Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: iotmonitor

org.flasby:iotmonitor:1.0-SNAPSHOT

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
FlasbyUtil-1.0.15-SNAPSHOT.jarcpe:2.3:a:steve_project:steve:1.0.15:snapshot:*:*:*:*:*:*pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT 0Low49
FlasbyUtil-1.0.15-SNAPSHOT.jar: TEMPLATE.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: _template.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: dialog.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: flasby.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: json.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: json.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: message.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: message.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: pagebus.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: pagebus.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: search.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: table.js 00
FlasbyUtil-1.0.15-SNAPSHOT.jar: table.js 00
annotations-13.0.jarpkg:maven/org.jetbrains/annotations@13.0 032
attoparser-2.0.7.RELEASE.jarpkg:maven/org.attoparser/attoparser@2.0.7.RELEASE 042
classes.js 00
eventbus.js 00
goat.js 00
gson-2.10.1.jarcpe:2.3:a:google:gson:2.10.1:*:*:*:*:*:*:*pkg:maven/com.google.code.gson/gson@2.10.1 0Highest33
jackson-core-2.18.3.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.18.3:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.18.3 0Low47
jackson-databind-2.18.3.jarcpe:2.3:a:fasterxml:jackson-databind:2.18.3:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.18.3:*:*:*:*:*:*:*		pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.18.3 0Highest41
jackson-module-kotlin-2.15.2.jarpkg:maven/com.fasterxml.jackson.module/jackson-module-kotlin@2.15.2 061
jakarta.validation-api-3.0.2.jarpkg:maven/jakarta.validation/jakarta.validation-api@3.0.2 056
javalin-6.3.0.jarpkg:maven/io.javalin/javalin@6.3.0 021
javalin-openapi-plugin-6.3.0.jarpkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0 033
javalin-redoc-plugin-6.3.0.jarpkg:maven/io.javalin.community.openapi/javalin-redoc-plugin@6.3.0 033
javalin-rendering-6.3.0.jarpkg:maven/io.javalin/javalin-rendering@6.3.0 023
javalin-swagger-plugin-6.3.0.jarpkg:maven/io.javalin.community.openapi/javalin-swagger-plugin@6.3.0 033
javassist-3.29.0-GA.jarpkg:maven/org.javassist/javassist@3.29.0-GA 056
jbcrypt-0.4.jarcpe:2.3:a:mindrot:jbcrypt:0.4:*:*:*:*:*:*:*pkg:maven/org.mindrot/jbcrypt@0.4 0Highest29
jetty-io-11.0.23.jarcpe:2.3:a:eclipse:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jetty:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mortbay_jetty:jetty:11.0.23:*:*:*:*:*:*:*		pkg:maven/org.eclipse.jetty/jetty-io@11.0.23MEDIUM2Highest35
jetty-jakarta-servlet-api-5.0.2.jarpkg:maven/org.eclipse.jetty.toolchain/jetty-jakarta-servlet-api@5.0.2 028
jetty-server-11.0.23.jarcpe:2.3:a:eclipse:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jetty:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jetty:jetty_http_server:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mortbay_jetty:jetty:11.0.23:*:*:*:*:*:*:*		pkg:maven/org.eclipse.jetty/jetty-server@11.0.23MEDIUM2Highest35
js-tokens-5.0.0.jarpkg:maven/org.webjars.npm/js-tokens@5.0.0 015
js-tokens-5.0.0.jar: index.js 00
js-tokens-5.0.0.jar: package.json 00
kotlin-reflect-1.5.32.jarcpe:2.3:a:jetbrains:kotlin:1.5.32:*:*:*:*:*:*:*pkg:maven/org.jetbrains.kotlin/kotlin-reflect@1.5.32MEDIUM1Highest31
kotlin-stdlib-1.9.22.jarcpe:2.3:a:jetbrains:kotlin:1.9.22:*:*:*:*:*:*:*pkg:maven/org.jetbrains.kotlin/kotlin-stdlib@1.9.22 0Highest27
kotlin-stdlib-jdk7-1.9.25.jarcpe:2.3:a:jetbrains:kotlin:1.9.25:*:*:*:*:*:*:*pkg:maven/org.jetbrains.kotlin/kotlin-stdlib-jdk7@1.9.25 0Highest25
log4j-core-2.24.3.jarcpe:2.3:a:apache:log4j:2.24.3:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-core@2.24.3 0Highest40
lombok-1.18.36.jarpkg:maven/org.projectlombok/lombok@1.18.36 036
lombok-1.18.36.jar: mavenEcjBootstrapAgent.jar 07
main.js 00
ognl-3.3.4.jarcpe:2.3:a:ognl_project:ognl:3.3.4:*:*:*:*:*:*:*pkg:maven/ognl/ognl@3.3.4 0Highest27
openapi-specification-6.3.0.jarpkg:maven/io.javalin.community.openapi/openapi-specification@6.3.0 030
redoc-2.0.0-rc.70.jarpkg:maven/org.webjars.npm/redoc@2.0.0-rc.70 014
redoc-2.0.0-rc.70.jar: package.json 00
redoc-2.0.0-rc.70.jar: redoc.browser.lib.js 00
redoc-2.0.0-rc.70.jar: redoc.lib.js 00
redoc-2.0.0-rc.70.jar: redoc.standalone.jspkg:javascript/DOMPurify@2.2.9HIGH43
slf4j-api-2.0.17.jarpkg:maven/org.slf4j/slf4j-api@2.0.17 029
slf4j-simple-2.0.16.jarpkg:maven/org.slf4j/slf4j-simple@2.0.16 037
swagger-ui-3.52.5.jarpkg:maven/org.webjars/swagger-ui@3.52.5MEDIUM123
swagger-ui-3.52.5.jar: swagger-ui-bundle.jspkg:javascript/DOMPurify@2.2.9HIGH43
swagger-ui-3.52.5.jar: swagger-ui-es-bundle-core.js 00
swagger-ui-3.52.5.jar: swagger-ui-es-bundle.jspkg:javascript/DOMPurify@2.2.9HIGH43
swagger-ui-3.52.5.jar: swagger-ui-standalone-preset.js 00
swagger-ui-3.52.5.jar: swagger-ui.js 00
thymeleaf-3.1.3.RELEASE.jarcpe:2.3:a:thymeleaf:thymeleaf:3.1.3:release:*:*:*:*:*:*pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE 0Highest23
unbescape-1.1.6.RELEASE.jarpkg:maven/org.unbescape/unbescape@1.1.6.RELEASE 042
websocket-core-server-11.0.23.jarcpe:2.3:a:eclipse:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jetty:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mortbay_jetty:jetty:11.0.23:*:*:*:*:*:*:*		pkg:maven/org.eclipse.jetty.websocket/websocket-core-server@11.0.23MEDIUM2Highest37
websocket-jetty-server-11.0.23.jarcpe:2.3:a:eclipse:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jetty:jetty:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:jetty:jetty_http_server:11.0.23:*:*:*:*:*:*:*
cpe:2.3:a:mortbay_jetty:jetty:11.0.23:*:*:*:*:*:*:*		pkg:maven/org.eclipse.jetty.websocket/websocket-jetty-server@11.0.23MEDIUM2Highest39
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.annotation:jakarta.annotation-api:2.1.1)cpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1 0Low20
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.el:jakarta.el-api:5.0.1)cpe:2.3:a:eclipse:jakarta_expression_language:5.0.1:*:*:*:*:*:*:*pkg:maven/jakarta.el/jakarta.el-api@5.0.1 0Low22
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.enterprise:jakarta.enterprise.cdi-api:4.0.1)cpe:2.3:a:redhat:enterprise_ipa:4.0.1:*:*:*:*:*:*:*pkg:maven/jakarta.enterprise/jakarta.enterprise.cdi-api@4.0.1 0Low61
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.enterprise:jakarta.enterprise.lang-model:4.0.1)pkg:maven/jakarta.enterprise/jakarta.enterprise.lang-model@4.0.1 09
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.inject:jakarta.inject-api:2.0.1)pkg:maven/jakarta.inject/jakarta.inject-api@2.0.1 040
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.interceptor:jakarta.interceptor-api:2.1.0)pkg:maven/jakarta.interceptor/jakarta.interceptor-api@2.1.0 022
weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.servlet:jakarta.servlet-api:6.0.0)cpe:2.3:a:oracle:projects:6.0.0:*:*:*:*:*:*:*pkg:maven/jakarta.servlet/jakarta.servlet-api@6.0.0 0Low22
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.classfilewriter:jboss-classfilewriter:1.3.0.Final)pkg:maven/org.jboss.classfilewriter/jboss-classfilewriter@1.3.0.Final 018
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.jdeparser:jdeparser:2.0.3.Final)pkg:maven/org.jboss.jdeparser/jdeparser@2.0.3.Final 010
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.logging:jboss-logging-annotations:2.2.1.Final)pkg:maven/org.jboss.logging/jboss-logging-annotations@2.2.1.Final 09
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.logging:jboss-logging-processor:2.2.1.Final)pkg:maven/org.jboss.logging/jboss-logging-processor@2.2.1.Final 09
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.logging:jboss-logging:3.5.0.Final)pkg:maven/org.jboss.logging/jboss-logging@3.5.0.Final 014
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld.environment:weld-environment-common:5.1.3.Final)pkg:maven/org.jboss.weld.environment/weld-environment-common@5.1.3.Final 013
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld.se:weld-se-core:5.1.3.Final)pkg:maven/org.jboss.weld.se/weld-se-core@5.1.3.Final 013
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-api:5.0.SP3)pkg:maven/org.jboss.weld/weld-api@5.0.SP3 011
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-core-impl:5.1.3.Final)pkg:maven/org.jboss.weld/weld-core-impl@5.1.3.Final 011
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-lite-extension-translator:5.1.3.Final)pkg:maven/org.jboss.weld/weld-lite-extension-translator@5.1.3.Final 09
weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-spi:5.0.SP3)pkg:maven/org.jboss.weld/weld-spi@5.0.SP3 011
weld-se-shaded-5.1.3.Final.jarpkg:maven/org.jboss.weld.se/weld-se-shaded@5.1.3.Final 038
zxcvbn-1.9.0.jarpkg:maven/com.nulab-inc/zxcvbn@1.9.0 027

