Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 6.1.6Report Generated On : Tue, 23 Nov 2021 19:47:25 GMTDependencies Scanned : 102 (89 unique)Vulnerable Dependencies : 7 Vulnerabilities Found : 67Vulnerabilities Suppressed : 0... NVD CVE Checked : 2021-11-23T19:46:50NVD CVE Modified : 2021-11-23T19:00:02VersionCheckOn : 2021-11-23T19:46:50Summary Display:
Showing Vulnerable Dependencies (click to show all) Dependencies commons-codec-1.10.jarDescription:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
MD5: 353cf6a2bdba09595ccfa073b78c7fcb
SHA1: 4b95f4897fa13f2cd904aee711aeafc0c5295cd8
SHA256: 4241dfa94e711d435f29a4604a3e2de5c4aa3c165e23bd066be6fc1fc4309569
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest implementation-build trunk@r1637108; 2014-11-06 14:14:12+0000 Low Vendor pom name Apache Commons Codec High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom groupid commons-codec Highest Vendor jar package name apache Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-codec/ Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom parent-artifactid commons-parent Low Vendor jar package name encoder Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest bundle-symbolicname org.apache.commons.codec Medium Vendor jar package name codec Highest Vendor file name commons-codec High Vendor pom url http://commons.apache.org/proper/commons-codec/ Highest Vendor jar package name commons Highest Vendor pom artifactid commons-codec Low Product Manifest implementation-build trunk@r1637108; 2014-11-06 14:14:12+0000 Low Product pom parent-artifactid commons-parent Medium Product pom name Apache Commons Codec High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product Manifest specification-title Apache Commons Codec Medium Product pom groupid commons-codec Highest Product jar package name apache Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-codec/ Low Product pom parent-groupid org.apache.commons Medium Product Manifest Implementation-Title Apache Commons Codec High Product jar package name encoder Highest Product pom artifactid commons-codec Highest Product Manifest bundle-symbolicname org.apache.commons.codec Medium Product jar package name codec Highest Product file name commons-codec High Product Manifest Bundle-Name Apache Commons Codec Medium Product jar package name commons Highest Product pom url http://commons.apache.org/proper/commons-codec/ Medium Version file version 1.10 High Version pom version 1.10 Highest Version Manifest Implementation-Version 1.10 High Version pom parent-version 1.10 Low
commons-collections-3.2.2.jarDescription:
Types that extend and augment the Java Collections Framework. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256: eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.3))" Low Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Vendor pom url http://commons.apache.org/collections/ Highest Vendor jar package name apache Highest Vendor pom parent-groupid org.apache.commons Medium Vendor pom artifactid commons-collections Low Vendor file name commons-collections High Vendor pom parent-artifactid commons-parent Low Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest implementation-url http://commons.apache.org/collections/ Low Vendor pom groupid commons-collections Highest Vendor pom name Apache Commons Collections High Vendor jar package name commons Highest Vendor jar package name collections Highest Vendor Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Product pom parent-artifactid commons-parent Medium Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.3))" Low Product Manifest Implementation-Title Apache Commons Collections High Product pom artifactid commons-collections Highest Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Product jar package name apache Highest Product pom parent-groupid org.apache.commons Medium Product file name commons-collections High Product Manifest specification-title Apache Commons Collections Medium Product Manifest implementation-url http://commons.apache.org/collections/ Low Product Manifest Bundle-Name Apache Commons Collections Medium Product pom groupid commons-collections Highest Product pom name Apache Commons Collections High Product jar package name commons Highest Product pom url http://commons.apache.org/collections/ Medium Product jar package name collections Highest Product Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom version 3.2.2 Highest Version file version 3.2.2 High Version pom parent-version 3.2.2 Low
commons-io-2.5.jarDescription:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-io/commons-io/2.5/commons-io-2.5.jar
MD5: e2d74794fba570ec2115fb9d5b05dc9b
SHA1: 2852e6e05fbb95076fc091f6d1780f1f8fe35e0f
SHA256: a10418348d234968600ccb1d988efcbbd08716e1d96936ccc1880e7d22513474
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom groupid commons-io Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-io/ Low Vendor jar package name apache Highest Vendor pom parent-groupid org.apache.commons Medium Vendor file name commons-io High Vendor pom artifactid commons-io Low Vendor pom parent-artifactid commons-parent Low Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name io Highest Vendor pom name Apache Commons IO High Vendor Manifest bundle-symbolicname org.apache.commons.io Medium Vendor jar package name commons Highest Vendor Manifest implementation-url http://commons.apache.org/proper/commons-io/ Low Vendor Manifest implementation-build tags/commons-io-2.5@r1739098; 2016-04-14 09:19:54-0400 Low Vendor pom url http://commons.apache.org/proper/commons-io/ Highest Product pom parent-artifactid commons-parent Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product Manifest Bundle-Name Apache Commons IO Medium Product pom groupid commons-io Highest Product Manifest Implementation-Title Apache Commons IO High Product pom url http://commons.apache.org/proper/commons-io/ Medium Product Manifest bundle-docurl http://commons.apache.org/proper/commons-io/ Low Product jar package name apache Highest Product pom parent-groupid org.apache.commons Medium Product file name commons-io High Product pom artifactid commons-io Highest Product jar package name io Highest Product pom name Apache Commons IO High Product Manifest bundle-symbolicname org.apache.commons.io Medium Product jar package name commons Highest Product Manifest specification-title Apache Commons IO Medium Product Manifest implementation-url http://commons.apache.org/proper/commons-io/ Low Product Manifest implementation-build tags/commons-io-2.5@r1739098; 2016-04-14 09:19:54-0400 Low Version pom version 2.5 Highest Version file version 2.5 High Version pom parent-version 2.5 Low Version Manifest Implementation-Version 2.5 High
Published Vulnerabilities CVE-2021-29425 suppress
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
commons-lang3-3.6.jarDescription:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.6/commons-lang3-3.6.jar
MD5: 5d18f68b5122fd398c118df53ab4cf55
SHA1: 9d28a6b23650e8a7e9063c04588ace6cf7012c17
SHA256: 89c27f03fff18d0b06e7afd7ef25e209766df95b6c1269d6c3ebbdea48d5f284
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom url http://commons.apache.org/proper/commons-lang/ Highest Vendor Manifest Implementation-Vendor-Id org.apache.commons Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-lang/ Low Vendor pom artifactid commons-lang3 Low Vendor Manifest automatic-module-name org.apache.commons.lang3 Medium Vendor jar package name apache Highest Vendor pom parent-groupid org.apache.commons Medium Vendor pom groupid apache.commons Highest Vendor pom parent-artifactid commons-parent Low Vendor Manifest bundle-symbolicname org.apache.commons.lang3 Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.commons Highest Vendor file name commons-lang3 High Vendor Manifest implementation-url http://commons.apache.org/proper/commons-lang/ Low Vendor jar package name lang3 Highest Vendor jar package name commons Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor pom name Apache Commons Lang High Product pom parent-artifactid commons-parent Medium Product Manifest Implementation-Title Apache Commons Lang High Product Manifest bundle-docurl http://commons.apache.org/proper/commons-lang/ Low Product Manifest automatic-module-name org.apache.commons.lang3 Medium Product jar package name apache Highest Product pom parent-groupid org.apache.commons Medium Product pom groupid apache.commons Highest Product pom url http://commons.apache.org/proper/commons-lang/ Medium Product Manifest bundle-symbolicname org.apache.commons.lang3 Medium Product file name commons-lang3 High Product Manifest specification-title Apache Commons Lang Medium Product Manifest implementation-url http://commons.apache.org/proper/commons-lang/ Low Product jar package name lang3 Highest Product jar package name commons Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product pom artifactid commons-lang3 Highest Product Manifest Bundle-Name Apache Commons Lang Medium Product pom name Apache Commons Lang High Version Manifest Implementation-Version 3.6 High Version file version 3.6 High Version pom version 3.6 Highest Version pom parent-version 3.6 Low
core.wcm.components.core-2.17.12.jarDescription:
A set of standardized components for AEM 6.3+ that can be used to speed up development of websites. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/adobe/cq/core.wcm.components.core/2.17.12/core.wcm.components.core-2.17.12.jar
