0662f28780e60388e8
SHA1: 1820c0968dba3a11a1b30669bb1f01978a91dedc
SHA256:5e62846a89f05cd78cd9c1a553f340d002458380c320455dd1f8fc5497a8a1c1
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
hamcrest-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.hamcrest/hamcrest@2.2   (Confidence:High)

hamcrest-core-2.2.jar

Description:

Core Hamcrest API - deprecated, please use "hamcrest" instead

License:

BSD License 3: http://opensource.org/licenses/BSD-3-Clause
File Path: /home/runner/.m2/repository/org/hamcrest/hamcrest-core/2.2/hamcrest-core-2.2.jar
MD5: be43e37f4c7b4f6fadba382933006b15
SHA1: 3f2bd07716a31c395e2837254f37f21f0f0ab24b
SHA256:094f5d92b4b7d9c8a2bf53cc69d356243ae89c3499457bcb4b92f7ed3bf95879
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
hamcrest-core-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.hamcrest/hamcrest-core@2.2   (Confidence:High)

hsqldb-2.7.4.jar

Description:

HSQLDB - Lightweight 100% Java SQL Database Engine

License:

HSQLDB License, a BSD open source license: http://hsqldb.org/web/hsqlLicense.html
File Path: /home/runner/.m2/repository/org/hsqldb/hsqldb/2.7.4/hsqldb-2.7.4.jar
MD5: 9e6a620acc9d544aacbfa2f17e78f4eb
SHA1: 4aad3c109b5b04927d3bc663bf13535f830401ce
SHA256:5fab2bb4384ac06b762638c8fa2740c944b8d080e4796c0c6c2af8b90dd4e5ad
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
hsqldb-2.7.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.hsqldb/hsqldb@2.7.4   (Confidence:High)
  • cpe:2.3:a:hsqldb:hypersql_database:2.7.4:*:*:*:*:*:*:*   (Confidence:Low)   

invokebinder-1.12.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/headius/invokebinder/1.12/invokebinder-1.12.jar
MD5: add09bd8a21f157f9d6dbcaeb33ca97d
SHA1: eeaaf9e753374c4c582bdb640742d680e22c9e5d
SHA256:44ccc90262d6e67ccb1807df662572637953ebf712b7d6503bfcb9f076c2df9b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
invokebinder-1.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.headius/invokebinder@1.12   (Confidence:High)

jansi-2.4.0.jar

Description:

Jansi is a java library for generating and interpreting ANSI escape sequences.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/fusesource/jansi/jansi/2.4.0/jansi-2.4.0.jar
MD5: bb0f7e4e04a71518dfe5b4ec102aa61f
SHA1: 321c614f85f1dea6bb08c1817c60d53b7f3552fd
SHA256:6cd91991323dd7b2fb28ca93d7ac12af5a86a2f53279e2b35827b30313fd0b9f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jansi-2.4.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.fusesource.jansi/jansi@2.4.0   (Confidence:High)

jansi-2.4.0.jar: jansi.dll

File Path: /home/runner/.m2/repository/org/fusesource/jansi/jansi/2.4.0/jansi-2.4.0.jar/org/fusesource/jansi/internal/native/Windows/x86/jansi.dll
MD5: 0e396db1f1371448be55ad0b1542dc0b
SHA1: 492bd09333e536e51d17caffcf6b7b56c4afcdbf
SHA256:1d6314da4b3a7a5e9dded6b0cc1b83f15f8f603897ae00cfe98ef171285620f3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jansi-2.4.0.jar: jansi.dll

File Path: /home/runner/.m2/repository/org/fusesource/jansi/jansi/2.4.0/jansi-2.4.0.jar/org/fusesource/jansi/internal/native/Windows/x86_64/jansi.dll
MD5: a7a3efd305c910cd0850f24f17acec86
SHA1: 6303f154edeaa18a7aeb3997e9ef3634e5ee1171
SHA256:d23fc9293b68781d43314403048d6dc655fa4620b6b4db3dcd345c52c332a2f4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

javax.inject-1.jar

Description:

The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
javax.inject-1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/javax.inject/javax.inject@1   (Confidence:High)

jcl-over-slf4j-2.0.7.jar

Description:

JCL 1.2 implemented over SLF4J

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/slf4j/jcl-over-slf4j/2.0.7/jcl-over-slf4j-2.0.7.jar
MD5: 4e8d6cd31f7e6277280c95157ac7845a
SHA1: f127fe5ee53404a8b3697cdd032dd1dd6a29dd77
SHA256:41806757e1d26dae5d6db2ca7d4a5176eed2d6e709cd86564d4a11dab0601742
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jcl-over-slf4j-2.0.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.slf4j/jcl-over-slf4j@2.0.7   (Confidence:High)

jcodings-1.0.58.jar

Description:

Byte based encoding support library for java

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/org/jruby/jcodings/jcodings/1.0.58/jcodings-1.0.58.jar
MD5: 10633c14bc5ab11a5237cf7ac15dce0d
SHA1: dce27159dc0382e5f7518d4f3e499fc8396357ed
SHA256:e2f85def67d6848a7a41c648248645689e3990d17ab8f253ab2fd7e69407df67
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jcodings-1.0.58.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.jruby.jcodings/jcodings@1.0.58   (Confidence:High)

jcommander-1.69.jar

Description:

Command line parsing

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/com/beust/jcommander/1.69/jcommander-1.69.jar
MD5: 45bed2649f8429973c486579631c69c7
SHA1: bdf17915d565a7c88a2a0fe05afb5b99ecf24555
SHA256:c2534833996d60581127ddc5139bb94f27f46badc77e1356746d58d9a3dcd99e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jcommander-1.69.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.beust/jcommander@1.69   (Confidence:High)

jffi-1.3.10-native.jar

Description:

Java Foreign Function Interface - Native Libraries

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jffi/1.3.10/jffi-1.3.10-native.jar
MD5: 96a34a92bd006c6b44cfbf95a9d51927
SHA1: 496c42f37f71721f4536cfa415b91bc3dcffe2ef
SHA256:df4682f7d48b23298b89f257d76b6233335047d7a3c6e49e7f0b7332365a7bac
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jffi-1.3.10-native.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jffi@1.3.10   (Confidence:Highest)

jffi-1.3.10-native.jar: jffi-1.2.dll

File Path: /home/runner/.m2/repository/com/github/jnr/jffi/1.3.10/jffi-1.3.10-native.jar/jni/i386-Windows/jffi-1.2.dll
MD5: 841e60814ed6b2971a47b267aef1c58a
SHA1: 07d30c6407fefad8df4b6afc4d85f83e547975ca
SHA256:d63b0ec9a7cc75c26fa951928bf550c0e9a5e6c195a3de94a9c24995206bbfd2
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jffi-1.3.10-native.jar: jffi-1.2.dll

File Path: /home/runner/.m2/repository/com/github/jnr/jffi/1.3.10/jffi-1.3.10-native.jar/jni/x86_64-Windows/jffi-1.2.dll
MD5: 5d80b61c1f9e31860c17b3a410948e7e
SHA1: 5ca292116336ee4ceed00d10e756afea580e62cf
SHA256:58398ba5cda1b7cb89ad4e03dd4a658006956f81acfef4efb4e7dd934e2733ef
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jffi-1.3.10.jar

Description:

Java Foreign Function Interface

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jffi/1.3.10/jffi-1.3.10.jar
MD5: f4a4d356e83be5b4feac54c9583c9830
SHA1: a1de4ce6cd1f949d9406952d6c0dae3898405632
SHA256:8f4e9fe793db1c79c12d8247a3785a30b949ecd126c346e04969b831ae48bcd3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jffi-1.3.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jffi@1.3.10   (Confidence:High)

jitescript-0.4.1.jar

Description:

Java API for Bytecode

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/me/qmx/jitescript/jitescript/0.4.1/jitescript-0.4.1.jar
MD5: 5fb5146d3bdc39e80c2641414521bc04
SHA1: f1efcb28cb13d26faf789264d54251faf58f0b63
SHA256:035d4afc5a27202c3e3f38c32506e3657697a4d6d97463eb25affe1cbf45efd5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jitescript-0.4.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/me.qmx.jitescript/jitescript@0.4.1   (Confidence:High)

jnr-a64asm-1.0.0.jar

Description:

A pure-java A64 assembler

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-a64asm/1.0.0/jnr-a64asm-1.0.0.jar
MD5: 6cb469cbbcf9eca78d50f7da595a8337
SHA1: 0a1cb8dbe71b5a6a0288043c3ba3ca64545be165
SHA256:53ae5ea7fa5c284e8279aa348e7b9de4548b0cae10bfd058fa217c791875e4cf
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-a64asm-1.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-a64asm@1.0.0   (Confidence:High)

jnr-constants-0.10.4.jar

Description:

A set of platform constants (e.g. errno values)

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-constants/0.10.4/jnr-constants-0.10.4.jar
MD5: a5a4036fd334522540041b062b304abc
SHA1: 09f6f23763bf40ea7b56391791f574174914430a
SHA256:9a5b8cf9798d9d0331b8d8966c5235a22c4307676e35803a24659e6d76096f78
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-constants-0.10.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-constants@0.10.4   (Confidence:High)

jnr-enxio-0.32.14.jar

Description:

Native I/O access for java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-enxio/0.32.14/jnr-enxio-0.32.14.jar
MD5: cc8882079f43cc9fb5bc7edcd89f09cb
SHA1: a5480211e07f29638ab7ad83746fc2214092ae03
SHA256:907706957ee2e731836ee953ec7cc646b2e8781324e53c54aa946dbae9fec74d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-enxio-0.32.14.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-enxio@0.32.14   (Confidence:High)

jnr-ffi-2.2.13.jar

Description:

A library for invoking native functions from java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-ffi/2.2.13/jnr-ffi-2.2.13.jar
MD5: 6335a5ef1d8c70bfc35077293ea44098
SHA1: 3d2c01e80845af089c77c742922344388d9bdc75
SHA256:d309575e8d080785988dc51b6636ae67738561c3d1453e8b24f9501301e00296
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-ffi-2.2.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-ffi@2.2.13   (Confidence:High)

jnr-netdb-1.2.0.jar

Description:

Lookup TCP and UDP services from java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-netdb/1.2.0/jnr-netdb-1.2.0.jar
MD5: 25e6e5f7e6d05f200b9efac0b9599789
SHA1: 1bb5527cac7dadaea7c3bd1e3d86dd95ed0d3b87
SHA256:24f54abd859979b6caabf4918b022c57fc0d3247def4bfe68e5a30172409fc3c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-netdb-1.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-netdb@1.2.0   (Confidence:High)

jnr-posix-3.1.16.jar

Description:

    Common cross-project/cross-platform POSIX APIs

License:

Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/
GNU General Public License Version 2: http://www.gnu.org/copyleft/gpl.html
GNU Lesser General Public License Version 2.1: http://www.gnu.org/licenses/lgpl.html
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-posix/3.1.16/jnr-posix-3.1.16.jar
MD5: ea898122fd267d2ccd75d9eb431c0358
SHA1: 4e659c9a19e74b9f6e73153909c1b4db2752a9c2
SHA256:654e90b8369b5380f6ef0f3072fee96a15a0c3adb33fb07749fab09f34633e95
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-posix-3.1.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-posix@3.1.16   (Confidence:High)

jnr-unixsocket-0.38.19.jar

Description:

UNIX socket channels for java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-unixsocket/0.38.19/jnr-unixsocket-0.38.19.jar
MD5: d7af8e0a77672497ac71bbae18aa57e8
SHA1: 9be702906e07a497b8bb992f236bcc29126cd4ce
SHA256:ac03f619af7fa1122b0c6293852b4e3b6f6a46b851f8c1a2b2f485efbbff8d4f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-unixsocket-0.38.19.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-unixsocket@0.38.19   (Confidence:High)

jnr-x86asm-1.0.2.jar

Description:

A pure-java X86 and X86_64 assembler

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/com/github/jnr/jnr-x86asm/1.0.2/jnr-x86asm-1.0.2.jar
MD5: 00670735acb2a9d1421b506dc7d338bc
SHA1: 006936bbd6c5b235665d87bd450f5e13b52d4b48
SHA256:39f3675b910e6e9b93825f8284bec9f4ad3044cd20a6f7c8ff9e2f8695ebf21e
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jnr-x86asm-1.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.github.jnr/jnr-x86asm@1.0.2   (Confidence:High)

joda-time-2.10.10.jar

Description:

Date and time library to replace JDK date handling

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/joda-time/joda-time/2.10.10/joda-time-2.10.10.jar
MD5: c2a46de8a73ec7b60011429561ae72e3
SHA1: 29e8126e31f41e5c12b9fe3a7eb02e704c47d70b
SHA256:dd8e7c92185a678d1b7b933f31209b6203c8ffa91e9880475a1be0346b9617e3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
joda-time-2.10.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/joda-time/joda-time@2.10.10   (Confidence:High)

joni-2.1.48.jar

Description:

    Java port of Oniguruma: http://www.geocities.jp/kosako3/oniguruma
    that uses byte arrays directly instead of java Strings and chars

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/org/jruby/joni/joni/2.1.48/joni-2.1.48.jar
MD5: 0f9183c19ad775a3ca10f3ed8af00194
SHA1: 552f95e640553de15243c02bd97a6c0c3dd7a78f
SHA256:41cb16ce177877aae3d98aa2024486973702b66306024c683d89819ee978a529
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
joni-2.1.48.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.jruby.joni/joni@2.1.48   (Confidence:High)

jruby-9.4.2.0.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby/9.4.2.0/jruby-9.4.2.0.jar
MD5: a8e9239ce5a1ad55fc8f01cd883dd2e2
SHA1: 949c05a49fdb5f7fdd1044bb184adb5fdd878daa
SHA256:d1b98a34c953908f5d60ed4ea78c3308ed381dcd852b401d8e7baf8a0d183523
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jruby-9.4.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

CVE-2025-46551  

JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library. Starting in JRuby-OpenSSL version 0.12.1 and prior to version 0.15.4 (corresponding to JRuby versions starting in 9.3.4.0 prior to 9.4.12.1 and 10.0.0.0 prior to 10.0.0.1), when verifying SSL certificates, JRuby-OpenSSL does not verify that the hostname presented in the certificate matches the one the user tries to connect to. This means a man-in-the-middle could just present any valid cert for a completely different domain they own, and JRuby would accept the cert. Anybody using JRuby to make requests of external APIs, or scraping the web, that depends on https to connect securely. JRuby-OpenSSL version 0.15.4 contains a fix for the issue. This fix is included in JRuby versions 10.0.0.1 and 9.4.12.1.
CWE-295 Improper Certificate Validation

CVSSv4:
  • Base Score: MEDIUM (5.7)
  • Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:N/V:X/RE:X/U:X
CVSSv3:
  • Base Score: LOW (3.7)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:2.2/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

jruby-stdlib-9.4.2.0.jar: bcpkix-jdk18on-1.71.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bcpkix-jdk18on/1.71/bcpkix-jdk18on-1.71.jar
MD5: bf38adbe16ac8db811c86aacb81a561e
SHA1: 211bcae48a96c688ca215394d631eec2b874fff1
SHA256:4bd35767ba9228d63c2f293ba1cc71dae788370b5e036359c8e8174996854e3c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: bcprov-jdk18on-1.71.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bcprov-jdk18on/1.71/bcprov-jdk18on-1.71.jar
MD5: bf1578f78f5db468a5f21ee8f8e42b0d
SHA1: 943e8d0c2bd592ad78759c39d6f749fafaf29cf4
SHA256:f3433a97d780fe9fa3dc3d562a41decd59b2e617ce884de9060349ac14750045
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

CVE-2023-33202  

Bouncy Castle for Java before 1.73 contains a potential Denial of Service (DoS) issue within the Bouncy Castle org.bouncycastle.openssl.PEMParser class. This class parses OpenSSL PEM encoded streams containing X.509 certificates, PKCS8 encoded keys, and PKCS7 objects. Parsing a file that has crafted ASN.1 data through the PEMParser causes an OutOfMemoryError, which can enable a denial of service attack. (For users of the FIPS Java API: BC-FJA 1.0.2.3 and earlier are affected; BC-FJA 1.0.2.4 is fixed.)
CWE-400 Uncontrolled Resource Consumption

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

jruby-stdlib-9.4.2.0.jar: bctls-jdk18on-1.71.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bctls-jdk18on/1.71/bctls-jdk18on-1.71.jar
MD5: 65f432d6f929d6d52672528b3290858b
SHA1: 6a2d887b25de4db3531ff77df39dcdd32787e585
SHA256:4881ba9e96a789c6f1d54124f89bbd508cbd53e9c80119dea023637cce4e3694
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: bcutil-jdk18on-1.71.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/bouncycastle/bcutil-jdk18on/1.71/bcutil-jdk18on-1.71.jar
MD5: 06dde1f2adc6f01803554c0162214202
SHA1: 57daa18bc93730eab46291d9b55a15480e013265
SHA256:ac75ae3fabf2cb81210b3648fbe36aaed8d8c453bbeaac40e3b5031c7677197a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: cparse-jruby.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/racc/cparse-jruby.jar
MD5: 906f9b27b030e736e50cbfa4caafa8d6
SHA1: 3db40231f23513637dc2d89300866bab97b9019f
SHA256:e93de9f53cd7c65cd531349fcd9c9db02ed66497d9c5f4738aec8c33675e030a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: darkfish.js

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/darkfish/js/darkfish.js
MD5: 14a006c8a8c126d3a032db6a6778a2d6
SHA1: 5de3c13a83ac02d213bacc7c5642673b7692f1c9
SHA256:00cb86c2c4b1d8d18f1971ca0b2cd7eb5ecad12a68db6c78d575e053a853ce39
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: digest.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/digest.jar
MD5: 6b41cf703fa8e6eab59603d967ef62f8
SHA1: ec9fc8554da4b74cba72c8074d4dd42db3e3b734
SHA256:a764ee8dd12fd6fcb70da803ba7daa63a10290646c05b952aa0f8339536a77f3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: escape.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/cgi/escape.jar
MD5: 246966a2ab62ba0ae05954864b8bed7e
SHA1: 81fb35684e928d55b705d12adf6ac98ba03d982c
SHA256:0b1b0f2769202fa1d37a65f824b78cdfabe5cd8ea1b9915ffdb1e9bc90c0e58a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: generator.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/json/ext/generator.jar
MD5: 3283c0ddb83e531bc837f528f8a49b60
SHA1: 320251ec9ef0c596fdbfffb796f5cd103827b7ba
SHA256:dfc1f6d185878d54dd5baf20b017f6d7a26787bc4e687f384f5ee3053b3f7ff9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: jline-2.14.6.jar

License:

The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jline/jline/2.14.6/jline-2.14.6.jar
MD5: 480423551649bc6980b43f09e4717272
SHA1: c3aeac59c022bdc497c8c48ed86fa50450e4896a
SHA256:97d1acaac82409be42e622d7a54d3ae9d08517e8aefdea3d2ba9791150c2f02d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

CVE-2023-50572  

An issue in the component GroovyEngine.execute of jline-groovy v3.24.1 allows attackers to cause an OOM (OutofMemory) error.
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (5.5)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

jruby-stdlib-9.4.2.0.jar: jline-2.14.6.jar: jansi.dll

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jline/jline/2.14.6/jline-2.14.6.jar/META-INF/native/windows32/jansi.dll
MD5: 83fdcbb296f9732176748e443c7637a5
SHA1: f91fda2c7f9f485db21a50c05ff3a65c1fa20090
SHA256:7db0fdba01b93f8d45c8fa9ba949f424efb0361d6f8af5561d769378d8b3a1ac
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: jline-2.14.6.jar: jansi.dll

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jline/jline/2.14.6/jline-2.14.6.jar/META-INF/native/windows64/jansi.dll
MD5: b009262ec2c7e84839af9729b752f14e
SHA1: 8d96f40da8970ddd48af4517512a0fdd077c33da
SHA256:daed7ea5b66bce3821742564af812b6f4e25939b3d273ed5a156ba7c92c452dc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: jopenssl.jar (shaded: rubygems:jruby-openssl:0.14.0)

Description:

JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.

License:

EPL-1.0: http://opensource.org/licenses/EPL-1.0
GPL-2.0: http://opensource.org/licenses/GPL-2.0
LGPL-2.1: http://opensource.org/licenses/LGPL-2.1
File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar/META-INF/maven/rubygems/jruby-openssl/pom.xml
MD5: d28f9d9f772eb62076cdf56f28e43a66
SHA1: feebc56dc27535e5d94fe99b4c1d46fbac3a68e9
SHA256:017e9e90699f8cab1bc9d1b199507079d536d2f114a4a1395822ed228e3caeeb
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:maven/rubygems/jruby-openssl@0.14.0   (Confidence:High)

jruby-stdlib-9.4.2.0.jar: jopenssl.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar
MD5: 2f91034db43754fc5c7a4eb981ed3493
SHA1: bcdf391001aba72dd10af7933442cedc758b6a08
SHA256:d081167410a238bb1c086b330d1abd177bd141fa4f974d804b39688471723552
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: jruby.dll

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/bin/jruby.dll
MD5: f4984dc17ea2fe968af0429c058612bf
SHA1: d2055cf2721ccd0d84ce9776f6948f32693edb23
SHA256:00963fee62934b34753a2764f26a5fb082429ad7fca9bab68bde136897371587
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: jruby.exe

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/bin/jruby.exe
MD5: 1839a3e41c81a5b1e439648d5ec793f7
SHA1: f77fcf2f1d1f68e89c2e1030f180c16247e483ce
SHA256:670a2786a5330c8dcd0d38221adddeeb36d6c10ff9298300f95bf4745ec36a5a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: jrubyw.exe

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/bin/jrubyw.exe
MD5: f25dee120cdac7b4980b532d12d7e9b1
SHA1: cd64083be92749aba74e568ddc619b905833d193
SHA256:4c13bfeb020a1f06ab339970c8b45f5d864dd76664de13e7aab7737e49a833e5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: navigation.js

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/json_index/js/navigation.js
MD5: 0f2526548577d42eed5939333c321065
SHA1: a99b9374c2e37d315a6279b9238615252becac49
SHA256:757a5fb0031eb9bc47912ec87bcf16ce5ae855bb072bdb318437ffd806d7ee56
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: parser.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/json/ext/parser.jar
MD5: 8e24715db36a58ac651db3ea42800b41
SHA1: 8f981206207df1d7d9971bd0d74dda5aa0ba7b2c
SHA256:8ac8daae07c95c22c7d29c056026cadf2404ff38d13832956b3e326805a3ee63
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: psych.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/psych.jar
MD5: e7232cab4526323ae931b2f788283796
SHA1: 4b10acede4324cf4d94f2c59b7e8d70977718140
SHA256:a516fb407c55c6601a78f036765d85484140ba90c84c614dc193f0ee179b6e00
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: readline.jar (shaded: rubygems:jruby-readline:1.3.7)

Description:

readline extension for JRuby

License:

EPL-1.0: http://opensource.org/licenses/EPL-1.0
GPL-2.0: http://opensource.org/licenses/GPL-2.0
LGPL-2.1: http://opensource.org/licenses/LGPL-2.1
File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/readline.jar/META-INF/maven/rubygems/jruby-readline/pom.xml
MD5: f675c86ab93d2adadaab3e9ec7445fe6
SHA1: 3cb722b663bcb103aafaed0789d9491684d21eb6
SHA256:b931e0b3f3ff77ee17bb63301f5caabd262e046db28f190c434f565249383408
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:maven/rubygems/jruby-readline@1.3.7   (Confidence:High)

jruby-stdlib-9.4.2.0.jar: readline.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/readline.jar
MD5: ee095d6e2062601784e821c0761b7a8d
SHA1: f94495275a3d40af13986495b60d7a2029d8eba5
SHA256:25f6e191a7cddf15c926d9c5fb598237517b201d041f35f5cd01ae446b17d9d4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: search.js