Dependencies (vulnerable)

FlasbyUtil-1.0.15-SNAPSHOT.jar

Description:

A collection of small tools I use when writing apps.

License:

BSD Licence: file:///src/site/resources/licence.html
File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar
MD5: ad198be070885a04d74897627007f602
SHA1: 2dfb39f3d98cc8615b7d8c2b5558609d742f56cc
SHA256:bd3c66dda98d7a2e85af7056267fff66c3922a6ae1f76f5d063a95ee75ec6824
Referenced In Project/Scope: iotmonitor:compile
FlasbyUtil-1.0.15-SNAPSHOT.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

FlasbyUtil-1.0.15-SNAPSHOT.jar: TEMPLATE.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/scripts/TEMPLATE.js
MD5: 51196d2fa7978e2ae7c2cb04eb72e8c9
SHA1: cfe201c115b2a92b91ace1a8f9feaa55d92c4465
SHA256:8a303ba2ffe109d5a6bfcf2bb2319ce198bb0012946affbfcfd5c9335ce1aee7
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: _template.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/_template.js
MD5: 6597839cc6772eb130ebe25962d75731
SHA1: d97941de7865fa86d8d1281ab11245d6ae9b79b1
SHA256:7d973f8e5e97245630a58872261fcfd3389e1b8384513d129b83a41624bca7f9
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: dialog.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/dialog.js
MD5: 274a22de5820875af1f8526d02d4cb62
SHA1: 047fe2bca9da397c4ee6dc20acf07fd69273944f
SHA256:18710aae809f255417041caf1b941bba582f927be14f5daeba8fd6aed68abf44
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: flasby.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/flasby.js
MD5: b1ad589533cf8c936681b8c7e562b511
SHA1: 2bc24ace7456991ae3ef1c54875fd58cc1f6debc
SHA256:12849b0fedd20cb19bd80d068bf0308636b204b5c551578c10b137d61411e7d5
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: json.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/json.js
MD5: 5e11dda513c0193fe81efdde5a0b6074
SHA1: 08d3605850eaa7458a71093bdbe80475ae0c3472
SHA256:92bebdfac6851c5130133673fd307bfcd5dfe7f7d5b2f9d4ceaf972a09c7a413
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: json.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/scripts/json.js
MD5: 1e7b41ac4b53e41a4bf688380a25917e
SHA1: 05b17451723d57b2eabfe605596802d6a9bfda07
SHA256:d89784592c6a05b46b77b4e9d5356a12ff36be1d7cb78ef1bb6a298ab6b79897
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: message.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/message.js
MD5: 75cf971af9b418dea963789210b8ed47
SHA1: 2fb954a7798a712b612a950be35daaede977df18
SHA256:58ccde07ee70081337194eaa2c39bba33ce3aa932ddd969814713554722fb9e2
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: message.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/scripts/message.js
MD5: b2cb3be9fda2b4a1412f2869da705ffa
SHA1: 3a1999df78996bf6cffc713c0e28cf0a921dbc05
SHA256:de50bfcf7ff93ad80e5ea4bcf96cda77dd16cedd60a308833ca2cfe0fe6e9993
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: pagebus.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/pagebus.js
MD5: 59a19dbdca35a97a1a258e4aa853dad4
SHA1: 380b87500023d38dde823519bf695b7f60bbcf35
SHA256:577a2879133a3e99a7be04342ce987f8f23be045814559f50b1a0b94177673b4
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: pagebus.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/scripts/pagebus.js
MD5: 8e8ecbf252dbc60d7bb9358492d676b4
SHA1: 9cf8753cd2e97f675c5fcdfff3df55359c04278c
SHA256:304e252d6b5f1fda43f9c1b9449eb76894f5c6cf4c4319465748ff092e637d64
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: search.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/search.js
MD5: 4f2e4a3bed2393fcd4f2b37bc092105e
SHA1: 188b901a948674981a2bcfa607666c8f0c88ae09
SHA256:01e431e629df31b58b75c81bf2a4ae0d4f8569d7481320b9bcc148f67dbfe08a
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: table.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/js/table.js
MD5: f1a2de09e89a4c635606fd2e05a74a34
SHA1: 513a4c609f82335a018acf2bca4f82903ffb7f1a
SHA256:b18057f4863b1de539d6bc95a51e15c165f3f32ba108dd4a8972a44a789c380e
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