MD5: de9bc1c8c33d6a512b6a1eac6d8fc06b
SHA1: bf72fe73d77d56fd25406704a578ff7ca4f6d93b
SHA256: 9c88b7d6deff21a177344f697b1644f8e2306e1c43948aae11a052138906ba64
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor pom groupid com.adobe.cq Highest Vendor jar package name adobe Highest Vendor Manifest bundle-symbolicname com.adobe.cq.core.wcm.components.core Medium Vendor jar package name core Highest Vendor jar package name cq Highest Vendor jar package name wcm Highest Vendor pom parent-groupid com.adobe.cq Medium Vendor pom artifactid core.wcm.components.core Low Vendor Manifest provide-capability osgi.service;objectClass:List="com.adobe.aem.wcm.seo.localization.SiteRootSelectionStrategy",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImplConfigurationFactory",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationFactory",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMetrics",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.embed.OEmbedClient",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.embed.UrlProcessor",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.form.FormHandler",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.link.PathProcessor",osgi.service;objectClass:List="com.day.cq.wcm.api.reference.ReferenceProvider",osgi.service;objectClass:List="com.day.cq.wcm.foundation.forms.FormStructureHelper",osgi.service;objectClass:List="javax.servlet.Filter,javax.servlet.Servlet",osgi.service;objectClass:List="javax.servlet.Servlet",osgi.service;objectClass:List="org.apache.sling.models.jacksonexporter.ModuleProvider",osgi.service;objectClass:List="org.apache.sling.models.spi.ImplementationPicker",osgi.service;objectClass:List="org.apache.sling.servlets.post.SlingPostProcessor" Low Vendor pom parent-artifactid core.wcm.components.parent Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.aem.wcm.seo.localization.SiteRootSelectionStrategy)";effective:=active;resolution:=optional,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImplConfigurationFactory)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationFactory)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMetrics)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.services.embed.OEmbedClient)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.services.embed.UrlProcessor)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.services.form.FormHandler)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.granite.ui.clientlibs.HtmlLibraryManager)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.granite.ui.components.ExpressionResolver)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.commons.Externalizer)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.handler.store.AssetStore)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.s7dam.utils.PublishUtils)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.search.QueryBuilder)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.api.LanguageManager)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.foundation.forms.FormStructureHelperFactory)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.foundation.security.SaferSlingPostValidator)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.msm.api.LiveRelationshipManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.http.osgi.services.HttpClientBuilderFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.commons.metrics.MetricsService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.commons.mime.MimeTypeService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.models.factory.ModelFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.scripting.api.resource.ScriptingResourceResolverProvider)";effective:=active,osgi.service;filter:="(objectClass=org.osgi.service.cm.ConfigurationAdmin)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom name Adobe Experience Manager Core WCM Components Core Bundle High Vendor Manifest service-component OSGI-INF/com.adobe.cq.wcm.core.components.internal.form.FormHandlerImpl.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.form.FormStructureHelperImpl.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.jackson.DefaultMethodSkippingModuleProvider.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.jackson.PageModuleProvider.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.link.DefaultPathProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.CaConfigReferenceProvider.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.LatestVersionImplementationPicker.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImpl.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImplConfigurationFactory.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedUrlProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.PinterestUrlProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.seo.LanguageNavigationSiteRootSelectionStrategy.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationConsumer.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationFactory.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMetrics.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AllowedColorSwatchesDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AllowedHeadingElementsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.ClientLibraryCategoriesDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.ContainerServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.CoreFormHandlingServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.DMAssetPostProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.DownloadServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.FormActionRpcServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.FormActionTypeDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.FormActionTypeSettingsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.ImageDelegateRenderCondition.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.SearchResultServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.WorkflowModelDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ElementNamesRenderCondition.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ElementsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ModelDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ModelElementsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.VariationsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.AllowedEmbeddablesDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbedDesignTabsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbedUrlProcessorServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbeddableOptionsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbeddablesDataSourceServlet.xml Low Vendor pom groupid adobe.cq Highest Vendor file name core.wcm.components.core High Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom parent-artifactid core.wcm.components.parent Medium Product pom artifactid core.wcm.components.core Highest Product Manifest Bundle-Name Adobe Experience Manager Core WCM Components Core Bundle Medium Product jar package name adobe Highest Product Manifest bundle-symbolicname com.adobe.cq.core.wcm.components.core Medium Product jar package name core Highest Product jar package name cq Highest Product jar package name wcm Highest Product pom parent-groupid com.adobe.cq Medium Product Manifest provide-capability osgi.service;objectClass:List="com.adobe.aem.wcm.seo.localization.SiteRootSelectionStrategy",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImplConfigurationFactory",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationFactory",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMetrics",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.embed.OEmbedClient",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.embed.UrlProcessor",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.form.FormHandler",osgi.service;objectClass:List="com.adobe.cq.wcm.core.components.services.link.PathProcessor",osgi.service;objectClass:List="com.day.cq.wcm.api.reference.ReferenceProvider",osgi.service;objectClass:List="com.day.cq.wcm.foundation.forms.FormStructureHelper",osgi.service;objectClass:List="javax.servlet.Filter,javax.servlet.Servlet",osgi.service;objectClass:List="javax.servlet.Servlet",osgi.service;objectClass:List="org.apache.sling.models.jacksonexporter.ModuleProvider",osgi.service;objectClass:List="org.apache.sling.models.spi.ImplementationPicker",osgi.service;objectClass:List="org.apache.sling.servlets.post.SlingPostProcessor" Low Product Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.aem.wcm.seo.localization.SiteRootSelectionStrategy)";effective:=active;resolution:=optional,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImplConfigurationFactory)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationFactory)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMetrics)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.services.embed.OEmbedClient)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.services.embed.UrlProcessor)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=com.adobe.cq.wcm.core.components.services.form.FormHandler)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.granite.ui.clientlibs.HtmlLibraryManager)";effective:=active,osgi.service;filter:="(objectClass=com.adobe.granite.ui.components.ExpressionResolver)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.commons.Externalizer)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.handler.store.AssetStore)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.s7dam.utils.PublishUtils)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.search.QueryBuilder)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.api.LanguageManager)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.foundation.forms.FormStructureHelperFactory)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.foundation.security.SaferSlingPostValidator)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.wcm.msm.api.LiveRelationshipManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.http.osgi.services.HttpClientBuilderFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.commons.metrics.MetricsService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.commons.mime.MimeTypeService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.models.factory.ModelFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.scripting.api.resource.ScriptingResourceResolverProvider)";effective:=active,osgi.service;filter:="(objectClass=org.osgi.service.cm.ConfigurationAdmin)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom name Adobe Experience Manager Core WCM Components Core Bundle High Product Manifest service-component OSGI-INF/com.adobe.cq.wcm.core.components.internal.form.FormHandlerImpl.