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/darkfish/js/search.js
MD5: 84b747a9f491cfb6740ab520d0c0602c
SHA1: 7227a18b55ac08a0f8cc03ea8ac063f6dba1a1e5
SHA256:972b0c1524a5789afa094459c524b4a7333b58536c9b2db6280468621a2c5439
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: searcher.js

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/rdoc/generator/template/json_index/js/searcher.js
MD5: e6753e62548eadebce36524f6178fd0b
SHA1: ff8ca51fd50d759d6ad7b78a171c8646968f7520
SHA256:e1b5467dd44b05a13e7b798a9c149954e9861089575dcaf8b302489c44bc359a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: snakeyaml-engine-2.6.jar

Description:

Core YAML 1.2 parser and emitter for Java

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/org/snakeyaml/snakeyaml-engine/2.6/snakeyaml-engine-2.6.jar
MD5: 719bcfb9f917992d0a99a6f7106d8466
SHA1: 235a7e571b33eda1a81e0f73a3173ef95dd020e5
SHA256:2652199af40c9aa2f1782400d2dfbbf4e5226208c4e05ddd4059c3d6d9cd1505
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

jruby-stdlib-9.4.2.0.jar: stringio.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/stringio.jar
MD5: 7ca1a46065731571f140db9ef93f8b31
SHA1: 5aa438038c02010f6d69eb6c3b05aa637b93aeed
SHA256:833be32b574f165a38c0a2ea33188810b29585626fcd9672f31ea734ca29ba92
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: strscan.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/strscan.jar
MD5: 53372d88223f70f737314a2f1a980ac7
SHA1: 1d973101aa0ed7bb223571f54056eaadb0fa2680
SHA256:f2cdf8305d5b0d7c740e5dca4f1eb8bb475291bd6014ab251a77f0fe34defc88
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

jruby-stdlib-9.4.2.0.jar: wait.jar

File Path: /home/runner/.m2/repository/org/jruby/jruby-stdlib/9.4.2.0/jruby-stdlib-9.4.2.0.jar/META-INF/jruby.home/lib/ruby/stdlib/io/wait.jar
MD5: b2829776cf4df5c6256846f0254c8718
SHA1: 2a75949036606215a94b765057a06c817e45baec
SHA256:6681c709f1564c20bb8288d63455e7063d604742eb21e9b6b6d3398e6a177dac
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

json-20231013.jar

Description:

        JSON is a light-weight, language independent, data interchange format.
        See http://www.JSON.org/

        The files in this package implement JSON encoders/decoders in Java.
        It also includes the capability to convert between JSON and XML, HTTP
        headers, Cookies, and CDL.

        This is a reference implementation. There are a large number of JSON packages
        in Java. Perhaps someday the Java community will standardize on one. Until
        then, choose carefully.

License:

Public Domain: https://github.com/stleary/JSON-java/blob/master/LICENSE
File Path: /home/runner/.m2/repository/org/json/json/20231013/json-20231013.jar
MD5: 1a0702c57783ce9e948252c34644f328
SHA1: e22e0c040fe16f04ffdb85d851d77b07fc05ea52
SHA256:0f18192df289114e17aa1a0d0a7f8372cc9f5c7e4f7e39adcf8906fe714fa7d3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
json-20231013.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.json/json@20231013   (Confidence:High)

json-simple-3.0.2.jar

Description:

Java 7+ toolkit to quickly develop RFC 4627 JSON compatible applications.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/github/cliftonlabs/json-simple/3.0.2/json-simple-3.0.2.jar
MD5: 148c0d1bdc1bcb24394627d6930ee9ad
SHA1: 2337afdb06134a12fc0239299c3ceb2e9c209516
SHA256:fda65a9ad0e1ac0c88987106e89aa4d8b2a2495e7e042371efa83813f65b7295
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
json-simple-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/com.github.cliftonlabs/json-simple@3.0.2   (Confidence:High)

jspecify-1.0.0.jar

Description:

An artifact of well-named and well-specified annotations to power static analysis checks

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/jspecify/jspecify/1.0.0/jspecify-1.0.0.jar
MD5: 9133aba420d0ca3b001dbb6ae9992cf6
SHA1: 7425a601c1c7ec76645a78d22b8c6a627edee507
SHA256:1fad6e6be7557781e4d33729d49ae1cdc8fdda6fe477bb0cc68ce351eafdfbab
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
jspecify-1.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter-engine@6.0.2

Identifiers

  • pkg:maven/org.jspecify/jspecify@1.0.0   (Confidence:High)

jul-to-slf4j-2.0.7.jar

Description:

JUL to SLF4J bridge

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/org/slf4j/jul-to-slf4j/2.0.7/jul-to-slf4j-2.0.7.jar
MD5: 965fd8c7c67bd57eb63b321d0bedf498
SHA1: a48f44aeaa8a5ddc347007298a28173ac1fbbd8b
SHA256:eaba65483bb38c93e68d557a19e5738962322de1946545dbf40e5e32f6293008
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jul-to-slf4j-2.0.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.slf4j/jul-to-slf4j@2.0.7   (Confidence:High)

jzlib-1.1.3.jar

Description:

JZlib is a re-implementation of zlib in pure Java

License:

BSD: http://www.jcraft.com/jzlib/LICENSE.txt
File Path: /home/runner/.m2/repository/com/jcraft/jzlib/1.1.3/jzlib-1.1.3.jar
MD5: 386d3714fef534d21175d8885ae48bf7
SHA1: c01428efa717624f7aabf4df319939dda9646b2d
SHA256:89b1360f407381bf61fde411019d8cbd009ebb10cff715f3669017a031027560
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
jzlib-1.1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

log4j-over-slf4j-2.0.7.jar

Description:

Log4j implemented over SLF4J

License:

Apache Software Licenses: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/slf4j/log4j-over-slf4j/2.0.7/log4j-over-slf4j-2.0.7.jar
MD5: db6e1607a18fce4878c6706c144c4484
SHA1: 0c7d822e808babcb3ca3f390e1992d483a26aa53
SHA256:fc57714ee8b1e4ab39b9488c157f0843de71ba6708252cbe06c994ad9d72d1ee
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
log4j-over-slf4j-2.0.7.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.slf4j/log4j-over-slf4j@2.0.7   (Confidence:High)

logback-core-1.4.12.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.4.12/logback-core-1.4.12.jar
MD5: f4f32bd6fe5a6db6ab7aaccec5e4d036
SHA1: 670c77fc6e71cbb24dfabc9fc125f7536ed7a4ab
SHA256:132f1ae2e3be4e7ccbcaaec24cb7d16fc7e903d43cc69ad7ebc1a9ca54e9dcff
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
logback-core-1.4.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

maven-archiver-3.6.6.jar

Description:

Provides utility methods for creating JARs and other archive files from a Maven project.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-archiver/3.6.6/maven-archiver-3.6.6.jar
MD5: 90a8e313e036006b83bf936de1329b9e
SHA1: 79a87cb47533e77c382462ef554784832d5d9557
SHA256:9037dee318a68d7ee5dd2e20f2e657a39597ed2622b52e325ab9becddfbc4d38
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-archiver-3.6.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.maven/maven-archiver@3.6.6   (Confidence:High)

maven-artifact-3.9.12.jar

File Path: /home/runner/.m2/repository/org/apache/maven/maven-artifact/3.9.12/maven-artifact-3.9.12.jar
MD5: d834fe188642d22ce7318e6af0a605dd
SHA1: 39acdd4ad6b74b1c001ae7c0858482a11d0ead59
SHA256:4361cecd7e863c0992a6c901202afbb6db2a06b4f9a5e4b22481d4d39bcf137c
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-artifact-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-artifact@3.9.12   (Confidence:High)

maven-builder-support-3.9.12.jar

Description:

Support for descriptor builders (model, setting, toolchains)

File Path: /home/runner/.m2/repository/org/apache/maven/maven-builder-support/3.9.12/maven-builder-support-3.9.12.jar
MD5: 6afaba813236d781c7b3865f9fab3a44
SHA1: fe2fe54522eb2f77bd9b30cefc959d728d3f8105
SHA256:22a0345c7a90dbe7758209d52135967daa8aae6543c7016cb635891b0eceeed4
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-builder-support-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-builder-support@3.9.12   (Confidence:High)

maven-core-3.9.12.jar

Description:

Maven Core classes.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-core/3.9.12/maven-core-3.9.12.jar
MD5: 5988619119b33562228343c4ded75b9e
SHA1: a349a9dadebca9f2a2d1f99876f651a02961a366
SHA256:1ee217c759a895771a07a2018c026bba01373305d9bad0099f06dbbdbcf2c332
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-core-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

maven-model-3.9.12.jar

Description:

Model for Maven POM (Project Object Model)

File Path: /home/runner/.m2/repository/org/apache/maven/maven-model/3.9.12/maven-model-3.9.12.jar
MD5: 2eca810310f90f79e048265eb29165b9
SHA1: 6f91cb0e47b7fc6db492ed307b0c91b38bfce924
SHA256:d443a20cb801a7f116e10a80dd1ebf7aaae7182880d1097e0681d498c45e168b
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-model-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-model@3.9.12   (Confidence:High)

maven-model-builder-3.9.12.jar

Description:

The effective model builder, with inheritance, profile activation, interpolation, ...

File Path: /home/runner/.m2/repository/org/apache/maven/maven-model-builder/3.9.12/maven-model-builder-3.9.12.jar
MD5: 8d8d8278aeb6a462ce3421a5d1b7d7d5
SHA1: c1a74479d447e70d98ed5f03f6b32d54818ca046
SHA256:1cb12b9e51b9855599dd1d02e77f08ff88772e9d4b4a7c4ee1e5d7a4f2b9b9ea
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-model-builder-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-model-builder@3.9.12   (Confidence:High)

maven-plugin-annotations-3.15.2.jar

Description:

Java annotations to use in Mojos

File Path: /home/runner/.m2/repository/org/apache/maven/plugin-tools/maven-plugin-annotations/3.15.2/maven-plugin-annotations-3.15.2.jar
MD5: 6b86f30960ce2f9eac20c6657db588a2
SHA1: dfc79f3b5b0c3afd01f55b8b01310f457568d2a4
SHA256:979d3cf8f4ac804cc27d2f8a6db07f2149d58ccd59bb3d589cc46bb9a44c0b4b
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-plugin-annotations-3.15.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.maven.plugin-tools/maven-plugin-annotations@3.15.2   (Confidence:High)

maven-plugin-api-3.9.12.jar

Description:

The API for plugins - Mojos - development.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-plugin-api/3.9.12/maven-plugin-api-3.9.12.jar
MD5: 8fcc7f1f1457476e6c0d6c7746bd0960
SHA1: 2c2d5180b3dae0e6f91575fc2507429727e01cc9
SHA256:104a1e073e5484eae2eac594c6e49b59bdd1103fe480ceb9a3468cd427449570
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-plugin-api-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.maven/maven-plugin-api@3.9.12   (Confidence:High)

maven-reporting-api-4.0.0.jar

Description:

API to manage report generation.

File Path: /home/runner/.m2/repository/org/apache/maven/reporting/maven-reporting-api/4.0.0/maven-reporting-api-4.0.0.jar
MD5: 9c49fcb81d69bb5ec513d624c181fc05
SHA1: d3ad7e3d03463b5bd77e7d3ce94539cc723c8dfb
SHA256:cb2cbde3c9c7288f7398a250dcf3c90cf92714cff301f22b298e1091b5def33c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-reporting-api-4.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.apache.maven.reporting/maven-reporting-api@4.0.0   (Confidence:High)

maven-reporting-impl-4.0.0.jar

Description:

Abstract classes to manage report generation.