FlasbyUtil-1.0.15-SNAPSHOT.jar: table.js

File Path: /var/lib/jenkins/.m2/repository/org/flasby/FlasbyUtil/1.0.15-SNAPSHOT/FlasbyUtil-1.0.15-SNAPSHOT.jar/flasby/scripts/table.js
MD5: 5a6168e002b67378e349fab549cd9b08
SHA1: e6fcd72fdcb940c6193b4a13a574160761195249
SHA256:68996b39e2d537c0a4d1884a4b21b7b263144f784657362959d68a21a9ab144a
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

annotations-13.0.jar

Description:

A set of annotations used for code inspection support and code documentation.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jetbrains/annotations/13.0/annotations-13.0.jar
MD5: f4fb462172517b46b6cd90003508515a
SHA1: 919f0dfe192fb4e063e7dacadee7f8bb9a2672a9
SHA256:ace2a10dc8e2d5fd34925ecac03e4988b2c0f851650c94b8cef49ba1bd111478
Referenced In Project/Scope: iotmonitor:compile
annotations-13.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0

Identifiers

attoparser-2.0.7.RELEASE.jar

Description:

Powerful, fast and easy to use HTML and XML parser for Java

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/attoparser/attoparser/2.0.7.RELEASE/attoparser-2.0.7.RELEASE.jar
MD5: fd09ceba7061e05460e74e0e1e64f233
SHA1: e5d0e988d9124139d645bb5872b24dfa23e283cc
SHA256:75dd1c045492bff8e1963aabb28bfe903c2064e11e27fe2f0f0aff1ad3d84476
Referenced In Project/Scope: iotmonitor:compile
attoparser-2.0.7.RELEASE.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE

Identifiers

classes.js

File Path: /var/lib/jenkins/workspace/IOT Monitor/src/main/resources/static/js/classes.js
MD5: 58ec86de45dbf4cd0e9f2545c74bb955
SHA1: 2b955dfc81bedab760395fd0735d2d32cbbde556
SHA256:540381e5dea72b038665d985727712e51663367d706b58e77ca5f5def1ebe00e
Referenced In Project/Scope: iotmonitor

Identifiers

  • None

eventbus.js

File Path: /var/lib/jenkins/workspace/IOT Monitor/src/main/resources/static/js/eventbus.js
MD5: 89a4fdfb7cc5fbf91b091d249c807849
SHA1: 64ed682121b39b0847cc3da7d43ca80628b828c1
SHA256:f9d0507e5f60f12f50c4839d90ac4c10b3b388eb22cfa9c1b46fe920c432dd7b
Referenced In Project/Scope: iotmonitor

Identifiers

  • None

goat.js

File Path: /var/lib/jenkins/workspace/IOT Monitor/src/main/resources/static/js/goat.js
MD5: 2eb24157a7df345f950779b4a047ec33
SHA1: 93f965de624c51a2236a8a1ca69919200b72e1a0
SHA256:7ca3807ab5aa10c104db564704beeaa59141e326e830dc9b9d98f32d94d98080
Referenced In Project/Scope: iotmonitor

Identifiers

  • None

gson-2.10.1.jar

Description:

Gson JSON library

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/com/google/code/gson/gson/2.10.1/gson-2.10.1.jar
MD5: df6097815738cb31fc56391553210843
SHA1: b3add478d4382b78ea20b1671390a858002feb6c
SHA256:4241c14a7727c34feea6507ec801318a3d4a90f070e4525681079fb94ee4c593
Referenced In Project/Scope: iotmonitor:compile
gson-2.10.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0

Identifiers

jackson-core-2.18.3.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.18.3/jackson-core-2.18.3.jar
MD5: b36e17ef5ba214242b700f8e621e6f12
SHA1: 78f80c259268200e588aa204dd97ecf09b76916e
SHA256:056bc4d3e5e53ce821450fa97b3f9e0f8dde125cf6da6884353bb1f09582e1d9
Referenced In Project/Scope: iotmonitor:compile
jackson-core-2.18.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT

Identifiers

jackson-databind-2.18.3.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.18.3/jackson-databind-2.18.3.jar
MD5: 0cedbc3d377d089e73bb949653b1c76a
SHA1: 537e3886263e3b3464385040453e92567fd509e2
SHA256:510bdda75a7a6186c5bf33b851239488a1450906ae5757121f2e1cc48a7e108f
Referenced In Project/Scope: iotmonitor:compile
jackson-databind-2.18.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT

Identifiers

jackson-module-kotlin-2.15.2.jar

Description:

Add-on module for Jackson (https://github.com/FasterXML/jackson/) to support
        Kotlin language, specifically introspection of method/constructor parameter names,
        without having to add explicit property name annotation.

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/com/fasterxml/jackson/module/jackson-module-kotlin/2.15.2/jackson-module-kotlin-2.15.2.jar
MD5: d6a8f3c3fa4b32f1790cca061eb86598
SHA1: 0475c9721f5a2a5b7bea57d504bd8b0586d1ba5e
SHA256:b3361598a81901613201757461b0149cd75095d420ceb155ddfad09338d77588
Referenced In Project/Scope: iotmonitor:compile
jackson-module-kotlin-2.15.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0

Identifiers

jakarta.validation-api-3.0.2.jar

Description:

        Jakarta Bean Validation API

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/jakarta/validation/jakarta.validation-api/3.0.2/jakarta.validation-api-3.0.2.jar
MD5: 3a1ee6efca3e41e3320599790f54c5eb
SHA1: 92b6631659ba35ca09e44874d3eb936edfeee532
SHA256:291c25e6910cc6a7ebd96d4c6baebf6d7c37676c5482c2d96146e901b62c1fc9
Referenced In Project/Scope: iotmonitor:compile
jakarta.validation-api-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT

Identifiers

javalin-6.3.0.jar

File Path: /var/lib/jenkins/.m2/repository/io/javalin/javalin/6.3.0/javalin-6.3.0.jar
MD5: fd3377cd75a07d5a6e3672141aabbbdd
SHA1: efb95b467eb8c5f0d6d42dca84d3f3d46d9313b6
SHA256:2aa9c6121347738c4ee00e9883db3627dd031a0674f563d3f420ba736bec5b01
Referenced In Project/Scope: iotmonitor:compile
javalin-6.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

javalin-openapi-plugin-6.3.0.jar

Description:

 Serve raw OpenApi documentation under dedicated endpoint

License:

The Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/io/javalin/community/openapi/javalin-openapi-plugin/6.3.0/javalin-openapi-plugin-6.3.0.jar
MD5: 5a3e3846aa7ac5efb194b73c83913358
SHA1: 12847208071218b55d673b7627ee6fa58117564c
SHA256:7e06832122015082971896e0056f8e3cb1b8cdcbab8cc8a978e2998c3be5bc94
Referenced In Project/Scope: iotmonitor:compile
javalin-openapi-plugin-6.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

javalin-redoc-plugin-6.3.0.jar

Description:

 Serve ReDoc UI for OpenAPI specification

License:

The Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/io/javalin/community/openapi/javalin-redoc-plugin/6.3.0/javalin-redoc-plugin-6.3.0.jar
MD5: f5aea7613d410cf500dceb4244df93e2
SHA1: 36b48f741120e17f98111c1fefdc3b271a701b17
SHA256:64a2e47cee8ec66b1de89945d7af01638ef169903b05922b62678f39b2df4e57
Referenced In Project/Scope: iotmonitor:compile
javalin-redoc-plugin-6.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

javalin-rendering-6.3.0.jar

File Path: /var/lib/jenkins/.m2/repository/io/javalin/javalin-rendering/6.3.0/javalin-rendering-6.3.0.jar
MD5: bd40b4baae3c8d7ad52a7f8fe702b2aa
SHA1: d2a037da686e2c845ab5d93e4f63a5a80f633258
SHA256:b24fa30d1b05d7253f2162982fe9b03cd1214e1ab8907fc8a341479bc60c39e4
Referenced In Project/Scope: iotmonitor:compile
javalin-rendering-6.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

javalin-swagger-plugin-6.3.0.jar

Description:

 Serve Swagger UI for OpenAPI specification

License:

The Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/io/javalin/community/openapi/javalin-swagger-plugin/6.3.0/javalin-swagger-plugin-6.3.0.jar
MD5: 873dd76c0f66212e1b11038bba55d078
SHA1: 8668550bab728233f7fa3107f4e77357f3f69038
SHA256:b5f1592179a420744fc257c0f14dadf00142c6b737522547eceb1d2799a9182a
Referenced In Project/Scope: iotmonitor:compile
javalin-swagger-plugin-6.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

javassist-3.29.0-GA.jar

Description:

  	Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
    simple.  It is a class library for editing bytecodes in Java.

License:

MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/lib/jenkins/.m2/repository/org/javassist/javassist/3.29.0-GA/javassist-3.29.0-GA.jar
MD5: aefc94eda66e54b96825ffc807cfbafd
SHA1: d3959fa7e00bf04dbe519228a23213d2afb625d8
SHA256:62d4065362e8969ce654f2b5541de1efb5b5bca6c146dbd38a595ea4df64cd31
Referenced In Project/Scope: iotmonitor:compile
javassist-3.29.0-GA.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE

Identifiers

jbcrypt-0.4.jar

Description:

OpenBSD-style Blowfish password hashing for Java

License:

ISC: https://opensource.org/licenses/isc-license
File Path: /var/lib/jenkins/.m2/repository/org/mindrot/jbcrypt/0.4/jbcrypt-0.4.jar
MD5: d2b39d874e0d512f85386a72b0083682
SHA1: af7e61017f73abb18ac4e036954f9f28c6366c07
SHA256:e183f6f59404fc1e12073cfea4ace7ea103c900463cd21fb609a7c617ecdf624
Referenced In Project/Scope: iotmonitor:compile
jbcrypt-0.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT

Identifiers

jetty-io-11.0.23.jar

Description:

Jetty module for Jetty :: IO Utility

License:

https://www.eclipse.org/legal/epl-2.0/, https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/lib/jenkins/.m2/repository/org/eclipse/jetty/jetty-io/11.0.23/jetty-io-11.0.23.jar
MD5: 060891f3379df1fb182675d9b59a400d
SHA1: 6c92097b0fd0d413dd2a68e236b436eed5501e7b
SHA256:0928b846e5b69a6b2abf9159bbc977e6a3ee081f6054aa4b7a19f1c85d960efc
Referenced In Project/Scope: iotmonitor:compile
jetty-io-11.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin/javalin@6.3.0

Identifiers

CVE-2024-8184  

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
CWE-400 Uncontrolled Resource Consumption, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2024-6763  

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.

The HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI
 differs from the common browsers in how it handles a URI that would be 
considered invalid if fully validated against the RRC.  Specifically HttpURI
 and the browser may differ on the value of the host extracted from an 
invalid URI and thus a combination of Jetty and a vulnerable browser may
 be vulnerable to a open redirect attack or to a SSRF attack if the URI 
is used after passing validation checks.
CWE-1286 Improper Validation of Syntactic Correctness of Input, NVD-CWE-Other

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

jetty-jakarta-servlet-api-5.0.2.jar

Description:

Combined servlet api and schemas for use in JPMS and OSGi environments

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /var/lib/jenkins/.m2/repository/org/eclipse/jetty/toolchain/jetty-jakarta-servlet-api/5.0.2/jetty-jakarta-servlet-api-5.0.2.jar
MD5: 7de826f76a829dc9dfb41e437ff4bd01
SHA1: 027fce6d666a203526236d33d00e202a4136230f
SHA256:efb20997729f32bfa6c8a8319037c353f7ad460d5d49f336bf232998ea2358db
Referenced In Project/Scope: iotmonitor:compile
jetty-jakarta-servlet-api-5.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin/javalin@6.3.0

Identifiers

jetty-server-11.0.23.jar

Description:

The core jetty server artifact.

License:

https://www.eclipse.org/legal/epl-2.0/, https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/lib/jenkins/.m2/repository/org/eclipse/jetty/jetty-server/11.0.23/jetty-server-11.0.23.jar
MD5: d751fe6eca41e4c15a8ff68058ef8fce
SHA1: 3190e72825d60e6df519f8216532b6b48f53f8d0
SHA256:0fca4d21d3147a239c2ed454bc2ecdadea7ddc27f01554f889c506cc44d741c1
Referenced In Project/Scope: iotmonitor:compile
jetty-server-11.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin/javalin@6.3.0

Identifiers

CVE-2024-8184  

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
CWE-400 Uncontrolled Resource Consumption, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2024-6763  

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.

The HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI
 differs from the common browsers in how it handles a URI that would be 
considered invalid if fully validated against the RRC.  Specifically HttpURI
 and the browser may differ on the value of the host extracted from an 
invalid URI and thus a combination of Jetty and a vulnerable browser may
 be vulnerable to a open redirect attack or to a SSRF attack if the URI 
is used after passing validation checks.
CWE-1286 Improper Validation of Syntactic Correctness of Input, NVD-CWE-Other

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

js-tokens-5.0.0.jar

Description:

WebJar for js-tokens

License:

MIT: https://spdx.org/licenses/MIT#licenseText
File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/js-tokens/5.0.0/js-tokens-5.0.0.jar
MD5: e39b3c642c9e1afebc1a697160ee06c3
SHA1: aae9d5fed22d096b76cf7e37522b2ecf81d81ee4
SHA256:cd081e4b48e0f7a20291edd3d904ab24c604d7e0476e2b3d8e3c915d1ab4fcd6
Referenced In Project/Scope: iotmonitor:runtime
js-tokens-5.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-redoc-plugin@6.3.0