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.form.FormStructureHelperImpl.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.jackson.DefaultMethodSkippingModuleProvider.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.jackson.PageModuleProvider.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.link.DefaultPathProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.CaConfigReferenceProvider.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.LatestVersionImplementationPicker.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImpl.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedClientImplConfigurationFactory.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.OEmbedUrlProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.embed.PinterestUrlProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.services.seo.LanguageNavigationSiteRootSelectionStrategy.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationConsumer.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMappingConfigurationFactory.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AdaptiveImageServletMetrics.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AllowedColorSwatchesDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.AllowedHeadingElementsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.ClientLibraryCategoriesDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.ContainerServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.CoreFormHandlingServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.DMAssetPostProcessor.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.DownloadServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.FormActionRpcServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.FormActionTypeDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.FormActionTypeSettingsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.ImageDelegateRenderCondition.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.SearchResultServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.WorkflowModelDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ElementNamesRenderCondition.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ElementsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ModelDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.ModelElementsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.contentfragment.VariationsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.AllowedEmbeddablesDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbedDesignTabsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbedUrlProcessorServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbeddableOptionsDataSourceServlet.xml,OSGI-INF/com.adobe.cq.wcm.core.components.internal.servlets.embed.EmbeddablesDataSourceServlet.xml Low Product pom groupid adobe.cq Highest Product file name core.wcm.components.core High Version pom version 2.17.12 Highest Version Manifest Bundle-Version 2.17.12 High Version file version 2.17.12 High
Published Vulnerabilities CVE-2021-21043 suppress
ACS Commons version 4.9.2 (and earlier) suffers from a Reflected Cross-site Scripting (XSS) vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content into vulnerable form fields and execute it within the context of the victim's browser. Exploitation of this issue requires user interaction in order to be successful. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N References:
Vulnerable Software & Versions:
guava-15.0.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
Guava has two code dependencies - javax.annotation
per the JSR-305 spec and javax.inject per the JSR-330 spec.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/guava/guava/15.0/guava-15.0.jar
MD5: 2c10bb2ca3ac8b55b0e77e54a7eb3744
SHA1: ed727a8d9f247e2050281cb083f1c77b09dcb5cd
SHA256: 7a34575770eebc60a5476616e3676a6cb6f2975c78c415e2a6014ac724ba5783
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom artifactid guava Low Vendor file name guava High Vendor pom groupid google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom parent-groupid com.google.guava Medium Vendor jar package name google Highest Vendor pom parent-artifactid guava-parent Low Vendor pom groupid com.google.guava Highest Product file name guava High Product pom groupid google.guava Highest Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product pom name Guava: Google Core Libraries for Java High Product Manifest bundle-symbolicname com.google.guava Medium Product pom parent-groupid com.google.guava Medium Product pom parent-artifactid guava-parent Medium Product jar package name google Highest Product pom artifactid guava Highest Version pom version 15.0 Highest Version file version 15.0 High
Published Vulnerabilities CVE-2018-10237 suppress
Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable. CWE-770 Allocation of Resources Without Limits or Throttling
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H References:
CONFIRM - https://groups.google.com/d/topic/guava-announce/xqWALw4W1vs/discussion MISC - https://www.oracle.com/security-alerts/cpujan2021.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2021.html MLIST - [activemq-gitbox] 20190530 [GitHub] [activemq-artemis] brusdev opened a new pull request #2687: ARTEMIS-2359 Upgrade to Guava 24.1 MLIST - [activemq-issues] 20190516 [jira] [Created] (AMQ-7208) Security Issue related to Guava 18.0 MLIST - [activemq-issues] 20190820 [jira] [Created] (AMQ-7279) Security Vulnerabilities in Libraries - jackson-databind-2.9.8.jar, tomcat-servlet-api-8.0.53.jar, tomcat-websocket-api-8.0.53.jar, zookeeper-3.4.6.jar, guava-18.0.jar, jetty-all-9.2.26.v20180806.jar, scala-library-2.11.0.jar MLIST - [arrow-github] 20210610 [GitHub] [arrow] projjal opened a new pull request #10501: ARROW-13032: Update guava version MLIST - [cassandra-commits] 20190612 [jira] [Assigned] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3 MLIST - [cxf-dev] 20200206 [GitHub] [cxf] davidkarlsen opened a new pull request #638: upgrade guava, CVE-2018-10237 MLIST - [cxf-dev] 20200206 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237 MLIST - [cxf-dev] 20200211 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237 MLIST - [cxf-dev] 20200420 [GitHub] [cxf] andrei-ivanov commented on a change in pull request #638: upgrade guava, CVE-2018-10237 MLIST - [cxf-dev] 20200420 [GitHub] [cxf] coheigea commented on a change in pull request #638: upgrade guava, CVE-2018-10237 MLIST - [cxf-dev] 20200420 [GitHub] [cxf] reta commented on a change in pull request #638: upgrade guava, CVE-2018-10237 MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [flink-dev] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version MLIST - [flink-dev] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency MLIST - [flink-issues] 20200806 [jira] [Created] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency MLIST - [flink-issues] 20200814 [jira] [Commented] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency MLIST - [flink-issues] 20210212 [jira] [Closed] (FLINK-18841) CVE-2018-10237 and CWE-400 occurred in flink dependency MLIST - [flink-user] 20200806 Dependency vulnerabilities with Apache Flink 1.10.1 version MLIST - [hadoop-common-dev] 20190401 Update guava to 27.0-jre in hadoop-project MLIST - [hadoop-common-dev] 20200623 Update guava to 27.0-jre in hadoop branch-2.10 MLIST - [hadoop-hdfs-dev] 20190401 Update guava to 27.0-jre in hadoop-project MLIST - [kafka-users] 20200413 CVEs for the dependency software guava and rocksdbjni of Kafka MLIST - [lucene-issues] 20201022 [jira] [Created] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava MLIST - [lucene-issues] 20201022 [jira] [Resolved] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava MLIST - [lucene-issues] 20201022 [jira] [Updated] (SOLR-14960) Solr-clustering is bringing in CVE-2018-10237 vulnerable guava MLIST - [maven-issues] 20210122 [GitHub] [maven-indexer] akurtakov opened a new pull request #75: Remove guava dependency from indexer-core MLIST - [pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1 MLIST - [pulsar-commits] 20210406 [GitHub] [pulsar] lhotari opened a new pull request #10149: Upgrade jclouds to 2.3.0 to fix security vulnerabilities MLIST - [samza-commits] 20210310 [GitHub] [samza] Telesia opened a new pull request #1471: SAMZA-2630: Upgrade dependencies for security fixes MLIST - [storm-issues] 20210315 [jira] [Created] (STORM-3754) Upgrade Guava version because of security vulnerability MLIST - [syncope-dev] 20200423 Re: Time to cut 2.1.6 / 2.0.15? N/A - N/A OSSINDEX - [CVE-2018-10237] Deserialization of Untrusted Data REDHAT - RHSA-2018:2423 REDHAT - RHSA-2018:2424 REDHAT - RHSA-2018:2425 REDHAT - RHSA-2018:2428 REDHAT - RHSA-2018:2598 REDHAT - RHSA-2018:2643 REDHAT - RHSA-2018:2740 REDHAT - RHSA-2018:2741 REDHAT - RHSA-2018:2742 REDHAT - RHSA-2018:2743 REDHAT - RHSA-2018:2927 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:3149 SECTRACK - 1041707 Vulnerable Software & Versions: (show all )