File Path: /home/runner/.m2/repository/org/apache/maven/reporting/maven-reporting-impl/4.0.0/maven-reporting-impl-4.0.0.jar
MD5: 302ed7d914dc813380d361d1acb83c2f
SHA1: d3753b5c13a873a5ddb71f404c6fe1179a4688c2
SHA256:e9e70fdb26ff8b1f15435e3a68866a25c85b1694007e0fbdfe84e48e946fe463
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-reporting-impl-4.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0   (Confidence:High)

maven-repository-metadata-3.9.12.jar

Description:

Per-directory local and remote repository metadata.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-repository-metadata/3.9.12/maven-repository-metadata-3.9.12.jar
MD5: 6099a10e5063820edf75037e3e777863
SHA1: 3ecfc216f9a56f15c6bd6b3e22567b0b6cb2183e
SHA256:b3688646dde74429e2e04ba4d7e1482f720bd68ab53824990089d0d8c821f1da
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-repository-metadata-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-repository-metadata@3.9.12   (Confidence:High)

maven-resolver-api-1.9.25.jar

Description:

The application programming interface for the repository system.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-api/1.9.25/maven-resolver-api-1.9.25.jar
MD5: 11a370687a765c2c2288bcff6f4f73cb
SHA1: 8b670256b812a45b1ca9ae1bbf7f1c0d00a9d4e4
SHA256:f414e7f40aff338cef65f836aabf6cd9a9e2a0f1bfa88589315beb0ac2f498c5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-resolver-api-1.9.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven.resolver/maven-resolver-api@1.9.25   (Confidence:High)

maven-resolver-impl-1.9.25.jar

Description:

An implementation of the repository system.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-impl/1.9.25/maven-resolver-impl-1.9.25.jar
MD5: 4792489c7592c08bebd235a7f2a3d4a1
SHA1: cc1bde9b56a2e95a181207958dcf40715dc71ab3
SHA256:8d28766de3a000efa3662d5f67e428ca225498a89001195f7b3c55ea7a8bc56d
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-impl-1.9.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven.resolver/maven-resolver-impl@1.9.25   (Confidence:High)

maven-resolver-named-locks-1.9.25.jar

Description:

A synchronization utility implementation using Named locks.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-named-locks/1.9.25/maven-resolver-named-locks-1.9.25.jar
MD5: d14b4f832e13dc00cfa3e5e36a60f666
SHA1: fb1c8c95f17c816c3ceb8692aa84cbb068df5d94
SHA256:e9fc779106713c33b4b5a7ed85e4273cfd7b9a96df7cf678eb0ac588f72669e3
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-named-locks-1.9.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven.resolver/maven-resolver-named-locks@1.9.25   (Confidence:High)

maven-resolver-provider-3.9.12.jar

Description:

Extensions to Maven Resolver for utilizing Maven POM and repository metadata.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-resolver-provider/3.9.12/maven-resolver-provider-3.9.12.jar
MD5: f7b422b347c8009da8335e848b00b800
SHA1: 44963f45b78f89a8479705493c48e01fc54ff9d6
SHA256:79be07f591709b41d35e3ede06244a3447330fad469499fd5decb7606be01005
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-provider-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-resolver-provider@3.9.12   (Confidence:High)

maven-resolver-spi-1.9.25.jar

Description:

The service provider interface for repository system implementations and repository connectors.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-spi/1.9.25/maven-resolver-spi-1.9.25.jar
MD5: 49f5e30b9862b489b9e8066c9744869a
SHA1: f81237d0140f9222cf4437c44756a53368a2d152
SHA256:781fafec23ea24f2624f3e3b48c674912f4bb1a1009a051df194307ed380280e
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-spi-1.9.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven.resolver/maven-resolver-spi@1.9.25   (Confidence:High)

maven-resolver-util-1.9.25.jar

Description:

A collection of utility classes to ease usage of the repository system.

License:

"Apache-2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt"
File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-util/1.9.25/maven-resolver-util-1.9.25.jar
MD5: 8c4a25d08ba8ba18a9f93a821d518273
SHA1: f755f6816d8fd63b09b8f2c9e1eaaa1f60c179e8
SHA256:e31330fdb29045f3087b4985cb488a5b5ebbcbd7d879fda14e6ed4dd61b1fdf7
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-resolver-util-1.9.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven.resolver/maven-resolver-util@1.9.25   (Confidence:High)

maven-settings-3.9.12.jar

Description:

Maven Settings model.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings/3.9.12/maven-settings-3.9.12.jar
MD5: c36d21412549711847bf183674c8d2ee
SHA1: ca072f2b90a59d36d8218dd4e1460722db6e2322
SHA256:eabb1adfa3ce3c9217318b6d289de20259ee42d7290660ed4358eecd56b5664f
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-settings-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-settings@3.9.12   (Confidence:High)

maven-settings-builder-3.9.12.jar

Description:

The effective settings builder, with inheritance and password decryption.

File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings-builder/3.9.12/maven-settings-builder-3.9.12.jar
MD5: d9dad42925db531f32bcc320783e7322
SHA1: 1ddd0b8da05d120768142176476a06f489cea11c
SHA256:92d137e366a4b4549eda848b52d968ef076ce24b9fb2db1b7a3083b9cc896eb1
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
maven-settings-builder-3.9.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.apache.maven/maven-settings-builder@3.9.12   (Confidence:High)

maven-shared-utils-3.4.2.jar

Description:

Shared utilities for use by Maven core and plugins

File Path: /home/runner/.m2/repository/org/apache/maven/shared/maven-shared-utils/3.4.2/maven-shared-utils-3.4.2.jar
MD5: 53a038f77a81cb5816ad2b1c7daa8711
SHA1: bfa28296272a5915b08de9f11f34a94b0a818fd0
SHA256:b613357e1bad4dfc1dead801691c9460f9585fe7c6b466bc25186212d7d18487
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
maven-shared-utils-3.4.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

mssql-jdbc-13.2.1.jre11.jar

Description:

		Microsoft JDBC Driver for SQL Server.

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /home/runner/.m2/repository/com/microsoft/sqlserver/mssql-jdbc/13.2.1.jre11/mssql-jdbc-13.2.1.jre11.jar
MD5: 6885a55fab61256d7d100b2f5a39d760
SHA1: 406aa00b60c1b30e1bb02e469530dd2e21f2eace
SHA256:2d137aa308c78932878952fe3624ea090ecfe644414b8b23e71a305f425698c5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
mssql-jdbc-13.2.1.jre11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/com.microsoft.sqlserver/mssql-jdbc@13.2.1   (Confidence:High)
  • pkg:maven/com.microsoft.sqlserver/mssql-jdbc@13.2.1.jre11   (Confidence:High)
  • cpe:2.3:a:microsoft:jdbc_driver_for_sql_server:13.2.1.jre11:*:*:*:*:*:*:*   (Confidence:Low)   
  • cpe:2.3:a:www-sql_project:www-sql:13.2.1.jre11:*:*:*:*:*:*:*   (Confidence:Highest)   

mysql-connector-j-9.6.0.jar

Description:

JDBC Type 4 driver for MySQL.

License:

The GNU General Public License, v2 with Universal FOSS Exception, v1.0
File Path: /home/runner/.m2/repository/com/mysql/mysql-connector-j/9.6.0/mysql-connector-j-9.6.0.jar
MD5: 41cceeac76ac319992d65c1c3558966e
SHA1: 0a76b3cf1facc2faca4b6e34c1a63ef5e7840131
SHA256:66df1d453789dc8cb759a7dc17f58646893bf28483f262328650f170472a6ead
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
mysql-connector-j-9.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

nashorn-core-15.4.jar

Description:

Nashorn is an Open Source JavaScript (ECMAScript 5.1 and some 6 features) engine for the JVM.

License:

GPL v2 with the Classpath exception: https://github.com/openjdk/nashorn/blob/main/LICENSE
File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar
MD5: a9b3360e6a486cf62c1952c7816b7d97
SHA1: f67f5ffaa5f5130cf6fb9b133da00c7df3b532a5
SHA256:6f816e84dfd63a81d4eaa7829c08337bbaff3ec683ff3bf6bbd90d017a00dc6f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
nashorn-core-15.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/org.openjdk.nashorn/nashorn-core@15.4   (Confidence:High)

nashorn-core-15.4.jar: base.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/base.js
MD5: 93c3e1b9f9491fb5b5df96a41441162c
SHA1: 6f2cfb7815fd7028792731ee5cd13651036e60bd
SHA256:824c73ce701b9820cc1b799e9af043f3663a72114be2a560ce1933ae1e4e496a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: bootstrap.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/bootstrap.js
MD5: 948cb0239b8abc93e84e813e2da8d6dc
SHA1: 79559bab4c6ae8b0ab573e37b82b50013f647956
SHA256:9ec201c6fcff2c9a2a536f80f8ea14f604092768011b5c4f59ec7b313cf359c4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: controls.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/controls.js
MD5: 4f9093fd24e64162c92385e1def8747f
SHA1: 016d3d27e7f9e8a6054d6248e1c2cfe72b062efd
SHA256:a065a17b974ffc3ac4c98a5177c21d39ccd70fa50eb9a4d10ed96074904285c8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: fxml.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/fxml.js
MD5: 262095de4844ffde10c018ef296107ee
SHA1: 5d41efdc93dac1dcecd4d6f3625f43a36af961bf
SHA256:0e411601888672288fdfa6c0018710c2156a2efef619cfd11719cdb0d63a2dfb
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: graphics.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/graphics.js
MD5: 471022fc763c3ec65292a7f1689c58ff
SHA1: 014c1893d89dc76adbca7a30992b1c8db36c4db5
SHA256:8c12199afd230a5d936f7390a290bf899d536a731cc2b240478ecb077c3dd292
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: media.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/media.js
MD5: 6eb77f5d138fab0f13d3601b0e68c2e1
SHA1: 385eb91d9f5d96d0575facda44c9cf1064c70a21
SHA256:e096e61fa52ef7109adae7011f5c7d004ca87aeeb43647af982e45dac77c2b0f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: mozilla_compat.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/mozilla_compat.js
MD5: dcd9c8927badf397f82274077a7a9b82
SHA1: f953a1b5e422f41c66bbf32f314f8de4e8de1995
SHA256:f52167e7cec0601b53af50e3e3d9359057c37356cb3fd6fbfe0ba451bd70ff04
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: parser.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/parser.js
MD5: b1c71079ce0792c735ce93bb05f77f04
SHA1: 1436e8c38788e10b774eb97bddb186f417a2352f
SHA256:bb1b0b23cd2f74fdaf9cb508cc0dfd9b37529c72086e4279cb27dad664e4a261
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: swing.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/swing.js
MD5: d92f35751bc4d6f50e6817884e7bd10e
SHA1: ebb47348ccaddb3f4dac31d91b839ce9bbc03d50
SHA256:7f1334e91b0d15bbcfcbd87b19ebf83f254065477f61e1a353ef1eaf9aaffe38
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

nashorn-core-15.4.jar: web.js

File Path: /home/runner/.m2/repository/org/openjdk/nashorn/nashorn-core/15.4/nashorn-core-15.4.jar/org/openjdk/nashorn/internal/runtime/resources/fx/web.js
MD5: c46659f1ba056770e2627807fc5f06d9
SHA1: c733b0eed6f6a37639039a77c496f9e4c2323cd4
SHA256:af7127f5a5af79f7c641a80b1dfa4de3bc6500c0a50258131379c7ec54b85484
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

ojdbc11-23.26.0.0.0.jar

Description:

 Oracle JDBC Driver compatible with JDK11, JDK17, JDK19, and JDK21

License:

Oracle Free Use Terms and Conditions (FUTC): https://www.oracle.com/downloads/licenses/oracle-free-license.html
File Path: /home/runner/.m2/repository/com/oracle/database/jdbc/ojdbc11/23.26.0.0.0/ojdbc11-23.26.0.0.0.jar
MD5: dd15886101e9e7f5eaf293881c72a072
SHA1: aea576f3827874d02b3dbd3ea6518955d0d1f1c7
SHA256:ef295bf01374dac7d791b3bc6526d10e8910ecac4645a95a3ca0c01cfc5c21d0
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
ojdbc11-23.26.0.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

options-1.6.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/headius/options/1.6/options-1.6.jar
MD5: 3e377fcbed4e25a91f24c814e0ad4c8d
SHA1: ad1647f0b713b8e05b437483573c772d4523a804
SHA256:c4c52c7931c945792d48c6010596195359a35a82d6ac36c645f14705b9a277db
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
options-1.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.schemaspy/schemaspy@7.0.2

Identifiers

  • pkg:maven/com.headius/options@1.6   (Confidence:High)

org.eclipse.sisu.inject-0.9.0.M4.jar

Description:

JSR330-based container; supports classpath scanning, auto-binding, and dynamic auto-wiring

License:

"Eclipse Public License, Version 2.0";link="https://www.eclipse.org/legal/epl-v20.html"
File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.inject/0.9.0.M4/org.eclipse.sisu.inject-0.9.0.M4.jar
MD5: ee95c1a11ba4ca38368d71ef05676cfc
SHA1: a062d8e12dc62e698c9f943a3fce94e366b4e220
SHA256:1cbd7a965a5e2a9ea823bab311962a4e5aa5c240705bdbad5a52b40ffdfa1004
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
org.eclipse.sisu.inject-0.9.0.M4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.eclipse.sisu/org.eclipse.sisu.inject@0.9.0.M4   (Confidence:High)

org.eclipse.sisu.plexus-0.9.0.M4.jar

Description:

Plexus-JSR330 adapter; adds Plexus support to the Sisu-Inject container

License:

"Eclipse Public License, Version 2.0";link="https://www.eclipse.org/legal/epl-v20.html"
File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.plexus/0.9.0.M4/org.eclipse.sisu.plexus-0.9.0.M4.jar
MD5: 51eea54bbc85323fc68f6a79f9b8f179
SHA1: 478f7935e88cd9da7ef01f509e4853e80ede9034
SHA256:b90579bc652eac7331436e0a25533fce14130b9c6e015f2dd3a3d4bb07e942b7
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
org.eclipse.sisu.plexus-0.9.0.M4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.12

Identifiers

  • pkg:maven/org.eclipse.sisu/org.eclipse.sisu.plexus@0.9.0.M4   (Confidence:High)

plexus-archiver-4.10.4.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-archiver/4.10.4/plexus-archiver-4.10.4.jar
MD5: ea8d87930621e6eac7034f0e87d99f09
SHA1: dda293cbe3c53d7ef952ade004ac2024c1df2507
SHA256:1f39d4f2906a04f501567cd1211cef3fd95fea4cb979e1eba1d8dd84e4b67098
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
plexus-archiver-4.10.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

plexus-cipher-2.0.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-cipher/2.0/plexus-cipher-2.0.jar
MD5: 55d612839faf248cbe3e273969c002c2
SHA1: 425ea8e534716b4bff1ea90f39bd76be951d651b
SHA256:9a7f1b5c5a9effd61eadfd8731452a2f76a8e79111fac391ef75ea801bea203a
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
plexus-cipher-2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-cipher@2.0   (Confidence:High)

plexus-classworlds-2.9.0.jar

Description:

A class loader framework

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-classworlds/2.9.0/plexus-classworlds-2.9.0.jar
MD5: 64e4ee5a1298f866d00f705e02058200
SHA1: ace0820f34de49f69511f5263bcebb09fac9731a
SHA256:1ad3292cd563381e3fd632f3fded1988f9e9b2be7a9f3db63ff4c4cedba13fa5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-classworlds-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.12

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-classworlds@2.9.0   (Confidence:High)

plexus-component-annotations-2.2.0.jar

Description:

Plexus Component Java Annotations, to describe plexus components properties in java sources with
    standard annotations instead of javadoc annotations.

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-component-annotations/2.2.0/plexus-component-annotations-2.2.0.jar
MD5: a2397189a5ce25e7d2d44effa9f5176c
SHA1: a506f84636ea7ae370d04167dd155c103e616f68
SHA256:50edb93c73786e62822b4fe1336e22880fdf147191373cf5c911370e16748fcf
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-component-annotations-2.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-component-annotations@2.2.0   (Confidence:High)

plexus-i18n-1.0-beta-10.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-i18n/1.0-beta-10/plexus-i18n-1.0-beta-10.jar
MD5: 7f36c0459c853750c627f682ec7bcf52
SHA1: 27506f59e54cc80b8c28b977c2bcd0478094e0cc
SHA256:b87f25b512ffafcafbf4a05ab943812e9c6915291370c6b46016eb3836886c41
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-i18n-1.0-beta-10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-i18n@1.0-beta-10   (Confidence:High)

plexus-interpolation-1.29.jar

Description:

The Plexus project provides a full software stack for creating and executing software projects.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.29/plexus-interpolation-1.29.jar
MD5: b1489e6968b874cecfe24cadb62b77db
SHA1: 5dd1b1fbaca263ad5baa169fbd8e804c789c9db5
SHA256:088d444dbcedfb384630d8686697ece3c401d6f33c8f8b3aa7259ea1c6996878
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-interpolation-1.29.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-interpolation@1.29   (Confidence:High)

plexus-io-3.6.0.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-io/3.6.0/plexus-io-3.6.0.jar
MD5: 0af7594f2b303839b65e3d78047a3338
SHA1: bcfac1a03aaaed4abf9c3f448df7d84f099f2170
SHA256:fc0f3effea7514e4f214df1afb672f54c982e78e5ca3b32b34196c7d056a1aa4
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
plexus-io-3.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-io@3.6.0   (Confidence:High)

plexus-sec-dispatcher-2.0.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-sec-dispatcher/2.0/plexus-sec-dispatcher-2.0.jar
MD5: e68635a721630177ac70173e441336b6
SHA1: f89c5080614ffd0764e49861895dbedde1b47237
SHA256:873139960c4c780176dda580b003a2c4bf82188bdce5bb99234e224ef7acfceb
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
plexus-sec-dispatcher-2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

plexus-utils-3.6.0.jar

Description:

A collection of various utility classes to ease working with strings, files, command lines, XML and
    more.

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-utils/3.6.0/plexus-utils-3.6.0.jar
MD5: 1d5893fecbc7ec13f205a1c5893e90ce
SHA1: e8bc129728f22671a36fff3b604edcd39073a7b1
SHA256:27ef130e32c236090e408fb5498d94cb9ea26d14070fb1c8985d607b62d098d1
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-utils-3.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.12

Identifiers

plexus-velocity-2.2.0.jar

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-velocity/2.2.0/plexus-velocity-2.2.0.jar
MD5: fd4bb44db19036ab360720360f09dccc
SHA1: 75a983b74a4c0adcd0751528ff397ae308ef6d0c
SHA256:3e7e902f492c973cf210ddb8267843a3b65e83f5067467e2f4d9af0051f6b8b9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-velocity-2.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-velocity@2.2.0   (Confidence:High)

plexus-xml-3.0.2.jar

Description:

A collection of various utility classes to ease working with XML in Maven 3.

File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-xml/3.0.2/plexus-xml-3.0.2.jar
MD5: e2feab7a114ac4a144632670734db7e4
SHA1: 70c207ae478a5011a14dcefe56f4bbda16e3bc87
SHA256:6a49fe0c49a06b5bcd6073ff16580fcb0dd87c50295e97a9fa9f95619b69921c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
plexus-xml-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/org.codehaus.plexus/plexus-xml@3.0.2   (Confidence:High)

postgresql-42.7.9.jar

Description:

PostgreSQL JDBC Driver Postgresql

License:

BSD-2-Clause: https://jdbc.postgresql.org/about/license.html
File Path: /home/runner/.m2/repository/org/postgresql/postgresql/42.7.9/postgresql-42.7.9.jar
MD5: 8fd1ae9cdd1b53c92ea269e9c9fab92f
SHA1: 2b748cd83a1ba3d6ef62dc64e075d1760f9a6d31
SHA256:88f1fc3992e80ec3b048f798030e9a014aa4783c40afb56d3e7a87ee0adf166f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
postgresql-42.7.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.postgresql/postgresql@42.7.9   (Confidence:High)
  • cpe:2.3:a:postgresql:postgresql_jdbc_driver:42.7.9:*:*:*:*:*:*:*   (Confidence:Low)   

protobuf-java-4.31.1.jar

Description:

    Core Protocol Buffers library. Protocol Buffers are a way of encoding structured data in an
    efficient yet extensible format.

License:

https://opensource.org/licenses/BSD-3-Clause
File Path: /home/runner/.m2/repository/com/google/protobuf/protobuf-java/4.31.1/protobuf-java-4.31.1.jar
MD5: 4987ffc8ba1965e5546bdcf49dcfffe2
SHA1: 1828b20315b63d5f71b3c61b094494a8f1acdc5a
SHA256:d60dfe7c68a0d38a248cca96924f289dc7e1966a887ee7cae397701af08575ae
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
protobuf-java-4.31.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.mysql/mysql-connector-j@9.6.0

Identifiers

schemaspy-7.0.2.jar

Description:

SchemaSpy generates HTML and PNG-based entity relationship diagrams from JDBC-enabled databases.

License:

LGPL-3.0-or-later: https://www.gnu.org/licenses/lgpl-3.0.txt
File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar
MD5: 2fda1a8a4973917e1f5bded4b44c3c22
SHA1: ab0356201dabfafb8bdc4194a586dd515369f339
SHA256:bd85a266bdb03325b09d659fced8e0820393a51ce335e8468f4c3476021ab4ad
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
schemaspy-7.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/nl.geodienstencentrum.maven/schemaspy-maven-plugin@5.4.0-SNAPSHOT

Identifiers

  • pkg:maven/org.schemaspy/schemaspy@7.0.2   (Confidence:High)
  • cpe:2.3:a:ada:ada:7.0.2:*:*:*:*:*:*:*   (Confidence:Low)   

CVE-2024-9410  

Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping endpoint.
CWE-918 Server-Side Request Forgery (SSRF)

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

schemaspy-7.0.2.jar: anchor.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/anchor-js/anchor.min.js
MD5: 59ccbcf40597fdbf5a3a5f88de29c39e
SHA1: 8dacf80a941783e6fc12bf00d5ae6f867b2edc92
SHA256:20804ad516e2b883aea5f1eb25f41e6cb8f498119454d9b8d48e25f1658f3e3f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: anomalies.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/anomalies.js
MD5: d41d8cd98f00b204e9800998ecf8427e
SHA1: da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: app.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/dist/js/app.js
MD5: 589220eddefd07d172948917bce32f46
SHA1: 3c14bff558126838fa30abe9bdcf4decf27f47c3
SHA256:e7107412589ffe7f372a5711948066ee763c4f68084475e3cb8aed2e431599f8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: app.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/dist/js/app.min.js
MD5: c97edde005d18d707bcf8f3185de7201
SHA1: 99e43178d50c0386a3b222551766cb08e81da1dd
SHA256:7a67b6c4dba7eceb6504af73c37a21b1d92a86f7331c85d7024ba36fcaff6236
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: bootstrap.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/bootstrap/js/bootstrap.js
MD5: fb81549ee2896513a1ed5714b1b1a0f0
SHA1: 3b965a36a6b08854ad6eddedf85c5319fd392b4a
SHA256:0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/bootstrap@3.3.7   (Confidence:Highest)

CVE-2016-10735  

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*

CVE-2018-14040  

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-14041  

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-14042  

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-20676  

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0

CVE-2018-20677  

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0

CVE-2019-8331  

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.1
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.3.0; versions up to (excluding) 4.3.1
  • cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.19.0