Identifiers

js-tokens-5.0.0.jar: index.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/js-tokens/5.0.0/js-tokens-5.0.0.jar/META-INF/resources/webjars/js-tokens/5.0.0/index.js
MD5: 4f0ddf1a4d9cf5335f3bd37b80088572
SHA1: 2abae73b4a9b492dd838166242d2c0206531e4f2
SHA256:02c5a414f99103d2701c431d07813e845221ff97d0efc1937ee5a328767d8792
Referenced In Project/Scope: iotmonitor:runtime

Identifiers

  • None

js-tokens-5.0.0.jar: package.json

File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/js-tokens/5.0.0/js-tokens-5.0.0.jar/META-INF/resources/webjars/js-tokens/5.0.0/package.json
MD5: b51a7eb1ff11b7acfb39268118c5cedc
SHA1: 5a3e238df584240a77c07a516d01011311f71f3e
SHA256:85c75c93c51942c21490217cbd9ff7879754b8c4bcb219c62461afd50144642a
Referenced In Project/Scope: iotmonitor:runtime

Identifiers

  • None

kotlin-reflect-1.5.32.jar

Description:

Kotlin Full Reflection Library

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jetbrains/kotlin/kotlin-reflect/1.5.32/kotlin-reflect-1.5.32.jar
MD5: ec5b3017b555df728581a2b54d9a0f62
SHA1: 0fb7f979b963e5ba051c6753fbbe80a1b6c6f745
SHA256:13237fb82d6e49122d897a1de2b17ac9d5c77137d99070760e6d4191ba9cac31
Referenced In Project/Scope: iotmonitor:compile
kotlin-reflect-1.5.32.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0

Identifiers

CVE-2022-24329  

In JetBrains Kotlin before 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
CWE-829 Inclusion of Functionality from Untrusted Control Sphere

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A
CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N

References:

Vulnerable Software & Versions: (show all)

kotlin-stdlib-1.9.22.jar

Description:

Kotlin Standard Library

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jetbrains/kotlin/kotlin-stdlib/1.9.22/kotlin-stdlib-1.9.22.jar
MD5: c06551ea547417a446386c6ccb198894
SHA1: d6c44cd08d8f3f9bece8101216dbe6553365c6e3
SHA256:6abe146c27864138b874ccccfe5f534e3eb923c99a1b7b5d45494ee5694f3e0a
Referenced In Project/Scope: iotmonitor:compile
kotlin-stdlib-1.9.22.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0

Identifiers

kotlin-stdlib-jdk7-1.9.25.jar

Description:

Kotlin Standard Library JDK 7 extension

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jetbrains/kotlin/kotlin-stdlib-jdk7/1.9.25/kotlin-stdlib-jdk7-1.9.25.jar
MD5: 00b574c013f45be45599d071dbd818f4
SHA1: 1c166692314a2639e5edfed0d23ed7eee4a5c7a5
SHA256:fb5373dd761b4e93e3f538c5e853bba38a71143a181536e8f193ed6e4eddb3b8
Referenced In Project/Scope: iotmonitor:compile
kotlin-stdlib-jdk7-1.9.25.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin/javalin@6.3.0

Identifiers

log4j-core-2.24.3.jar

Description:

A versatile, industrial-grade, and reference implementation of the Log4j API.
    It bundles a rich set of components to assist various use cases:
    Appenders targeting files, network sockets, databases, SMTP servers;
    Layouts that can render CSV, HTML, JSON, Syslog, etc. formatted outputs;
    Filters that can be configured using log event rates, regular expressions, scripts, time, etc.
    It contains several extension points to introduce custom components, if needed.

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/apache/logging/log4j/log4j-core/2.24.3/log4j-core-2.24.3.jar
MD5: 3f52ab7782fdd1349bd872b5dcf48bed
SHA1: 7f6a261243ca767c7f38fd4b542bcde626c8894e
SHA256:7eb4084596ae25bd3c61698e48e8d0ab65a9260758884ed5cbb9c6e55c44a56a
Referenced In Project/Scope: iotmonitor:compile
log4j-core-2.24.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT

Identifiers

lombok-1.18.36.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: /var/lib/jenkins/.m2/repository/org/projectlombok/lombok/1.18.36/lombok-1.18.36.jar
MD5: 92c08153ae16c161c8cc2cc8185d2724
SHA1: 5a30490a6e14977d97d9c73c924c1f1b5311ea95
SHA256:73b6b05b6a2d365b700bab08d30f94de9d336490bc0acce5b6181fef48cbf18e
Referenced In Project/Scope: iotmonitor:provided
lombok-1.18.36.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

lombok-1.18.36.jar: mavenEcjBootstrapAgent.jar

File Path: /var/lib/jenkins/.m2/repository/org/projectlombok/lombok/1.18.36/lombok-1.18.36.jar/lombok/launch/mavenEcjBootstrapAgent.jar
MD5: 27467519bf9615b24cad3b003c4353a9
SHA1: 37d92e0a726a67883ab94bee27c6f292e6318dcd
SHA256:9566d0706d6245cac3cdd9db6d1d81551aa3e727febcf64452c6db9701c40037
Referenced In Project/Scope: iotmonitor:provided

Identifiers

  • None

main.js

File Path: /var/lib/jenkins/workspace/IOT Monitor/src/main/resources/static/js/main.js
MD5: b5bdf9890e2c45069f10ee86125933f5
SHA1: c856f2394da9a6fc1365204ab5a883143a4b9aeb
SHA256:6c2c7aaee868ea1ceac341870151151c17c616d95c244492b5c53c411677538c
Referenced In Project/Scope: iotmonitor

Identifiers

  • None

ognl-3.3.4.jar

Description:

OGNL - Object Graph Navigation Library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/ognl/ognl/3.3.4/ognl-3.3.4.jar
MD5: 1893dad14f3e7ddd95d211e1d3ca1a0f
SHA1: 1904789bdd96f226ad252a02f230be1015f4462b
SHA256:47fdd450407ff09b57df02f466f9b4c7d32818962d65f9d98e445c8b4d047603
Referenced In Project/Scope: iotmonitor:compile
ognl-3.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE

Identifiers

openapi-specification-6.3.0.jar

Description:

 Compile-time OpenAPI integration for Javalin 6.x

License:

The Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/io/javalin/community/openapi/openapi-specification/6.3.0/openapi-specification-6.3.0.jar
MD5: 92c8f0df8a98cf282a3d0da55d82b3bb
SHA1: 0c5a194ab45ef973b52cdc21a4e339c26bbbe598
SHA256:a103f0bf0351422ccce919290d0524af71d3ccc1224f0e1e432f3330d69833cc
Referenced In Project/Scope: iotmonitor:compile
openapi-specification-6.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-openapi-plugin@6.3.0

Identifiers

redoc-2.0.0-rc.70.jar

Description:

WebJar for redoc

License:

MIT
File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/redoc/2.0.0-rc.70/redoc-2.0.0-rc.70.jar
MD5: 3ddab3ae210b654107620372e891e1e8
SHA1: 8158e1180c8fa313bda93f5a11790cdf74da3163
SHA256:a8e84348a8fa09f7455ba0c0b01d59578eab5495f4fe74c7d83b6fc2b3f0d03c
Referenced In Project/Scope: iotmonitor:runtime
redoc-2.0.0-rc.70.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-redoc-plugin@6.3.0