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured. CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions: (show all )
image.jsFile Path: /home/runner/work/wcm-io-wcm-core-components/wcm-io-wcm-core-components/bundles/core/src/main/webapp/app-root/components/image/v2/image/clientlibs/editor/js/image.jsMD5: 685273406512e4ae15dcff5fea8104d0SHA1: a20f85801a9e30712af8bca2d3f3335a42fb463fSHA256: 28345e7fa30cab12e6e74a94c39cb19eaf5c39ac326409c187acde8d8c26cd7dReferenced In Project/Scope: WCM Core Components
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jarDescription:
Context-Aware Configuration Editor Template for AEM. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar
MD5: ae09011d8c43f2f46ecd390a03c369aa
SHA1: 145b0902955cd0ba8d0ea810527e24c99e1d99c7
SHA256: 53d8d51d39d2b790f2aaa64a9bbc86df5374af041d3777dfc662e4707b82de73
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor jar package name caconfig Highest Vendor pom artifactid io.wcm.caconfig.editor Low Vendor jar package name editor Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.caconfig.editor.impl.ConfigurationEditorFilterService";uses:="io.wcm.caconfig.editor.impl",osgi.service;objectClass:List="io.wcm.caconfig.editor.impl.EditorConfig";uses:="io.wcm.caconfig.editor.impl",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom url ${site.url}/caconfig/editor/ Highest Vendor jar package name wcm Highest Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/caconfig/editor Low Vendor pom groupid io.wcm Highest Vendor pom parent-artifactid io.wcm.caconfig.parent Low Vendor Manifest bundle-docurl https://wcm.io/caconfig/editor/ Low Vendor file name io.wcm.caconfig.editor High Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.caconfig.editor.impl.ConfigurationEditorFilterService)";effective:=active;resolution:=optional,osgi.service;filter:="(objectClass=io.wcm.caconfig.editor.impl.EditorConfig)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.multiplexer.ConfigurationPersistenceStrategyMultiplexer)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom name Context-Aware Configuration Editor High Vendor Manifest bundle-symbolicname io.wcm.caconfig.editor Medium Vendor Manifest service-component OSGI-INF/io.wcm.caconfig.editor.impl.ConfigDataServlet.xml,OSGI-INF/io.wcm.caconfig.editor.impl.ConfigNamesServlet.xml,OSGI-INF/io.wcm.caconfig.editor.impl.ConfigPersistServlet.xml,OSGI-INF/io.wcm.caconfig.editor.impl.ConfigurationEditorFilterService.xml,OSGI-INF/io.wcm.caconfig.editor.impl.EditorConfig.xml Low Product jar package name caconfig Highest Product pom parent-artifactid io.wcm.caconfig.parent Medium Product jar package name editor Highest Product pom artifactid io.wcm.caconfig.editor Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.caconfig.editor.impl.ConfigurationEditorFilterService";uses:="io.wcm.caconfig.editor.impl",osgi.service;objectClass:List="io.wcm.caconfig.editor.impl.EditorConfig";uses:="io.wcm.caconfig.editor.impl",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product jar package name wcm Highest Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/caconfig/editor Low Product pom groupid io.wcm Highest Product Manifest Bundle-Name wcm.io Context-Aware Configuration Editor Medium Product Manifest bundle-docurl https://wcm.io/caconfig/editor/ Low Product file name io.wcm.caconfig.editor High Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.caconfig.editor.impl.ConfigurationEditorFilterService)";effective:=active;resolution:=optional,osgi.service;filter:="(objectClass=io.wcm.caconfig.editor.impl.EditorConfig)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.multiplexer.ConfigurationPersistenceStrategyMultiplexer)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom name Context-Aware Configuration Editor High Product pom url ${site.url}/caconfig/editor/ Medium Product Manifest bundle-symbolicname io.wcm.caconfig.editor Medium Product Manifest service-component OSGI-INF/io.wcm.caconfig.editor.impl.ConfigDataServlet.xml,OSGI-INF/io.wcm.caconfig.editor.impl.ConfigNamesServlet.xml,OSGI-INF/io.wcm.caconfig.editor.impl.ConfigPersistServlet.xml,OSGI-INF/io.wcm.caconfig.editor.impl.ConfigurationEditorFilterService.xml,OSGI-INF/io.wcm.caconfig.editor.impl.EditorConfig.xml Low Version Manifest Bundle-Version 1.8.6 High Version pom version 1.8.6 Highest Version file version 1.8.6 High Version pom parent-version 1.8.6 Low
io.wcm.caconfig.editor-1.8.6.jar: add-collection-item.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/add-collection-item.controller.jsMD5: 4db9edbec7c16f5d9be03342212e5f0bSHA1: a64aaff5fa45b5aa0374f4ab96c37d19a19dc698SHA256: 61b71fc2b7072578118c42e935f8264396c86f3470c8b95d295f3d1fd5a0be95Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: add-config.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/add-config.controller.jsMD5: 7765b5e81c3532b3ae25050579324667SHA1: 94a60cb40eca160f525e30c2bfee8929eda63bb7SHA256: c5fb1aaf0b35b19d3bd72c8f25a7e45983024f14d4a23fcde9875271245f8322Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: angular-route.min.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor.angularjs/js/angular-route.min.jsMD5: 8310df74d8455b6adf0f2f2585a99ccbSHA1: 176ca624e8d59ffb46b2691cab020c8134c50e4aSHA256: ee8c45446af4470831a701cf9a3e800be16ce80dc317dfdabb30a0de8d7e94f9Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: angular.min.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor.angularjs/js/angular.min.jsMD5: f6be7dc0dca4488dcf62c978ca101fd8SHA1: 8e557d253c8d3d4a9b5d9e691a73b95a0206f43aSHA256: 7b529d2fb970c54dff4ebd5e71a41e7a8cdbc8410876be674bdf21079134132bReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: app.module.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/app.module.jsMD5: e0e27e0d461f47724ebc493d943579e1SHA1: 6cf114b35e1c512d524bc4f107b34fa1233406b5SHA256: 46f6d84b4652c59d0d328987de6cc4b64f8e1216968c4e62d338214f7e5309c2Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: bindonce.min.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor.angularjs/js/bindonce.min.jsMD5: 2b592ca21f055145c3ce7729771ab35bSHA1: 8471ba6859a2753a1be9d7f17c41068509d781e2SHA256: 2f90ba6c6abda41fd1ceb7f23781109b439d67edda37e8893a632f4a35054afbReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: config-cache.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/config-cache.service.jsMD5: a50cce76430c266461658e824426d180SHA1: 8c250379c38947b6886517c9df853bb1e04c81baSHA256: 0a2924043fb2e77912025f0543901bd903ea1bbf9d3e34b79c1319a00e0caa9dReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: config-table.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/config-table.directive.jsMD5: 7f635e4741f90e564bd1883b09836f3bSHA1: c3c0bca5f07ba44a7572ab1a0a69f7f953c66b3aSHA256: c20ce6f15f2ce78d98aa1576a744741c406fe03fb3720ba817408ae9a75fb9f5Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: config.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/config.service.jsMD5: 3161c1a0ba0ccf7199a326437e5fb00dSHA1: 9f639aac223bce002a0ef55c0543bca308bf63ecSHA256: 2cf8794f27f331024f8f78e50cb86668c88de8ae3d29e2393e86fae3f6ed5d60Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: current-config.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/current-config.service.jsMD5: a4dc0579f54d43cdf4044f0f665c3556SHA1: 9cf76ad26f772b596fde9b5d999efab3ec2b21cfSHA256: a6b94854a3881902aaa997a63c8c31a9d07825f5536f8e604162a9e2fbe8f5b7Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: data-helper.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/data-helper.service.jsMD5: 9afe58cf8599ef45bc9c3b1b71a3c861SHA1: 70e15807207bf051fa0ea4ec7f34fe2b5c3cc3ccSHA256: 10fe479aaae23ba472628c86bddeca3311f09e07304b0901ca483440bea4954aReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: data.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/data.service.jsMD5: 14a8f06a7dbb11e0076b43cf34a67e54SHA1: 64a827f0a91508f737eae86c5c0261877712a256SHA256: 19a3c08b43cd55cd28e906ad2cfdbc290754e4ae6e378ecd591a94b5238ef90cReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: delete-config.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/delete-config.controller.jsMD5: 56f1e314c3c2269761cca619f9494ba4SHA1: e5563df4e84bd5fc0770da1236adb6968e87af03SHA256: 2fa9e7a5b0eaee68b02cd2471d68e92ec5af5391adadb9a03f6684207431e6c9Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: description-popup.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/description-popup.directive.jsMD5: abe86d1159d9d1e99bb973c35cd87900SHA1: b7b43dd6bacd6dbfeef67dde70ee1d236b96feceSHA256: 55591827ce0326d476ae41aafd3a711cb0b20f1aa7f1a3faca52ae5e6c041993Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: detail.