CVE-2024-6485 (RETIREJS)  

Unscored:

  • Severity: medium

References:

Bootstrap before 4.0.0 is end-of-life and no longer maintained. (RETIREJS)  

Bootstrap before 4.0.0 is end-of-life and no longer maintained.
Unscored:
  • Severity: low

References:

schemaspy-7.0.2.jar: bootstrap.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/bootstrap/js/bootstrap.min.js
MD5: 5869c96cc8f19086aee625d670d741f9
SHA1: 430a443d74830fe9be26efca431f448c1b3740f9
SHA256:53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/bootstrap@3.3.7   (Confidence:Highest)

CVE-2016-10735  

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*

CVE-2018-14040  

In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-14041  

In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-14042  

In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.0.0; versions up to (excluding) 4.1.2
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha3:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha4:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha5:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:alpha6:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:getbootstrap:bootstrap:4.0.0:beta3:*:*:*:*:*:*

CVE-2018-20676  

In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0

CVE-2018-20677  

In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0

CVE-2019-8331  

In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 12.1.0; versions up to (excluding) 12.1.5.1
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 13.0.0; versions up to (excluding) 13.1.3.4
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 14.0.0; versions up to (excluding) 14.1.2.5
  • cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:* versions from (including) 15.0.0; versions up to (excluding) 15.1.0
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.1
  • cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:* versions from (including) 4.3.0; versions up to (excluding) 4.3.1
  • cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.19.0

CVE-2024-6485 (RETIREJS)  

Unscored:

  • Severity: medium

References:

Bootstrap before 4.0.0 is end-of-life and no longer maintained. (RETIREJS)  

Bootstrap before 4.0.0 is end-of-life and no longer maintained.
Unscored:
  • Severity: low

References:

schemaspy-7.0.2.jar: buttons.bootstrap.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons-bs/js/buttons.bootstrap.js
MD5: d4f3fd56ffe8ee0dbdf57535e06e42e2
SHA1: fdf18cd630d82a89d6618753984edaf15fa24114
SHA256:11188b23c556bf2ff4d5e144cdad67faa417eb3c36eec6cbcd7b21566d9cfac1
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.bootstrap.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons-bs/js/buttons.bootstrap.min.js
MD5: ac22ff642b7e893d1481c3746e3a727e
SHA1: 31563ff1d6b172118d962a816259cbef55c9210d
SHA256:3c288a24e5ce97babfeb3f4ee1a222e97e26a1724709d7e0e238263e29197d9a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.colVis.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.colVis.js
MD5: 301a3927b58c194da0c7a1a28431fd2a
SHA1: 2c4dd397abee8d80eac8ebe5d79928ad508b48db
SHA256:f75eb463c4cdd2683c8cf79c3f7da9812d28f8891aacdea9253f8ae2c33100ec
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.colVis.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.colVis.min.js
MD5: f4b5cebb54c4c4a0064176d86997a8fa
SHA1: db37f14a84880332c9b2eea2f96c377054428fa6
SHA256:5fd6d20a56e70a8b57286ecdb5ac3c799352067b6289b91ceaafa9464aa698fa
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.flash.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.flash.js
MD5: 70a2e86e64be743e07cc4d4729d69a6b
SHA1: 968bc8c729cccf4b2052f55c57e6786a57059e3e
SHA256:7d7c21fff0f12cb4cff5eb443da61a5b91a6a917d8c4e9e01bb95aba69a41bd6
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.flash.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.flash.min.js
MD5: 59fca0bf56ec890473eb362b1b6d1ae9
SHA1: 1660dd65e991d7f9b01db8dfacca16b4d67e55c8
SHA256:19641b70e1838b0e77fbd359b3745bc795507789d12e4a4925640e7fb3654bf4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.html5.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.html5.js
MD5: 49ad4fd980e4865b8da5ce06be20bc39
SHA1: a06f13b6d2c4cd35e0cd7d16de813e0ce8172712
SHA256:27396117755d4ac15886ac6b6e498b4c2b04104e5e41ef97c30fe6aef57a959b
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.html5.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.html5.min.js
MD5: 4420f301dafa70f660c63dc9785c7dfb
SHA1: 48c16175a7ae240a54b65bba94eabce29045a0f9
SHA256:07a081c6a38ab09a0163aecaaf77713ffae6e09d06ba1a112efef22e01857ddc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.print.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.print.js
MD5: 66836cce3f63306ac9097560296f3ef8
SHA1: cf1ff4e63ad1b49cc47bc0e8b6c8a51423ca2235
SHA256:ea4a437952a00c782bee6c2021c7ed01c97f72deccefff93701fb904f4e5cb11
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: buttons.print.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/buttons.print.min.js
MD5: 584df2eac3d5cbe85d7693812711436e
SHA1: 8f12ab29e1cfd6ac99897ed0dc4d5ab9d1372ae3
SHA256:5cf40aa1a69063798764e5019279283e180a23ee74b824c0e7dfb39e97640050
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: codemirror.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/codemirror/codemirror.js
MD5: d1e82ecd62134c5d13d3318c8abd21dd
SHA1: 316b339b6e8e77186b47d66c88d7a45472a1c2d3
SHA256:6083403b7e8ffcb397a0e94165e1940557b02a992956f8d721a508bd440bd3a7
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: column.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/column.js
MD5: f659142a0d2e951265d20ce72ac79d9f
SHA1: 668fb47bc6853cd1915c7851a3d4855dfaab5264
SHA256:a4fd822f195bb1aa9bf12669c1a8166efb223c1c5bee3636b90557bb8388e799
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: constraint.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/constraint.js
MD5: fcdf35f00f5b51e252b016a78446be30
SHA1: 777d88b6b958c50896105a94298d574634ee320d
SHA256:7685a0571e152ab02dfba0b66a1c7057cb414eae721e8b09e37daa6318b99fb9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: dashboard.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/dist/js/pages/dashboard.js
MD5: e618d25f2ec4763ccf1a530140929169
SHA1: 0a216f26eb187e9e85ca49946b4e88996de72153
SHA256:684d0390d93e86519852c8ca211da17d0f5c67929083ec3d28feac11cf78afb9
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: dashboard2.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/dist/js/pages/dashboard2.js
MD5: f27ed9a5f9672cb99b8affac5f898e6b
SHA1: ec365e09b46ad82c98a3af6b04d9485e37c96b9f
SHA256:83ac475ae8ec97d1c2ffc88b4acb90ecd9aa99c37fb9ba33bf7161a3deabeef3
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: dataTables.bootstrap.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-bs/js/dataTables.bootstrap.js
MD5: 83b18e708e2df1204e52243778f64754
SHA1: 20b1140a1f0735ed99c0af52e0653d76c7233c5e
SHA256:b492281c0eb870d7bad0b4349aec7d20bc3ef5c2c3f91a1b33b6ab53bbcd9499
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: dataTables.bootstrap.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-bs/js/dataTables.bootstrap.min.js
MD5: 19b11075f9b46a3cd26fb39a6f252b5d
SHA1: 44074789abea496fc9402979617f7d815d5cc7a2
SHA256:5ffe7cb3959b946300c3d4a90edaa757c74b44d09ac2cc86c0daa7643d097bfb
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: dataTables.buttons.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/dataTables.buttons.js
MD5: 7016d72dae547c2994e996b3c6009541
SHA1: 28a64a8e38a7a4ad323893c164dc225af941fa05
SHA256:1e4fea9dc18d40a0a636a99a14bbdff16e8ec635f5d1c61c7d52c29f0e419d5a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: dataTables.buttons.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net-buttons/dataTables.buttons.min.js
MD5: f13069a97e70168015f3d4bbf36f876f
SHA1: 90f5439d64c59e0f1b9ec9c0fef9639b3bf9f4c9
SHA256:8aeaf60f6f34ced8ed9c83b249bdfc8544cc8f318294074898e6ced1d04e678c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: demo.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/dist/js/demo.js
MD5: 4683fb3e338cff969296e416d26046b9
SHA1: 61f01104b4b9b2f6eace6640b700857429676b13
SHA256:2353102eb576ea212082292278f5f48d5463edba544759072c0ba9e4fb6c8ee4
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: fastclick.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/fastclick/fastclick.js
MD5: 6e9d3b0da74f2a4a7042b494cdaa7c2e
SHA1: 06cef196733a710e77ad7e386ced6963f092dc55
SHA256:1aa08cb3c7aa70d268d24d59c374c14af7bd08e0af8c85f8e4f60a2651f4bab5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: fastclick.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/fastclick/fastclick.min.js
MD5: c5012b7a7be9ca08c1ea8056634b5b9d
SHA1: 4f1721e190356cf41677d009afddff17a3fd1aec
SHA256:32c983a4b3b87d8f7eafa40840c8791351a593c869a3029d8b7356a8cf6d2a94
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: html5shiv.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/html5shiv/html5shiv.min.js
MD5: 40bd440d29b3a9371b0c63fec41ee64f
SHA1: e790c26449c57de298923c686cb3434d1d461a1d
SHA256:dc9cbf19b48bae0d28f72e59e67d6ec34ab1644087ec2e8e42954180d1586b48
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: jquery-2.2.3.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/jQuery/jquery-2.2.3.min.js
MD5: 33cabfa15c1060aaa3d207c653afb1ee
SHA1: e3dbb65f2b541d842b50d37304b0102a2d5f2387
SHA256:6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/jquery@2.2.3.min   (Confidence:Highest)

CVE-2015-9251  

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.0.0
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_converged_application_server:*:*:*:*:*:*:*:* versions up to (excluding) 7.0.0.1
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:*:*:*:*:*:*:*:* versions up to (excluding) 6.1.0.4.0
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:* versions up to (excluding) 7.2
  • cpe:2.3:a:oracle:endeca_information_discovery_studio:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_operations_monitor:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_reconciliation_framework:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_reporting_and_analytics:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oss_support_tools:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:15.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:17.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.1; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:real-time_scheduler:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_allocation:15.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_sales_audit:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_workforce_management_software:1.60.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_workforce_management_software:1.64.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_ui_framework:18.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_ui_framework:18.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:* versions from (including) 4.3.0.1; versions up to (including) 4.3.0.4
  • cpe:2.3:a:oracle:utilities_mobile_workforce_management:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3:*:*:*:*:*:*:*

CVE-2019-11358  

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9
  • cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15
  • cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.9.4
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1
  • cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0
  • cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0
  • cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.0; versions up to (including) 6.4
  • cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3
  • cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2
  • cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (including) 8.6.3
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15
  • cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2.0; versions up to (including) 16.2.11
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4
  • cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3
  • cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:* versions up to (including) 19.8
  • cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*

CVE-2020-11022  

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.2; versions up to (excluding) 3.5.0
  • cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* versions from (including) 18.1; versions up to (including) 20.1
  • cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2
  • cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.2.2
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0; versions up to (including) 8.1.0.0.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2
  • cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20
  • cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9

CVE-2020-11023  

CISA Known Exploited Vulnerability:
  • Product: JQuery JQuery
  • Name: JQuery Cross-Site Scripting (XSS) Vulnerability
  • Date Added: 2025-01-23
  • Description: JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser.
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2025-02-13
  • Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6 ; https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.0.3; versions up to (excluding) 3.5.0
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 20.2
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0
  • cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0
  • cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2
  • cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.1; versions up to (including) 6.4
  • cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3
  • cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0
  • cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.41
  • cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2; versions up to (including) 16.2.11
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4
  • cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:* versions up to (including) 20.12
  • cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9

jquery issue: 11974 (RETIREJS)  

parseHTML() executes scripts in event handlers
Unscored:
  • Severity: medium

References:

jquery issue: 162 (RETIREJS)  

jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates
Unscored:
  • Severity: low