Identifiers

redoc-2.0.0-rc.70.jar: package.json

File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/redoc/2.0.0-rc.70/redoc-2.0.0-rc.70.jar/META-INF/resources/webjars/redoc/2.0.0-rc.70/package.json
MD5: f75cff014431dc24a5fbaa95c9390154
SHA1: 20b9952c42221e19501b6766c1c92b3d72ac8ab2
SHA256:dab70f3560a11ad576138b6ff2cfd3cd0692a838b823efb02c5a89285b105a6e
Referenced In Project/Scope: iotmonitor:runtime

Identifiers

  • None

redoc-2.0.0-rc.70.jar: redoc.browser.lib.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/redoc/2.0.0-rc.70/redoc-2.0.0-rc.70.jar/META-INF/resources/webjars/redoc/2.0.0-rc.70/bundles/redoc.browser.lib.js
MD5: ed49e3c775bbcfbf4b799ccefb7efb08
SHA1: f0d3e96a56db4b4553f4613e978ea635e633e6ae
SHA256:2c6b7f924aef349336bc45a04535bab9919b23306cbf1a40d1020a2aee3207ee
Referenced In Project/Scope: iotmonitor:runtime

Identifiers

  • None

redoc-2.0.0-rc.70.jar: redoc.lib.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/redoc/2.0.0-rc.70/redoc-2.0.0-rc.70.jar/META-INF/resources/webjars/redoc/2.0.0-rc.70/bundles/redoc.lib.js
MD5: 0d4866bba928703957fbeb051f900863
SHA1: 5e2d555ddba44cc8a1e2cec0d991614d489bc954
SHA256:5ea8faeac721b03bd03fa93fac3ebd473e69c3626c6f9d684ebecc2635465882
Referenced In Project/Scope: iotmonitor:runtime

Identifiers

  • None

redoc-2.0.0-rc.70.jar: redoc.standalone.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/npm/redoc/2.0.0-rc.70/redoc-2.0.0-rc.70.jar/META-INF/resources/webjars/redoc/2.0.0-rc.70/bundles/redoc.standalone.js
MD5: 2401097c97d5ccaa6b01e9f20e0e9b2f
SHA1: c3e9aafe644e5276c8e430ee7444708cc687c9eb
SHA256:04e7c4906888adc144969a7c83862209c2512a15172b38171ad293e0359930b2
Referenced In Project/Scope: iotmonitor:runtime

Identifiers

CVE-2024-45801 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2024-47875 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2024-48910 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2025-26791 (RETIREJS)  

Unscored:

  • Severity: medium

References:

slf4j-api-2.0.17.jar

Description:

The slf4j API

License:

https://opensource.org/license/mit
File Path: /var/lib/jenkins/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Project/Scope: iotmonitor:compile
slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE

Identifiers

slf4j-simple-2.0.16.jar

Description:

SLF4J Simple Provider

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /var/lib/jenkins/.m2/repository/org/slf4j/slf4j-simple/2.0.16/slf4j-simple-2.0.16.jar
MD5: 58c531dfe60020700c53c45fdf6234bf
SHA1: 56d3d8e59293543780ad35af4ee4a5d9c111a588
SHA256:effc32018658bea09d1e08c7d1060ccad46c086960f583d07dd7ffe9c1172a47
Referenced In Project/Scope: iotmonitor:compile
slf4j-simple-2.0.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

swagger-ui-3.52.5.jar

Description:

WebJar for Swagger UI

License:

Apache 2.0: https://github.com/swagger-api/swagger-ui
File Path: /var/lib/jenkins/.m2/repository/org/webjars/swagger-ui/3.52.5/swagger-ui-3.52.5.jar
MD5: 14161aa9d996614bf3696a6cd75d40e9
SHA1: 54c418db90fda02ab47d2e9e3ef31ef5bf6f04f2
SHA256:5187f2953f15dfa361f524ea0c776045c53b2747eb3484784c7e7112d80c5f94
Referenced In Project/Scope: iotmonitor:compile
swagger-ui-3.52.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin.community.openapi/javalin-swagger-plugin@6.3.0

Identifiers

CVE-2018-25031 (OSSINDEX)  

Swagger UI 4.1.2 and earlier could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. Note: This was originally claimed to be resolved in 4.1.3. However, third parties have indicated this is not resolved in 4.1.3 and even occurs in that version and possibly others.
CWE-20 Improper Input Validation

CVSSv3:
  • Base Score: MEDIUM (4.300000190734863)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.webjars:swagger-ui:3.52.5:*:*:*:*:*:*:*

swagger-ui-3.52.5.jar: swagger-ui-bundle.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/swagger-ui/3.52.5/swagger-ui-3.52.5.jar/META-INF/resources/webjars/swagger-ui/3.52.5/swagger-ui-bundle.js
MD5: 798d369d6387e66b7278e63cb950a32f
SHA1: 6b9b3c80f0e5ce612f38d69e4ac2ee179ed1d909
SHA256:8b250d905022b2dabe4ffc70999839d2561bf0b895318073ed9780ac052bca44
Referenced In Project/Scope: iotmonitor:compile

Identifiers

CVE-2024-45801 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2024-47875 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2024-48910 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2025-26791 (RETIREJS)  

Unscored:

  • Severity: medium

References:

swagger-ui-3.52.5.jar: swagger-ui-es-bundle-core.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/swagger-ui/3.52.5/swagger-ui-3.52.5.jar/META-INF/resources/webjars/swagger-ui/3.52.5/swagger-ui-es-bundle-core.js
MD5: 28fd8842e71c1c8ca725ca2627c98087
SHA1: 80483b8885bbcc1423b26b81f6e2fb76390aec2e
SHA256:62acc26b4f9058d9192f204b109271d082d98ab5762049f6fb854bc1347f0f42
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

swagger-ui-3.52.5.jar: swagger-ui-es-bundle.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/swagger-ui/3.52.5/swagger-ui-3.52.5.jar/META-INF/resources/webjars/swagger-ui/3.52.5/swagger-ui-es-bundle.js
MD5: dc2cb7087e29ce679992a94515dec163
SHA1: 1d6df11cdeb8ed3e67508c61ee67c6517bad3d7d
SHA256:8c47ee720c7737622391b0c778c9391fe2364d66dba4e3e42e72e4f1fce545ee
Referenced In Project/Scope: iotmonitor:compile

Identifiers

CVE-2024-45801 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2024-47875 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2024-48910 (RETIREJS)  

Unscored:

  • Severity: high

References:

CVE-2025-26791 (RETIREJS)  

Unscored:

  • Severity: medium

References:

swagger-ui-3.52.5.jar: swagger-ui-standalone-preset.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/swagger-ui/3.52.5/swagger-ui-3.52.5.jar/META-INF/resources/webjars/swagger-ui/3.52.5/swagger-ui-standalone-preset.js
MD5: e3a4b013757e84ad70d1ef12270ba31a
SHA1: 79118d9a3b17634bcc90a044080aa9d04e48d643
SHA256:f4ccf691361f0d0e65c9ee5348f73d8de46ef52efd3185723473c675c1bb30bd
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

swagger-ui-3.52.5.jar: swagger-ui.js

File Path: /var/lib/jenkins/.m2/repository/org/webjars/swagger-ui/3.52.5/swagger-ui-3.52.5.jar/META-INF/resources/webjars/swagger-ui/3.52.5/swagger-ui.js
MD5: a1872a01a88316c1210110744da63182
SHA1: 9cce9174195d310b12a40b033759eb29be5cc5f6
SHA256:0ed6dcede3927fc07d359c77b50c38ea48bc060c09a3984d4f9d3f0ea61d5e2c
Referenced In Project/Scope: iotmonitor:compile

Identifiers

  • None

thymeleaf-3.1.3.RELEASE.jar

File Path: /var/lib/jenkins/.m2/repository/org/thymeleaf/thymeleaf/3.1.3.RELEASE/thymeleaf-3.1.3.RELEASE.jar
MD5: 6a513160c67d236d380af821e3a1d093
SHA1: 51474f2a90b282ee97dabcd159c7faf24790f373
SHA256:165ef16cd71020c4d572e77d73cf7baffd431f3f3e8c1d84b410de23dc79f92c
Referenced In Project/Scope: iotmonitor:compile
thymeleaf-3.1.3.RELEASE.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

unbescape-1.1.6.RELEASE.jar

Description:

Advanced yet easy-to-use escape/unescape library for Java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/unbescape/unbescape/1.1.6.RELEASE/unbescape-1.1.6.RELEASE.jar
MD5: d95ed94e1624e307a1958ee105ccbf39
SHA1: 7b90360afb2b860e09e8347112800d12c12b2a13
SHA256:597cf87d5b1a4f385b9d1cec974b7b483abb3ee85fc5b3f8b62af8e4bec95c2c
Referenced In Project/Scope: iotmonitor:compile
unbescape-1.1.6.RELEASE.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.thymeleaf/thymeleaf@3.1.3.RELEASE

Identifiers

websocket-core-server-11.0.23.jar

Description:

Jetty module for Jetty :: Websocket :: Core :: Server

License:

https://www.eclipse.org/legal/epl-2.0/, https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/lib/jenkins/.m2/repository/org/eclipse/jetty/websocket/websocket-core-server/11.0.23/websocket-core-server-11.0.23.jar
MD5: 4386a9565083af28736c172bff87bf1a
SHA1: 0f4df828ac2ec618151cc9511f06ba778dba5872
SHA256:f6614ac9589f0ee63bada87c1fb4c60eeafec1e9f9e9692ac66083906818fdab
Referenced In Project/Scope: iotmonitor:compile
websocket-core-server-11.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin/javalin@6.3.0

Identifiers

CVE-2024-8184  

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
CWE-400 Uncontrolled Resource Consumption, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2024-6763  

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.

The HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI
 differs from the common browsers in how it handles a URI that would be 
considered invalid if fully validated against the RRC.  Specifically HttpURI
 and the browser may differ on the value of the host extracted from an 
invalid URI and thus a combination of Jetty and a vulnerable browser may
 be vulnerable to a open redirect attack or to a SSRF attack if the URI 
is used after passing validation checks.
CWE-1286 Improper Validation of Syntactic Correctness of Input, NVD-CWE-Other

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

websocket-jetty-server-11.0.23.jar

Description:

Jetty Websocket Server

License:

https://www.eclipse.org/legal/epl-2.0/, https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/lib/jenkins/.m2/repository/org/eclipse/jetty/websocket/websocket-jetty-server/11.0.23/websocket-jetty-server-11.0.23.jar
MD5: 858777e5182f5fde5accaed4e2fac2c8
SHA1: 6287a389b84ff74c72d65f60f67eac1a7ce10c93
SHA256:0e02aa3477d238fb3973af300778275d9743799b6087610b6fdfeba5c5749ef0
Referenced In Project/Scope: iotmonitor:compile
websocket-jetty-server-11.0.23.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/io.javalin/javalin@6.3.0

Identifiers

CVE-2024-8184  

There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack.  By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's memory.
CWE-400 Uncontrolled Resource Consumption, CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

CVE-2024-6763  

Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine . It includes a utility class, HttpURI, for URI/URL parsing.

The HttpURI class does insufficient validation on the authority segment of a URI.  However the behaviour of HttpURI
 differs from the common browsers in how it handles a URI that would be 
considered invalid if fully validated against the RRC.  Specifically HttpURI
 and the browser may differ on the value of the host extracted from an 
invalid URI and thus a combination of Jetty and a vulnerable browser may
 be vulnerable to a open redirect attack or to a SSRF attack if the URI 
is used after passing validation checks.
CWE-1286 Improper Validation of Syntactic Correctness of Input, NVD-CWE-Other

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions:

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.annotation:jakarta.annotation-api:2.1.1)

Description:

Jakarta Annotations API

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.annotation/jakarta.annotation-api/pom.xml
MD5: 67b6dc7c9b157e3f459da029c4e4fa02
SHA1: 1c89931b0b9bf7c03d18ae18a13473528617838e
SHA256:af650eca1de1b98741006acd82507e4408cffedd2fee33a0ea463d61508db7ec
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.el:jakarta.el-api:5.0.1)

Description:

        Jakarta Expression Language defines an expression language for Java applications

File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.el/jakarta.el-api/pom.xml
MD5: e59d38e6f16a213b721edca9b5ee389b
SHA1: f8eb17de87dd57f4e30ea8cb4e8ecd3dd191f8d7
SHA256:06b94a0dcedec8c9072b670f2408c4f0970781f6308505442724241e25a81348
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.enterprise:jakarta.enterprise.cdi-api:4.0.1)

Description:

APIs for CDI (Contexts and Dependency Injection for Java)

License:

Apache License 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.enterprise/jakarta.enterprise.cdi-api/pom.xml
MD5: 9c92e861da7dfcf3d851a39826bcad1a
SHA1: 31302535a46d274e3fa77669be7ea563946bb9b3
SHA256:8b41e1d3551058f7be0360a1ae57e932502e16a0e388a025bad8705b81635146
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.enterprise:jakarta.enterprise.lang-model:4.0.1)

Description:

Build Compatible (Reflection-Free) Java Language Model for CDI

License:

Apache License 2.0: https://repository.jboss.org/licenses/apache-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.enterprise/jakarta.enterprise.lang-model/pom.xml
MD5: 3534d090758ca0d234bc3e60a66aff45
SHA1: 0731188ce992ce2c6857cac43bc2f44807c5d11f
SHA256:1c8c574b7df5e3494084d24717994eefdf26d2b9e1e83a6941b5096f4eca89c1
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.inject:jakarta.inject-api:2.0.1)

Description:

Jakarta Dependency Injection

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.inject/jakarta.inject-api/pom.xml
MD5: 749057e41e883acc393ae66b22829c0f
SHA1: d53e5e2c5362dc3f6748efac10909af8562b3505
SHA256:e7fd7232e96307a575b2494c9367d68cf43ec98244aace3ccc23e1773ffa6fda
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.interceptor:jakarta.interceptor-api:2.1.0)

Description:

        Jakarta Interceptors defines a means of interposing on business method invocations
        and specific events—such as lifecycle events and timeout events—that occur on instances
        of Jakarta EE components and other managed classes.