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/detail.controller.jsMD5: 9406a0d7c35361f037f72b5c4884b4a0SHA1: 60217aa2b7fd08c64834aa9196020750542d4a45SHA256: e63fa9a0c33cf974d0a87d4f89693a3650f6c49300a4b589aa18545621e3f2a4Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: editor.module.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/editor.module.jsMD5: 1afe7cbd62ce171c8f514463e5e513ebSHA1: 8619b73191de25242c0d776ceef47126e3ed1ea5SHA256: 05ddfe8df1e4a97159293461fc859a3f3c642248aaf5db1aab538b1f8c1f36e7Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: editor.routes.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/editor.routes.jsMD5: b5567b4ed0978b9604a5ba730dc9280aSHA1: 8b0e3ab28ae211d95af3610091751fef97d91b4cSHA256: b05747ab45880af89349ec568e62103870ca8c2cc0f1b7012f7aa6bdc34265e3Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: error.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/error.controller.jsMD5: 77160daf2028f0a0b0ec24887d8b0643SHA1: 247d67cc74cac53848b085bd38fcedcf57d5afa5SHA256: 105a02d1fefc617dab67a7d36e149f5a953e12ed0e3d0ea73c3baad0c1068a86Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: info.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/info.controller.jsMD5: 47fb14341fe2df3f3be95f5629a973abSHA1: 8bb8d6ba454e458ac9c6f8572ba22f1eb3f022b1SHA256: 83b2ef90615be12e02b6c04414d40b35dd091215b319f94660d12df8d3241d64Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: modal.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/modal.service.jsMD5: ff8b9ecf133338f27b02beb32494a03aSHA1: bef5966724d5afaf72d3a8cc7820cbeb6a757ac3SHA256: 695928ba56886a18eecb6dc35bd86de765fa25b5e62316d5163d016355006783Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: modals.module.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/modals.module.jsMD5: 6ec21e404c0adb718b8a2e8ba3690748SHA1: 7312c00e85a1daafa3d86db7c7d089feecd4c784SHA256: e97a95067bb83075790c5c8ed7ffe47ba81bcbde6477e5ba198792cfd15d8d37Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: multifield.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/multifield.directive.jsMD5: 1a2d32f9fb9f81c69ece3b126c8cb63fSHA1: 29625414a710160bc4db8009663ff0829c411288SHA256: fe06bfd7ef25a0c8c8771a99d652663ce9bd77ac119c91467e44842e809c68dcReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: overview.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/overview.controller.jsMD5: f9f4a7752a086be8437aa8d70cbe2f1eSHA1: 5d3c7d28b67734120fd95871e344c48badc30705SHA256: 9e580622d8d9cb33cdb5dffaf78aaf571266a2b3669c64a47d92644e5929854fReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: pathbrowser.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/pathbrowser.directive.jsMD5: 2f5474c091ee4bc676e258d95e640903SHA1: 3259144427a9ace04f487bbf63ae8afac29f0bbfSHA256: 70fe3aac5de45bf8e0b6fd6cc0b50cbb5067c113c47ffadff99e4e435b4f9baaReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-dropdown.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-dropdown.directive.jsMD5: 60278dcaf3d2d522abb2fb274eeae0ecSHA1: 96f36dbc9a4a09aa2193c694eb05ca57294a149aSHA256: 4d5f70cd90848fe9e151b5e94c8b8f947be16e29ff1b78c06a92591101e80260Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-edit-link.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-edit-link.directive.jsMD5: 2d86e929b380f9d0ce28893424bae76aSHA1: e19a7f2aba2334ad1166a61408aa7c7794955709SHA256: ebd2efef0c518c609b2f044bc2429c07392ee0ea224a6ce8ad00ca3f0d0f93f2Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-input-checkbox.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-input-checkbox.directive.jsMD5: ee24ed0b2da3091d1d19c47119becd5eSHA1: 43553259eca8ca36f558c48c57321e4e94415069SHA256: 59747146050d71e5a0093e3a6f4c2999065b4dc0f30169063dc76370350428c6Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-input-text.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-input-text.directive.jsMD5: 77aa3d9e5e3bc0fe12ba5733e7bd41e7SHA1: 774de8059700971bbc36f1f93d67625dfaf2a051SHA256: b35c1a3ad20c06b75651fed91c54601d0d00bdb9b75bcfce31acfd60121f6685Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-input-textarea.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-input-textarea.directive.jsMD5: aa0ee96aa21f20e9c6dc1bf66d932e79SHA1: d6de051754a24bc7cb0ed3c7ef81319b4f85ca33SHA256: d391920715604d5895d78fc3a19a6cd61209694b864cb8c51e5215899657c9b7Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-row-preview.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-row-preview.directive.jsMD5: f76441a180754b61fd7c12a3eba0b96bSHA1: 6b6c209e51e3013c1dc501f42988a2a3d51bb4aaSHA256: cb4c0e5fc08af3e773be9c67066dd1087ee0ec2e1118a525145cc95548ec3543Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: property-row.directive.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/property-row.directive.jsMD5: 88143e9829a374616d1c25e1dbf098f1SHA1: db6a47aadca2d0f2d6fa9f108eda3d6d0b9b9e64SHA256: 7c3a3229411b34cbca7d1eb2e4198d4723d2d9d2b72e0ce0c83974a938849302Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: publish.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/editor/publish.service.jsMD5: 628e06fae98608129772d806cfdd077aSHA1: aa7e8bea77684f6bb7c611fdfc93214cea26a114SHA256: b50dc43baca8c7ea6729242018a767f0703a1bdd8d20eabce1d0ba2bc8fd6f83Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: save-config.controller.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/modals/save-config.controller.jsMD5: d941f4e5081a6e049c40c1795fc41b22SHA1: e14bbc8644e06558a025e28db6651bdd9033a04aSHA256: fc62fbefaa5553d002242218b99467dcb0e847bede81a3aca0f7ba868fd1bac4Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: templates.module.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/templates.module.jsMD5: fbebb23683a3d6ce1e9141935daf5285SHA1: ead39a4057a8ef79898c4b470a536845a187f75bSHA256: e1ab55162a4d1b4bd481186a8570b6d6371d4dd5f6ee605e7cfa003f841160c7Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: ui.service.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/ui.service.jsMD5: 893eb285d518797d5928fc86a876d345SHA1: fdab2e638b75c4b4d5da92a132ce18ae9ba39509SHA256: 87f4dcf1e66ee94cd53504d72af7786e855d5aa91cebf3b77fd251a933990b3dReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: utilities.module.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/utilities.module.jsMD5: fbaebe33ecf34d2afffbab54f21a1d28SHA1: 65276876d986476c472b5f67b852c92d1b258b78SHA256: 4f6445e7765298c2ae6e9a494075f2b0a2e582719b2f5e7cf1d1dc9e835bf92eReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: widgets.constants.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/widgets.constants.jsMD5: 5f91e5ab435af756c9024aecdb7383d8SHA1: 23c01c5e96863616044fc9d5bbe1be0698eca70bSHA256: 28289e932fe69b7ee73fe4373d9e74acbaf90e11f424938ff09400d52c447ca0Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.editor-1.8.6.jar: widgets.module.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.editor/1.8.6/io.wcm.caconfig.editor-1.8.6.jar/SLING-INF/app-root/clientlibs/io.wcm.caconfig.editor/js/widgets/widgets.module.jsMD5: 8bfa929c504a471e23709e95058d8558SHA1: 0e71a669e9ce6de71c2773f89b7aa1f38bd386feSHA256: a71a524d756581a937800fb69c425a3f42e498dd1c8cb07ed5fd195e2f0f318fReferenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm.caconfig.extensions-1.8.8.jarDescription:
AEM-specific extensions for Apache Sling Context-Aware Configuration. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.caconfig.extensions/1.8.8/io.wcm.caconfig.extensions-1.8.8.jar
MD5: 2504e30f65f8535e2540005109bfd784
SHA1: 0e951223b1e4e98ff6b88a8e2207f1f27ca43944
SHA256: 96f21d098664a2650a0aa4afef736b5d336e0a3722e61451a25aaddcb5f02697
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor jar package name caconfig Highest Vendor pom artifactid io.wcm.caconfig.extensions Low Vendor Manifest bundle-docurl https://wcm.io/caconfig/extensions/ Low Vendor Manifest service-component OSGI-INF/io.wcm.caconfig.extensions.contextpath.impl.AbsoluteParentContextPathStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.contextpath.impl.RootTemplateContextPathStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.override.impl.RequestHeaderConfigurationOverrideProvider.xml,OSGI-INF/io.wcm.caconfig.extensions.persistence.impl.PagePersistenceStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.persistence.impl.ToolsConfigPagePersistenceStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.references.impl.ConfigurationReferenceProvider.xml,OSGI-INF/io.wcm.caconfig.extensions.references.impl.CoreCompReferenceProviderDisabler.xml Low Vendor Manifest bundle-symbolicname io.wcm.caconfig.extensions Medium Vendor jar package name extensions Highest Vendor Manifest provide-capability osgi.service;objectClass:List="com.day.cq.wcm.api.reference.ReferenceProvider";uses:="com.day.cq.wcm.api.reference",osgi.service;objectClass:List="org.apache.sling.caconfig.resource.spi.ConfigurationResourceResolvingStrategy,org.apache.sling.caconfig.spi.ConfigurationPersistenceStrategy2";uses:="org.apache.sling.caconfig.resource.spi,org.apache.sling.caconfig.spi",osgi.service;objectClass:List="org.apache.sling.caconfig.resource.spi.ContextPathStrategy";uses:="org.apache.sling.caconfig.resource.spi",osgi.service;objectClass:List="org.apache.sling.caconfig.spi.ConfigurationOverrideProvider";uses:="org.apache.sling.caconfig.spi",osgi.service;objectClass:List="org.apache.sling.caconfig.spi.ConfigurationPersistenceStrategy2";uses:="org.apache.sling.caconfig.spi",osgi.service;objectClass:List="org.osgi.service.event.EventHandler";uses:="org.osgi.service.event" Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor pom parent-artifactid io.wcm.caconfig.parent Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=com.day.cq.wcm.api.PageManagerFactory)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.request.RequestContext)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManagementSettings)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationResourceResolverConfig)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.multiplexer.ConfigurationResourceResolvingStrategyMultiplexer)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.multiplexer.ContextPathStrategyMultiplexer)";effective:=active,osgi.service;filter:="(objectClass=org.osgi.service.component.runtime.ServiceComponentRuntime)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor file name io.wcm.caconfig.extensions High Vendor pom name Context-Aware Configuration Extensions for AEM High Product jar package name caconfig Highest Product pom parent-artifactid io.wcm.caconfig.parent Medium Product Manifest bundle-docurl https://wcm.io/caconfig/extensions/ Low Product Manifest service-component OSGI-INF/io.wcm.caconfig.extensions.contextpath.impl.AbsoluteParentContextPathStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.contextpath.impl.RootTemplateContextPathStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.override.impl.RequestHeaderConfigurationOverrideProvider.xml,OSGI-INF/io.wcm.caconfig.extensions.persistence.impl.PagePersistenceStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.persistence.impl.ToolsConfigPagePersistenceStrategy.xml,OSGI-INF/io.wcm.caconfig.extensions.references.impl.ConfigurationReferenceProvider.xml,OSGI-INF/io.wcm.caconfig.extensions.references.impl.CoreCompReferenceProviderDisabler.xml Low Product Manifest Bundle-Name wcm.io Context-Aware Configuration Extensions for AEM Medium Product Manifest bundle-symbolicname io.wcm.caconfig.extensions Medium Product jar package name extensions Highest Product Manifest provide-capability osgi.service;objectClass:List="com.day.cq.wcm.api.reference.ReferenceProvider";uses:="com.day.cq.wcm.api.reference",osgi.service;objectClass:List="org.apache.sling.caconfig.resource.spi.ConfigurationResourceResolvingStrategy,org.apache.sling.caconfig.spi.ConfigurationPersistenceStrategy2";uses:="org.apache.sling.caconfig.resource.spi,org.apache.sling.caconfig.spi",osgi.service;objectClass:List="org.apache.sling.caconfig.resource.spi.ContextPathStrategy";uses:="org.apache.sling.caconfig.resource.spi",osgi.service;objectClass:List="org.apache.sling.caconfig.spi.ConfigurationOverrideProvider";uses:="org.apache.sling.caconfig.spi",osgi.service;objectClass:List="org.apache.sling.caconfig.spi.ConfigurationPersistenceStrategy2";uses:="org.apache.sling.caconfig.spi",osgi.service;objectClass:List="org.osgi.service.event.EventHandler";uses:="org.osgi.service.event" Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product pom groupid io.wcm Highest Product Manifest require-capability osgi.service;filter:="(objectClass=com.day.cq.wcm.api.PageManagerFactory)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.request.RequestContext)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManagementSettings)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationManager)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.ConfigurationResourceResolverConfig)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.multiplexer.ConfigurationResourceResolvingStrategyMultiplexer)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.management.multiplexer.ContextPathStrategyMultiplexer)";effective:=active,osgi.service;filter:="(objectClass=org.osgi.service.component.runtime.ServiceComponentRuntime)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product file name io.wcm.caconfig.extensions High Product pom name Context-Aware Configuration Extensions for AEM High Product pom artifactid io.wcm.caconfig.extensions Highest Version pom parent-version 1.8.8 Low Version Manifest Bundle-Version 1.8.8 High Version pom version 1.8.8 Highest Version file version 1.8.8 High
io.wcm.handler.commons-1.4.0.jarDescription:
Functionality shared by the handler implementations. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.commons/1.4.0/io.wcm.handler.commons-1.4.0.jar
MD5: 22d3937da67bf428d8fafec31bb66666
SHA1: 3d49669d3abe379dad3cd42dee94f1c2ed81cd92
SHA256: b9aff5dff0d2226cb4ce008b286a08d6f2f7684c97f4ab7bdf6e5df228fc4af9
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname io.wcm.handler.commons Medium Vendor Manifest service-component OSGI-INF/io.wcm.handler.commons.servlets.impl.HtxPageExtensionMapper.xml Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor Manifest provide-capability osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest bundle-docurl https://wcm.io/handler/commons/ Low Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor file name io.wcm.handler.commons High Vendor pom name Handler Commons High Vendor jar package name handler Highest Vendor jar package name commons Highest Vendor pom artifactid io.wcm.handler.commons Low Product Manifest bundle-symbolicname io.wcm.handler.commons Medium Product Manifest service-component OSGI-INF/io.wcm.handler.commons.servlets.impl.HtxPageExtensionMapper.xml Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest provide-capability osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product pom groupid io.wcm Highest Product Manifest bundle-docurl https://wcm.io/handler/commons/ Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product pom artifactid io.wcm.handler.commons Highest Product Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product file name io.wcm.handler.commons High Product pom name Handler Commons High Product jar package name handler Highest Product Manifest Bundle-Name wcm.io Handler Commons Medium Product jar package name commons Highest Version file version 1.4.0 High Version pom version 1.4.0 Highest Version Manifest Bundle-Version 1.4.0 High
io.wcm.handler.commons-1.4.2.jarDescription:
Functionality shared by the handler implementations. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.commons/1.4.2/io.wcm.handler.commons-1.4.2.jar
MD5: 8ffd12a76c573346ddd628231db01ceb
SHA1: e3cad3d019378c29cbe536d882b1aebe661acb2d
SHA256: bd719ea504437744b3fa694451ebc4ab9f0eb2078ba64f6939d405ed3f45d19d
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname io.wcm.handler.commons Medium Vendor Manifest service-component OSGI-INF/io.wcm.handler.commons.servlets.impl.HtxPageExtensionMapper.xml Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor Manifest provide-capability osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest bundle-docurl https://wcm.io/handler/commons/ Low Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor file name io.wcm.handler.commons High Vendor pom name Handler Commons High Vendor jar package name handler Highest Vendor jar package name commons Highest Vendor pom artifactid io.wcm.handler.commons Low Product Manifest bundle-symbolicname io.wcm.handler.commons Medium Product Manifest service-component OSGI-INF/io.wcm.handler.commons.servlets.impl.HtxPageExtensionMapper.xml Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest provide-capability osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product pom groupid io.wcm Highest Product Manifest bundle-docurl https://wcm.io/handler/commons/ Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product pom artifactid io.wcm.handler.commons Highest Product Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product file name io.wcm.handler.commons High Product pom name Handler Commons High Product jar package name handler Highest Product Manifest Bundle-Name wcm.io Handler Commons Medium Product jar package name commons Highest Version pom parent-version 1.4.2 Low Version pom version 1.4.2 Highest Version file version 1.4.2 High Version Manifest Bundle-Version 1.4.2 High
io.wcm.handler.link-1.7.4.jarDescription:
Link resolving, processing and markup generation. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.link/1.7.4/io.wcm.handler.link-1.7.4.jar
MD5: 78d1eaaac5efd93913322bf10d291eae
SHA1: 728e927cb246afbf0268bff4be7aa7685277c43c
SHA256: acb99975de7cbca73515aa46e791b54203405d0b26cf983fc22aaeed99946742