References:

schemaspy-7.0.2.jar: jquery-ui.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/jQueryUI/jquery-ui.js
MD5: 04a4db2983450a2970c459ba87b4210a
SHA1: 3efaf11e60ea8c541b6dc26f0ef09f195732587a
SHA256:0c8e8d7408611519ceda4e759ae9987834a17addc8f0028241ffed7fb0113612
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/jquery-ui-dialog@1.11.4   (Confidence:Highest)
  • pkg:javascript/jquery-ui@1.11.4   (Confidence:Highest)

CVE-2016-7103  

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:*:*:* versions from (including) 1.10.0; versions up to (including) 1.11.4
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1
  • cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.42
  • cpe:2.3:a:oracle:oss_support_tools:2.12.42:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 16.0; versions up to (including) 16.2
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.0; versions up to (including) 17.12.4
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 18.0; versions up to (including) 18.8.4
  • cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:* versions up to (including) 21.2
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*

CVE-2021-41182  

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0
  • cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 8.14.0
  • cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3
  • cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* versions up to (including) 8.0.29
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.25
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0

CVE-2021-41183  

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.2.0; versions up to (excluding) 9.2.11
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.3.0; versions up to (excluding) 9.3.3
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0
  • cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 11.14.0
  • cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3
  • cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* versions up to (including) 8.0.29
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.5
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0

CVE-2021-41184  

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.2.0; versions up to (excluding) 9.2.11
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.3.0; versions up to (excluding) 9.3.3
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0
  • cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 8.14.0
  • cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.25
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0

CVE-2022-31160  

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.0:*:*:*:*:drupal:*:*
  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.1:*:*:*:*:drupal:*:*
  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.2:*:*:*:*:drupal:*:*
  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.3:*:*:*:*:drupal:*:*
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.2
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

schemaspy-7.0.2.jar: jquery-ui.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/jQueryUI/jquery-ui.min.js
MD5: d935d506ae9c8dd9e0f96706fbb91f65
SHA1: 7f650ee30c6a4d3eea04032039b20ff72997559b
SHA256:c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/jquery-ui-dialog@1.11.4   (Confidence:Highest)
  • pkg:javascript/jquery-ui@1.11.4   (Confidence:Highest)

CVE-2016-7103  

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:*:*:* versions from (including) 1.10.0; versions up to (including) 1.11.4
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1
  • cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:hospitality_cruise_fleet_management:9.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.42
  • cpe:2.3:a:oracle:oss_support_tools:2.12.42:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 16.0; versions up to (including) 16.2
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.0; versions up to (including) 17.12.4
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 18.0; versions up to (including) 18.8.4
  • cpe:2.3:a:oracle:siebel_ui_framework:*:*:*:*:*:*:*:* versions up to (including) 21.2
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*

CVE-2021-41182  

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0
  • cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 8.14.0
  • cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3
  • cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* versions up to (including) 8.0.29
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.25
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:17.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:17.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0

CVE-2021-41183  

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.2.0; versions up to (excluding) 9.2.11
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.3.0; versions up to (excluding) 9.3.3
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0
  • cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 11.14.0
  • cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3
  • cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* versions up to (including) 8.0.29
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.5
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_gateway:18.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:19.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:20.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:21.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0

CVE-2021-41184  

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.86
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.2.0; versions up to (excluding) 9.2.11
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 9.3.0; versions up to (excluding) 9.3.3
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.0
  • cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:banking_platform:2.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_platform:2.12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:*:*:*:*:*:*:*:* versions up to (excluding) 23.1
  • cpe:2.3:a:oracle:big_data_spatial_and_graph:23.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_inventory_management:9.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_suite8:*:*:*:*:*:*:*:* versions from (including) 8.11.0; versions up to (including) 8.14.0
  • cpe:2.3:a:oracle:hospitality_suite8:8.10.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (including) 9.2.6.3
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.59:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.25
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:20.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:21.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:*:*:*:*:-:*:*:* versions up to (excluding) 22.1.1
  • cpe:2.3:a:oracle:rest_data_services:22.1.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:tenable.sc:*:*:*:*:*:*:*:* versions up to (excluding) 5.21.0

CVE-2022-31160  

jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Versions prior to 1.13.2 are potentially vulnerable to cross-site scripting. Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. Calling `.checkboxradio( "refresh" )` on such a widget and the initial HTML contained encoded HTML entities will make them erroneously get decoded. This can lead to potentially executing JavaScript code. The bug has been patched in jQuery UI 1.13.2. To remediate the issue, someone who can change the initial HTML can wrap all the non-input contents of the `label` in a `span`.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.0:*:*:*:*:drupal:*:*
  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.1:*:*:*:*:drupal:*:*
  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.2:*:*:*:*:drupal:*:*
  • cpe:2.3:a:drupal:jquery_ui_checkboxradio:8.x-1.3:*:*:*:*:drupal:*:*
  • cpe:2.3:a:jqueryui:jquery_ui:*:*:*:*:*:jquery:*:* versions up to (excluding) 1.13.2
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

schemaspy-7.0.2.jar: jquery.dataTables.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/datatables.net/jquery.dataTables.min.js
MD5: bcf14f55a3878cef5e522906ce13235b
SHA1: 588658fcd1f3acda0cd435dd583b1fe869d8f67b
SHA256:8f4d3b47b47a8a31163dad5d7fb15e27a0056d07b0c34c6089fd9225664e847c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/jquery.datatables@1.10.15   (Confidence:Highest)

CVE-2020-28458  

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.
CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVSSv3:
  • Base Score: HIGH (7.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:3.9/RC:R/MAV:A
CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:datatables:datatables.net:*:*:*:*:*:node.js:*:* versions up to (excluding) 1.10.23

CVE-2021-23445  

This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:datatables:datatables.net:*:*:*:*:*:node.js:*:* versions up to (excluding) 1.11.3

prototype pollution (RETIREJS)  

prototype pollution
Unscored:
  • Severity: medium

References:

possible XSS (RETIREJS)  

possible XSS
Unscored:
  • Severity: low

References:

schemaspy-7.0.2.jar: jquery.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/jquery/jquery.js
MD5: 09dd64a64ba840c31a812a3ca25eaeee
SHA1: fd81582bf1b15e6747472df880ca822c362a97d1
SHA256:0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • pkg:javascript/jquery@3.2.1   (Confidence:Highest)

CVE-2019-11358  

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.11.0; versions up to (excluding) 1.11.9
  • cpe:2.3:a:backdropcms:backdrop:*:*:*:*:*:*:*:* versions from (including) 1.12.0; versions up to (excluding) 1.12.6
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.66
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.5.0; versions up to (excluding) 8.5.15
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (excluding) 8.6.15
  • cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* versions from (including) 3.0.0; versions up to (including) 3.9.4
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions up to (excluding) 3.4.0
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 19.1
  • cpe:2.3:a:oracle:application_service_level_management:13.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_service_level_management:13.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:12.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0
  • cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0
  • cpe:2.3:a:oracle:bi_publisher:5.5.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:big_data_discovery:1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_process_management_suite:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.0; versions up to (including) 6.4
  • cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3
  • cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_operations_monitor:4.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_unified_inventory_management:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:diagnostic_assistant:2.12.36:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 7.3.3; versions up to (including) 7.3.5
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:*:*:*:*:*:*:*:* versions from (including) 8.0.5; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_enterprise_financial_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.2; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:financial_services_retail_customer_analytics:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.6
  • cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_retail_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing:2.4.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2
  • cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:identity_manager:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.4; versions up to (including) 8.0.7
  • cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_ifrs_17_analyzer:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_performance_insight:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper_and_adf:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:knowledge:*:*:*:*:*:*:*:* versions from (including) 8.6.0; versions up to (including) 8.6.3
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15
  • cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.15
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2.0; versions up to (including) 16.2.11
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4
  • cpe:2.3:a:oracle:primavera_gateway:15.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:* versions from (including) 17.7; versions up to (including) 17.12
  • cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:real-time_scheduler:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3
  • cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_central_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_central_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:15.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_insights:16.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:18.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_point-of-service:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_point-of-service:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:service_bus:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_mobile_applications:*:*:*:*:*:*:*:* versions up to (including) 19.8
  • cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:system_utilities:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:tape_library_acsls:8.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:tape_library_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:transportation_management:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:utilities_mobile_workforce_management:*:*:*:*:*:*:*:* versions from (including) 2.3.0.1; versions up to (including) 2.3.0.3
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:virtualization_manager:4.3:*:*:*:*:*:*:*

CVE-2020-11022  

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.2; versions up to (excluding) 3.5.0
  • cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_lifecycle_management_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:agile_product_supplier_collaboration_for_process:6.2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:*:*:*:*:*:*:*:* versions from (including) 18.1; versions up to (including) 20.1
  • cpe:2.3:a:oracle:banking_digital_experience:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:18.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:19.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_digital_experience:20.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2
  • cpe:2.3:a:oracle:communications_application_session_controller:3.8m0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5.0.23.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0.0.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_diameter_signaling_router_idih\::*:*:*:*:*:*:*:* versions from (including) 8.0.0; versions up to (including) 8.2.2
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* versions from (including) 8.0.6.0.0; versions up to (including) 8.1.0.0.0
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_analytical_applications_reconciliation_framework:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_asset_liability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_balance_sheet_planning:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_basic:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_basel_regulatory_capital_internal_ratings_based_approach:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_data_governance_for_us_regulatory_reporting:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_data_integration_hub:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_funds_transfer_pricing:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_institutional_performance_analytics:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_liquidity_risk_measurement_and_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.8
  • cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_market_risk_measurement_and_management:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_price_creation_and_discovery:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_profitability_management:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_european_banking_authority:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_us_federal_reserve:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.0.9
  • cpe:2.3:a:oracle:healthcare_foundation:7.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_foundation:7.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_materials_control:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:*:*:*:*:*:*:*:* versions from (including) 19.1.0; versions up to (including) 19.1.2
  • cpe:2.3:a:oracle:hospitality_simphony:18.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:18.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hospitality_simphony:19.1.0-19.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_accounting_analyzer:8.0.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.0.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_allocation_manager_for_enterprise_profitability:8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_data_foundation:*:*:*:*:*:*:*:* versions from (including) 8.0.6; versions up to (including) 8.1.0
  • cpe:2.3:a:oracle:insurance_data_foundation:8.0.6-8.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:*:*:*:*:*:*:*:* versions from (including) 5.0.0.0; versions up to (including) 5.6.0.0
  • cpe:2.3:a:oracle:insurance_insbridge_rating_and_underwriting:5.6.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdeveloper:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20
  • cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:policy_automation_for_mobile_devices:*:*:*:*:*:*:*:* versions from (including) 12.2.0; versions up to (including) 12.2.20
  • cpe:2.3:a:oracle:retail_back_office:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_back_office:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:19.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:retail_returns_management:14.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:siebel_ui_framework:20.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9

CVE-2020-11023  

CISA Known Exploited Vulnerability:
  • Product: JQuery JQuery
  • Name: JQuery Cross-Site Scripting (XSS) Vulnerability
  • Date Added: 2025-01-23
  • Description: JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's browser.
  • Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
  • Due Date: 2025-02-13
  • Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6 ; https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ ; https://nvd.nist.gov/vuln/detail/CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions (NVD):