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.interceptor/jakarta.interceptor-api/pom.xml
MD5: 9a4a1537bbdc1426a347b06b1f84db66
SHA1: f7ccfe403d34464fcfa0363c73e4a710a92a96b3
SHA256:d114da63b2093f0bd9c2a9657a016ce70feba376050806a5c5995d8913df7d5f
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: jakarta.servlet:jakarta.servlet-api:6.0.0)

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/jakarta.servlet/jakarta.servlet-api/pom.xml
MD5: 78fb3962387f945018528e012c5ad74f
SHA1: 31e5c0c37cd563caf1e8aa9899f9c78ebef4570c
SHA256:3d5a259dfbd2b940e495c305cba2b60615923dc8178e032b7ef60cbb24138439
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.classfilewriter:jboss-classfilewriter:1.3.0.Final)

Description:

A bytecode writer that creates .class files at runtime

License:

Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.classfilewriter/jboss-classfilewriter/pom.xml
MD5: 473f56308269f99b8922638b15bb6534
SHA1: 1b67105916c2c1eda3b53f7473c6bf763fad9cfb
SHA256:32e72cd06748c014e7c742516b4793fb8431dceb6dfc3878a5a15ce8e1527108
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.jdeparser:jdeparser:2.0.3.Final)

File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.jdeparser/jdeparser/pom.xml
MD5: cfc4cddb99ee1be4a70ec14142eb2277
SHA1: ab5e35dc566b507d0c4e00175ac4c12ee7251d59
SHA256:8f0084a615a3e716d020fc4e74c370c7d346b7ab3e1f7284656cad2b50c1929d
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.logging:jboss-logging-annotations:2.2.1.Final)

License:

Apache License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.logging/jboss-logging-annotations/pom.xml
MD5: 8b46da9db066b417db170296bb0238a0
SHA1: 84964d9370219d6a18d445dff40c1f7472c3341c
SHA256:c053271fa743cff1c90b1fcb82845eb66fcc289d549d2f9902c7b456577250a0
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.logging:jboss-logging-processor:2.2.1.Final)

File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.logging/jboss-logging-processor/pom.xml
MD5: 81484c063cbbac4f93d861fa99527ae2
SHA1: d1a80d21e360cebb4263ceb8de1a02fec98bd559
SHA256:175ae861457e5a20c8524599a84b7755b5954f7e5bf0ba27f89318672dbc3c34
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.logging:jboss-logging:3.5.0.Final)

Description:

The JBoss Logging Framework

License:

Apache License, version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.logging/jboss-logging/pom.xml
MD5: 163991147c121b891fe3898dabf4c666
SHA1: 07005c250dadc2cc23a4f1aebf8b7de1e148db9c
SHA256:4b68e3b46d9dc22d99d7819352fcbb43767d31d8ebd22a8e13f10e11867c468e
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld.environment:weld-environment-common:5.1.3.Final)

Description:

Common tools for non-standard Weld environments (SE, Servlet containers)

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.weld.environment/weld-environment-common/pom.xml
MD5: eafe33ad25221cd94d79aad9dbe154fa
SHA1: 91a502131e3475f95cfef93803e8c1e421dd5856
SHA256:23c2d43cb7b365bd4d6e7a6fd5856e327ed7f3479fbc7d166e53b1698bc74377
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld.se:weld-se-core:5.1.3.Final)

Description:

Weld support for Java SE

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.weld.se/weld-se-core/pom.xml
MD5: f9f4b1aed896bc928ff1db05cf62c0b7
SHA1: fbbc87e6208f01122074fa91ae2c1a6c36d8032d
SHA256:727fd31042494388d4b1a440c857a2cbdc3c1db0563b1195127a662da2437cf4
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-api:5.0.SP3)

Description:

Weld specifc extensions to the CDI API

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.weld/weld-api/pom.xml
MD5: 7535b464e97b6b5cfa49c62a0424a8ee
SHA1: 2e0e61f4d0a1e3c9deb0d2437e6b854ed478ee3f
SHA256:3692c81ebbb0625fc3c4ced5ab89f465d3b9eded62e6926e31a39daa2074e170
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-core-impl:5.1.3.Final)

Description:

Weld's implementation of CDI

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.weld/weld-core-impl/pom.xml
MD5: 71f5d2979a229b13b252c1765d858812
SHA1: 91d38bc4fd53050d9c5daa020b71b7d74b242eae
SHA256:f2b8ca9ac760ebcfb805a02c9b114604d81625374ef504537ac4c68e1a19bb08
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-lite-extension-translator:5.1.3.Final)

File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.weld/weld-lite-extension-translator/pom.xml
MD5: 40c8e6fd886db672ce79ef2e0edac3ac
SHA1: 124c2adba28197b4057b4f0211957325740cc5ee
SHA256:a112c4b454ab558843d2d4fe7421325fd6e6145815aad888f2a2320324a1014d
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar (shaded: org.jboss.weld:weld-spi:5.0.SP3)

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar/META-INF/maven/org.jboss.weld/weld-spi/pom.xml
MD5: afcc4af3e01d60487d884e45d8846cf5
SHA1: 521498d8bad32817a3f07d7f1487fce51a49a5dd
SHA256:3732dcd6d6e0b678ef8963eb40d05178d9d5ba588e3b521e4f13baec8bba030f
Referenced In Project/Scope: iotmonitor:compile

Identifiers

weld-se-shaded-5.1.3.Final.jar

Description:

This jar bundles all the bits of Weld and CDI required for Java SE.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /var/lib/jenkins/.m2/repository/org/jboss/weld/se/weld-se-shaded/5.1.3.Final/weld-se-shaded-5.1.3.Final.jar
MD5: fbc750d853e6abd08c0b6aeeb0c36ee9
SHA1: e60e69f4dc0b23d14c296cd00f86b3c54da59348
SHA256:19eca37be11d630a6d3e1eb7991fa9d9f0abde82b64b4a406e4f4d5a6d6d3009
Referenced In Project/Scope: iotmonitor:compile
weld-se-shaded-5.1.3.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/iotmonitor@1.0-SNAPSHOT

Identifiers

zxcvbn-1.9.0.jar

Description:

This is a java port of zxcvbn, which is a JavaScript password strength generator.

License:

MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /var/lib/jenkins/.m2/repository/com/nulab-inc/zxcvbn/1.9.0/zxcvbn-1.9.0.jar
MD5: c049283df99508f4a3fec73f52ceea7b
SHA1: 47e0b80099d6109ef199072aaab326325aca5e44
SHA256:38efaebab09144eb1f4d4c9ff650e79df875a8d6c4539c105b079a606bb7db34
Referenced In Project/Scope: iotmonitor:compile
zxcvbn-1.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.flasby/FlasbyUtil@1.0.15-SNAPSHOT

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.