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor jar package name link Highest Vendor Manifest service-component OSGI-INF/io.wcm.handler.link.impl.DefaultLinkHandlerConfig.xml,OSGI-INF/io.wcm.handler.link.impl.ImageMapLinkResolverImpl.xml,OSGI-INF/io.wcm.handler.link.impl.LinkHandlerConfigAdapterFactory.xml Low Vendor Manifest bundle-docurl https://wcm.io/handler/link/ Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor file name io.wcm.handler.link High Vendor Manifest bundle-symbolicname io.wcm.handler.link Medium Vendor jar package name wcm Highest Vendor pom artifactid io.wcm.handler.link Low Vendor pom groupid io.wcm Highest Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/link Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name handler Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.link.spi.LinkHandlerConfig";uses:="io.wcm.handler.link.spi",osgi.service;objectClass:List="io.wcm.handler.media.spi.ImageMapLinkResolver";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter" Low Vendor pom name Link Handler High Product jar package name link Highest Product pom artifactid io.wcm.handler.link Highest Product Manifest Bundle-Name wcm.io Link Handler Medium Product Manifest service-component OSGI-INF/io.wcm.handler.link.impl.DefaultLinkHandlerConfig.xml,OSGI-INF/io.wcm.handler.link.impl.ImageMapLinkResolverImpl.xml,OSGI-INF/io.wcm.handler.link.impl.LinkHandlerConfigAdapterFactory.xml Low Product Manifest bundle-docurl https://wcm.io/handler/link/ Low Product file name io.wcm.handler.link High Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product Manifest bundle-symbolicname io.wcm.handler.link Medium Product jar package name wcm Highest Product pom groupid io.wcm Highest Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/link Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name handler Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.link.spi.LinkHandlerConfig";uses:="io.wcm.handler.link.spi",osgi.service;objectClass:List="io.wcm.handler.media.spi.ImageMapLinkResolver";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter" Low Product pom name Link Handler High Version pom version 1.7.4 Highest Version Manifest Bundle-Version 1.7.4 High Version pom parent-version 1.7.4 Low Version file version 1.7.4 High
io.wcm.handler.link-1.7.4.jar: validation.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.link/1.7.4/io.wcm.handler.link-1.7.4.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/validation.jsMD5: 60adc20bbff1f3503d5409665d6030daSHA1: 764dc6c771d6625870dbddac32074e63856a2cbfSHA256: d3ee0e4b2c43d5e45e65906a2086759ec22d282baa35e16bab6dc2e1ae971300Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.link-1.8.0.jar: validation.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.link/1.8.0/io.wcm.handler.link-1.8.0.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/validation.js MD5: 60adc20bbff1f3503d5409665d6030da SHA1: 764dc6c771d6625870dbddac32074e63856a2cbf SHA256: d3ee0e4b2c43d5e45e65906a2086759ec22d282baa35e16bab6dc2e1ae971300 io.wcm.handler.link-1.8.0.jarDescription:
Link resolving, processing and markup generation. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.link/1.8.0/io.wcm.handler.link-1.8.0.jar
MD5: 69f8ba7e065f321d9ef02010e60ed079
SHA1: c05d30bafda035e78f8f0d2794232b377c85b0c4
SHA256: b602e80a8649ce67c0517a0ed7f0da13c06bccf95c82e838f680cf5253d85564
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor jar package name link Highest Vendor Manifest service-component OSGI-INF/io.wcm.handler.link.impl.DefaultLinkHandlerConfig.xml,OSGI-INF/io.wcm.handler.link.impl.ImageMapLinkResolverImpl.xml,OSGI-INF/io.wcm.handler.link.impl.LinkHandlerConfigAdapterFactory.xml Low Vendor Manifest bundle-docurl https://wcm.io/handler/link/ Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor file name io.wcm.handler.link High Vendor Manifest bundle-symbolicname io.wcm.handler.link Medium Vendor jar package name wcm Highest Vendor pom artifactid io.wcm.handler.link Low Vendor pom groupid io.wcm Highest Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/link Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name handler Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.link.spi.LinkHandlerConfig";uses:="io.wcm.handler.link.spi",osgi.service;objectClass:List="io.wcm.handler.media.spi.ImageMapLinkResolver";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter" Low Vendor pom name Link Handler High Product jar package name link Highest Product pom artifactid io.wcm.handler.link Highest Product Manifest Bundle-Name wcm.io Link Handler Medium Product Manifest service-component OSGI-INF/io.wcm.handler.link.impl.DefaultLinkHandlerConfig.xml,OSGI-INF/io.wcm.handler.link.impl.ImageMapLinkResolverImpl.xml,OSGI-INF/io.wcm.handler.link.impl.LinkHandlerConfigAdapterFactory.xml Low Product Manifest bundle-docurl https://wcm.io/handler/link/ Low Product file name io.wcm.handler.link High Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product Manifest bundle-symbolicname io.wcm.handler.link Medium Product jar package name wcm Highest Product pom groupid io.wcm Highest Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/link Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name handler Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.link.spi.LinkHandlerConfig";uses:="io.wcm.handler.link.spi",osgi.service;objectClass:List="io.wcm.handler.media.spi.ImageMapLinkResolver";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter" Low Product pom name Link Handler High Version pom version 1.8.0 Highest Version file version 1.8.0 High Version pom parent-version 1.8.0 Low Version Manifest Bundle-Version 1.8.0 High
io.wcm.handler.media-1.13.6.jarDescription:
Media resolving, processing and markup generation. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.6/io.wcm.handler.media-1.13.6.jar
MD5: 1ba93aebca72e8554655fb519188853e
SHA1: de91242c7a2cc471be76738728c570fdf1c14426
SHA256: 158c7c8f53304c7882c625fefa410682fd77a153fdc88bf9f97c3ad52fb7dfc6
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor jar package name media Highest Vendor Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.workflow.collection.ResourceCollectionManager)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.handler.store.AssetStore)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.s7dam.utils.PublishUtils)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.handler.media.spi.MediaFormatProvider)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.wcm.commons.instancetype.InstanceTypeService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.featureflags.Features)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/media Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor Manifest service-component OSGI-INF/io.wcm.handler.media.format.impl.DefaultMediaFormatListProvider.xml,OSGI-INF/io.wcm.handler.media.format.impl.MediaFormatProviderManagerImpl.xml,OSGI-INF/com.day.cq.dam.core.impl.servlet.DamContentDispositionFilter.xml,OSGI-INF/io.wcm.handler.media.impl.DefaultMediaHandlerConfig.xml,OSGI-INF/io.wcm.handler.media.impl.DummyImageServlet.xml,OSGI-INF/io.wcm.handler.media.impl.ImageFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.InlineImageAuthorPreviewServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFormatValidateServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaHandlerConfigAdapterFactory.xml,OSGI-INF/io.wcm.handler.media.impl.ipeconfig.IPEConfigResourceProvider.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportServiceImpl.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataListenerService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataWorkflowProcess.xml Low Vendor Manifest bundle-symbolicname io.wcm.handler.media Medium Vendor Manifest sling-namespaces wcmio=http://wcm.io/ns Medium Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest bundle-docurl https://wcm.io/handler/media/ Low Vendor file name io.wcm.handler.media High Vendor pom artifactid io.wcm.handler.media Low Vendor pom name Media Handler High Vendor jar package name handler Highest Vendor Manifest provide-capability osgi.service;objectClass:List="com.adobe.granite.workflow.exec.WorkflowProcess";uses:="com.adobe.granite.workflow.exec",osgi.service;objectClass:List="io.wcm.handler.media.format.MediaFormatProviderManager";uses:="io.wcm.handler.media.format",osgi.service;objectClass:List="io.wcm.handler.media.spi.MediaHandlerConfig";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportService";uses:="io.wcm.handler.mediasource.dam.impl.dynamicmedia",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService";uses:="io.wcm.handler.mediasource.dam.impl.metadata",osgi.service;objectClass:List="javax.servlet.Filter";uses:="javax.servlet",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.spi.resource.provider.ResourceProvider";uses:="org.apache.sling.spi.resource.provider",osgi.service;objectClass:List="org.osgi.service.event.EventHandler";uses:="org.osgi.service.event" Low Product jar package name media Highest Product Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.workflow.collection.ResourceCollectionManager)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.handler.store.AssetStore)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.s7dam.utils.PublishUtils)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.handler.media.spi.MediaFormatProvider)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.wcm.commons.instancetype.InstanceTypeService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.featureflags.Features)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/media Low Product jar package name mediasource Highest Product pom artifactid io.wcm.handler.media Highest Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest service-component OSGI-INF/io.wcm.handler.media.format.impl.DefaultMediaFormatListProvider.xml,OSGI-INF/io.wcm.handler.media.format.impl.MediaFormatProviderManagerImpl.xml,OSGI-INF/com.day.cq.dam.core.impl.servlet.DamContentDispositionFilter.xml,OSGI-INF/io.wcm.handler.media.impl.DefaultMediaHandlerConfig.xml,OSGI-INF/io.wcm.handler.media.impl.DummyImageServlet.xml,OSGI-INF/io.wcm.handler.media.impl.ImageFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.InlineImageAuthorPreviewServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFormatValidateServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaHandlerConfigAdapterFactory.xml,OSGI-INF/io.wcm.handler.media.impl.ipeconfig.IPEConfigResourceProvider.