  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 7.0; versions up to (excluding) 7.70
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.7.0; versions up to (excluding) 8.7.14
  • cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* versions from (including) 8.8.0; versions up to (excluding) 8.8.6
  • cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:* versions from (including) 1.0.3; versions up to (excluding) 3.5.0
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vsphere:*:*
  • cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
  • cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:hci_baseboard_management_controller:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:max_data:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:oncommand_system_manager:*:*:*:*:*:*:*:* versions from (including) 3.0; versions up to (including) 3.1.3
  • cpe:2.3:a:netapp:snap_creator_framework:-:*:*:*:*:*:*:*
  • cpe:2.3:a:netapp:snapcenter_server:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:application_express:*:*:*:*:*:*:*:* versions up to (excluding) 20.2
  • cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:banking_enterprise_collections:*:*:*:*:*:*:*:* versions from (including) 2.7.0; versions up to (including) 2.8.0
  • cpe:2.3:a:oracle:banking_platform:*:*:*:*:*:*:*:* versions from (including) 2.4.0; versions up to (including) 2.10.0
  • cpe:2.3:a:oracle:blockchain_platform:*:*:*:*:*:*:*:* versions up to (excluding) 21.1.2
  • cpe:2.3:a:oracle:blockchain_platform:21.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:business_intelligence:5.9.0.0.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:communications_analytics:12.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_eagle_application_processor:*:*:*:*:*:*:*:* versions from (including) 16.1.0; versions up to (including) 16.4.0
  • cpe:2.3:a:oracle:communications_element_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_element_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* versions from (including) 6.1; versions up to (including) 6.4
  • cpe:2.3:a:oracle:communications_operations_monitor:*:*:*:*:*:*:*:* versions from (including) 4.1; versions up to (including) 4.3
  • cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_services_gatekeeper:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_report_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_regulatory_reporting_for_de_nederlandsche_bank:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:financial_services_revenue_management_and_billing_analytics:2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:health_sciences_inform:6.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:healthcare_translational_research:3.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_orchestrator:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0
  • cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:*:*:*:*:*:*:*:* versions up to (excluding) 9.2.5.0
  • cpe:2.3:a:oracle:oss_support_tools:*:*:*:*:*:*:*:* versions up to (excluding) 2.12.41
  • cpe:2.3:a:oracle:peoplesoft_enterprise_human_capital_management_resources:9.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 16.2; versions up to (including) 16.2.11
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 17.12.0; versions up to (including) 17.12.7
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 18.8.0; versions up to (including) 18.8.9
  • cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:* versions from (including) 19.12.0; versions up to (including) 19.12.4
  • cpe:2.3:a:oracle:rest_data_services:11.2.0.4:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.1.0.2:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:12.2.0.1:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:18c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:rest_data_services:19c:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:siebel_mobile:*:*:*:*:*:*:*:* versions up to (including) 20.12
  • cpe:2.3:a:oracle:storagetek_acsls:8.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:webcenter_sites:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:* versions up to (excluding) 6.0.9

schemaspy-7.0.2.jar: jquery.slimscroll.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/slimScroll/jquery.slimscroll.js
MD5: 6ee5ab5d89857be6eaf08b63eb3246b0
SHA1: 1988633067079e50c05ac4bf42eb59c97aa96992
SHA256:e0ae991f3c0c611e7f794d9278321a072bacfea922f48158f219b197953a0f56
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: jquery.slimscroll.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/plugins/slimScroll/jquery.slimscroll.min.js
MD5: f1dbc7920f93bd2b1dcfede95b473e4e
SHA1: 54dd07a613abfc09c6bf6aacdc2a5d089073e10b
SHA256:a84ffabdd498cd0bbd960a2c2b1845a65113bd6bea00096602e47ec8f87fd122
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: main.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/main.js
MD5: c6d0b8e77bd0105442dda80bb00b01e9
SHA1: e1a573a52319237af8b5d4b6b6f2f7748fed4321
SHA256:d54e351e375835aaa105fab3cfb73fedb4206ee0dc8d228d8b4ed0a08fc8dcfe
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: npm.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/admin-lte/bootstrap/js/npm.js
MD5: ccb7f3909e30b1eb8f65a24393c6e12b
SHA1: e2b7590d6ec1fdac66b01fdf66ae0879f53b1262
SHA256:c7aa82a1aa7d45224a38d926d2adaff7fe4aef5bcdafa2a47bdac057f4422c2d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: pdfmake.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/pdfmake/pdfmake.min.js
MD5: 130f523ea67129c5bb064a5db8c98829
SHA1: 89a69ec428dca66a4131734b11db2810beeac622
SHA256:e6cd72039171e4c5ef6e234a3ea806707d3252234d327ceb7cf69bdff3d9392d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: relationships.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/relationships.js
MD5: 920f55f8a197bae3ecbe0d907d788819
SHA1: 0a9e67abba65c0d55c85b79f3a2f51caf7eeeab8
SHA256:9be5e21c869973701cb19051bcf1a5eeca80fa04ae8d1a2840ddb3151251e17a
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: respond.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/respond/respond.min.js
MD5: afc1984a3d17110449dc90cf22de0c27
SHA1: b5aba40d65b0d6f85859db47f757ea971a0efd30
SHA256:83a8807ef669fa70d0d9375347f5552897f76c6ae8e2e6f97ef592595462d8d1
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: routine.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/routines/routine.js
MD5: 994bf1fa88cf190d123b20295697f173
SHA1: faba18a0dd61a8875f05f65350847ab194c61dc7
SHA256:c7610ac41fcafd6566dd04117f93d31532423684fbc97dd1ab6e38ad910759ec
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: routines.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/routines.js
MD5: b20cb8c84bc371bdba28e0e6ada01cf0
SHA1: 1c4312445f68a316ff3257a1bcb2ad92a69a9465
SHA256:d7fbad9d375979039e0a7f26a11211fd3bba4b8d000317f88149b493d6861f06
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: salvattore.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/salvattore/salvattore.min.js
MD5: e777a377c4b6629dd095ae07709f814b
SHA1: 936d17d233eb43856dab36d8e3db1f16c13ffc95
SHA256:ec3b330e880a042023f8af4b52db57de99d0d38819900c1b9ef8c6c7c3b62a30
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: schemaSpy.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/schemaSpy.js
MD5: 4702bba66246aae9659e315ca2041a87
SHA1: feb05dc22646161c9ab25bc179b0643e69d9aff6
SHA256:56e99aaf99b8443e57a9f2bd247db7017b90e97389f7a517df2057bd41532034
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: sql.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/codemirror/sql.js
MD5: 407f4fc907254cc5678ee89214e2bfb5
SHA1: 68bf7356c2d20f962c61c373d920d929bf4333a3
SHA256:e2b95aaecc29e6a2544c7bc6827dfe16c5b96055de996a69a888b8f2042a6471
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: table.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/tables/table.js
MD5: f0ccfcbabeab85d2d0e9a4bfc8e2fabd
SHA1: 62f7a223787e9a8ba4cdd997a9fc491568180721
SHA256:4db23338d36521d569e2793d8f393135f8df2391cd7de335c5889a9d181ef46d
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: vfs_fonts.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/pdfmake/vfs_fonts.js
MD5: 795e143b8f4eeb5089b2638cdeca7006
SHA1: 914c1db78046ed67723702de671b32a0b591206f
SHA256:5cb81fa70754070475938e9859359a268122c9b62cac154ebb8e120e812662cc
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: viz.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/viz.js
MD5: 50c0fe0cec14d1030d023b260f8ee1b7
SHA1: 8c15e61d28791e45824922e3e81cd8c5c5bba618
SHA256:b6f33297afb84c5ef7c2f572d800390a4dd0c5186b5c5488a1762b49d1c9fe9f
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

schemaspy-7.0.2.jar: xlsx.full.min.js

File Path: /home/runner/.m2/repository/org/schemaspy/schemaspy/7.0.2/schemaspy-7.0.2.jar/layout/bower/js-xlsx/xlsx.full.min.js
MD5: b234f9d123c694019d2721c90ff9f8df
SHA1: cfd5eeb3cc1f745b88c21f76450a6e560b53584b
SHA256:6dbcaacf07c01b3888e33ffe354eb848aab1177f303d5179e4f9d2ca0bdd484c
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile

Identifiers

  • None

slf4j-api-1.7.36.jar

Description:

The slf4j API

File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/1.7.36/slf4j-api-1.7.36.jar
MD5: 872da51f5de7f3923da4de871d57fd85
SHA1: 6c62681a2f655b49963a5983b8b0950a6120ae14
SHA256:d3ef575e3e4979678dc01bf1dcce51021493b4d11fb7f1be8ad982877c16a1c0
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
slf4j-api-1.7.36.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-core@3.9.12

Identifiers

  • pkg:maven/org.slf4j/slf4j-api@1.7.36   (Confidence:High)

velocity-engine-core-2.4.jar

Description:

Apache Velocity is a general purpose template engine.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/velocity/velocity-engine-core/2.4/velocity-engine-core-2.4.jar
MD5: 8dc3c7a26823ee88253f7aa9250c094e
SHA1: 55dfc20bbc4968cf70c5ae5165b5b0324e0067d9
SHA256:1bf78c2ade46f209bf93ebe72ed2af5b989ca7a1de0a015fc1b92a62f56b6549
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
velocity-engine-core-2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

velocity-tools-generic-3.1.jar

Description:

Generic tools that can be used in any context.

File Path: /home/runner/.m2/repository/org/apache/velocity/tools/velocity-tools-generic/3.1/velocity-tools-generic-3.1.jar
MD5: 76f13879ead8693fd4d5751a8a236089
SHA1: 07aaa49086a64cd9dab967a8437cc03abbfad655
SHA256:8258cfdcaa16127f35ffe610a3fa4f76b7ebe51b88922c73c4ee39ce8f378ce5
Referenced In Project/Scope: SchemaSpy Maven Plugin:compile
velocity-tools-generic-3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0

Identifiers

xz-1.10.jar

Description:

XZ data compression

License:

0BSD
File Path: /home/runner/.m2/repository/org/tukaani/xz/1.10/xz-1.10.jar
MD5: 56e3fd256e5423a74393bd5eaa5302bb
SHA1: 1be8166f89e035a56c6bfc67dbc423996fe577e2
SHA256:95c63c1a55b22dd6453890a419cc1a640f790bbf7d8ae82db1e30aefefb08888
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
xz-1.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/org.tukaani/xz@1.10   (Confidence:High)

zstd-jni-1.5.7-6.jar

Description:

JNI bindings for Zstd native library that provides fast and high compression lossless algorithm for Java and all JVM languages.

License:

BSD 2-Clause License: https://opensource.org/licenses/BSD-2-Clause
File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.7-6/zstd-jni-1.5.7-6.jar
MD5: 47f279a106a9d6e40997522286e14545
SHA1: 5ce34668f1ec629a343b9047f36c6cc4c0d3683a
SHA256:8d6feb1da335f3ab13c584c613e23c7b3c61b392e37956872057baf8f0ca1d6f
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided
zstd-jni-1.5.7-6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-archiver@3.6.6

Identifiers

  • pkg:maven/com.github.luben/zstd-jni@1.5.7-6   (Confidence:High)

zstd-jni-1.5.7-6.jar: libzstd-jni-1.5.7-6.dll

File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.7-6/zstd-jni-1.5.7-6.jar/win/aarch64/libzstd-jni-1.5.7-6.dll
MD5: 40a2ccdd3fc6a6282bb9cc427718d021
SHA1: c63849c64e00f4049d7978aecbe4728a52282f25
SHA256:f1b3d1c39db78dcd796f2a043b1c134a89a7c75bd809f280cad0f7b18a33b933
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided

Identifiers

  • None

zstd-jni-1.5.7-6.jar: libzstd-jni-1.5.7-6.dll

File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.7-6/zstd-jni-1.5.7-6.jar/win/amd64/libzstd-jni-1.5.7-6.dll
MD5: 988e6931fb44ee3e37bb3bb2297914cb
SHA1: dc865576405cd70395c30ad70a2819ba4fdd544f
SHA256:1fd955be93409b952e052201fb31e680facfe48ec80117a6274ef059f2076a3c
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided

Identifiers

  • None

zstd-jni-1.5.7-6.jar: libzstd-jni-1.5.7-6.dll

File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.7-6/zstd-jni-1.5.7-6.jar/win/x86/libzstd-jni-1.5.7-6.dll
MD5: 5c6c8438f943e23d1d8d7f34ee9d2fb1
SHA1: 5e1fb459e0dfeb6714782fe10d776283991db19f
SHA256:80c256b09fa4534bd2a5f25e9d7253001cba1a72a569cf5af54d2dc8caa5a29d
Referenced In Project/Scope: SchemaSpy Maven Plugin:provided

Identifiers

  • None


This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.