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportServiceImpl.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataListenerService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataWorkflowProcess.xml Low Product pom groupid io.wcm Highest Product Manifest bundle-symbolicname io.wcm.handler.media Medium Product Manifest sling-namespaces wcmio=http://wcm.io/ns Medium Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product Manifest bundle-docurl https://wcm.io/handler/media/ Low Product file name io.wcm.handler.media High Product pom name Media Handler High Product jar package name handler Highest Product Manifest Bundle-Name wcm.io Media Handler Medium Product Manifest provide-capability osgi.service;objectClass:List="com.adobe.granite.workflow.exec.WorkflowProcess";uses:="com.adobe.granite.workflow.exec",osgi.service;objectClass:List="io.wcm.handler.media.format.MediaFormatProviderManager";uses:="io.wcm.handler.media.format",osgi.service;objectClass:List="io.wcm.handler.media.spi.MediaHandlerConfig";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportService";uses:="io.wcm.handler.mediasource.dam.impl.dynamicmedia",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService";uses:="io.wcm.handler.mediasource.dam.impl.metadata",osgi.service;objectClass:List="javax.servlet.Filter";uses:="javax.servlet",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.spi.resource.provider.ResourceProvider";uses:="org.apache.sling.spi.resource.provider",osgi.service;objectClass:List="org.osgi.service.event.EventHandler";uses:="org.osgi.service.event" Low Version pom parent-version 1.13.6 Low Version pom version 1.13.6 Highest Version file version 1.13.6 High Version Manifest Bundle-Version 1.13.6 High
io.wcm.handler.media-1.13.6.jar: fileupload.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.6/io.wcm.handler.media-1.13.6.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/fileupload.jsMD5: 228b2fffc6abfcdd799e78898e1f99f0SHA1: fb786d6d24f5a9e073922bf44124c2d220f26eb4SHA256: ce8922cde6eb4f852d6303d70d68ee5465eb8fca64ca98a4eb5f394c67c68565Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.media-1.13.8.jar: fileupload.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.8/io.wcm.handler.media-1.13.8.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/fileupload.js MD5: 228b2fffc6abfcdd799e78898e1f99f0 SHA1: fb786d6d24f5a9e073922bf44124c2d220f26eb4 SHA256: ce8922cde6eb4f852d6303d70d68ee5465eb8fca64ca98a4eb5f394c67c68565 io.wcm.handler.media-1.13.6.jar: mediaFormatValidate.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.6/io.wcm.handler.media-1.13.6.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/mediaFormatValidate.jsMD5: d651e04f32fb3bb0fced07ed1a2005fcSHA1: dea24b24548036a6996bc1136ca199801bf77f61SHA256: f717ede12e856a344c5aecd4dc56da7f369a0f109f74bdf2f372b5b18131583fReferenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.media-1.13.8.jar: mediaFormatValidate.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.8/io.wcm.handler.media-1.13.8.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/mediaFormatValidate.js MD5: d651e04f32fb3bb0fced07ed1a2005fc SHA1: dea24b24548036a6996bc1136ca199801bf77f61 SHA256: f717ede12e856a344c5aecd4dc56da7f369a0f109f74bdf2f372b5b18131583f io.wcm.handler.media-1.13.6.jar: namespace.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.6/io.wcm.handler.media-1.13.6.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/namespace.jsMD5: 1ee97355e0dea2b938d18b793ee3afcbSHA1: db8dcc1d4119b2318d6e9b82a535acd358623efbSHA256: f394f7656cfdb529859443f44bde815af90197ff886a25b09e35a840fc505f9aReferenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.media-1.13.8.jar: namespace.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.8/io.wcm.handler.media-1.13.8.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/namespace.js MD5: 1ee97355e0dea2b938d18b793ee3afcb SHA1: db8dcc1d4119b2318d6e9b82a535acd358623efb SHA256: f394f7656cfdb529859443f44bde815af90197ff886a25b09e35a840fc505f9a io.wcm.handler.media-1.13.6.jar: pathfield.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.6/io.wcm.handler.media-1.13.6.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/pathfield.jsMD5: d8bdda5721510948d2a115432a45a19aSHA1: 592bba9dae3da6ab12020e0c2b3173446e3b5ac6SHA256: 20a9cbff936311f0e1cb5b3d1ad385508bab22788cdc15c9e94338f26fe8a236Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.media-1.13.8.jar: pathfield.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.8/io.wcm.handler.media-1.13.8.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/pathfield.js MD5: d8bdda5721510948d2a115432a45a19a SHA1: 592bba9dae3da6ab12020e0c2b3173446e3b5ac6 SHA256: 20a9cbff936311f0e1cb5b3d1ad385508bab22788cdc15c9e94338f26fe8a236 io.wcm.handler.media-1.13.6.jar: validation.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.6/io.wcm.handler.media-1.13.6.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/validation.jsMD5: c8ce854cad6f2376a0cf0e04bd298808SHA1: 60e641d95e570022dd82aaa25fa8ff8922cebdbfSHA256: 98755c24e6772dfdc4cf8e8ff5e51e0ef98008371b715ae4677dd1df1dae2138Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.media-1.13.8.jar: validation.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.8/io.wcm.handler.media-1.13.8.jar/SLING-INF/app-root/clientlibs/authoring/dialog/js/validation.js MD5: c8ce854cad6f2376a0cf0e04bd298808 SHA1: 60e641d95e570022dd82aaa25fa8ff8922cebdbf SHA256: 98755c24e6772dfdc4cf8e8ff5e51e0ef98008371b715ae4677dd1df1dae2138 io.wcm.handler.media-1.13.8.jarDescription:
Media resolving, processing and markup generation. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.media/1.13.8/io.wcm.handler.media-1.13.8.jar
MD5: d83ff469b5447561eefb8d91c1202c12
SHA1: 74053d03e7da4121637eafca2fdb478416fab842
SHA256: a1b60e6bbf905e98bc8a656f71f9c3d15e06a4928d611765363e49fef9dec0a5
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor jar package name media Highest Vendor Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.workflow.collection.ResourceCollectionManager)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.handler.store.AssetStore)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.s7dam.utils.PublishUtils)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.handler.media.spi.MediaFormatProvider)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.wcm.commons.instancetype.InstanceTypeService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.featureflags.Features)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/media Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor Manifest service-component OSGI-INF/io.wcm.handler.media.format.impl.DefaultMediaFormatListProvider.xml,OSGI-INF/io.wcm.handler.media.format.impl.MediaFormatProviderManagerImpl.xml,OSGI-INF/com.day.cq.dam.core.impl.servlet.DamContentDispositionFilter.xml,OSGI-INF/io.wcm.handler.media.impl.DefaultMediaHandlerConfig.xml,OSGI-INF/io.wcm.handler.media.impl.DummyImageServlet.xml,OSGI-INF/io.wcm.handler.media.impl.ImageFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.InlineImageAuthorPreviewServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFormatValidateServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaHandlerConfigAdapterFactory.xml,OSGI-INF/io.wcm.handler.media.impl.ipeconfig.IPEConfigResourceProvider.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportServiceImpl.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataListenerService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataWorkflowProcess.xml Low Vendor Manifest bundle-symbolicname io.wcm.handler.media Medium Vendor Manifest sling-namespaces wcmio=http://wcm.io/ns Medium Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest bundle-docurl https://wcm.io/handler/media/ Low Vendor file name io.wcm.handler.media High Vendor pom artifactid io.wcm.handler.media Low Vendor pom name Media Handler High Vendor jar package name handler Highest Vendor Manifest provide-capability osgi.service;objectClass:List="com.adobe.granite.workflow.exec.WorkflowProcess";uses:="com.adobe.granite.workflow.exec",osgi.service;objectClass:List="io.wcm.handler.media.format.MediaFormatProviderManager";uses:="io.wcm.handler.media.format",osgi.service;objectClass:List="io.wcm.handler.media.spi.MediaHandlerConfig";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportService";uses:="io.wcm.handler.mediasource.dam.impl.dynamicmedia",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService";uses:="io.wcm.handler.mediasource.dam.impl.metadata",osgi.service;objectClass:List="javax.servlet.Filter";uses:="javax.servlet",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.spi.resource.provider.ResourceProvider";uses:="org.apache.sling.spi.resource.provider",osgi.service;objectClass:List="org.osgi.service.event.EventHandler";uses:="org.osgi.service.event" Low Product jar package name media Highest Product Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.workflow.collection.ResourceCollectionManager)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.handler.store.AssetStore)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.dam.api.s7dam.utils.PublishUtils)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.handler.media.spi.MediaFormatProvider)";effective:=active;resolution:=optional;cardinality:=multiple,osgi.service;filter:="(objectClass=io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.wcm.commons.instancetype.InstanceTypeService)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.featureflags.Features)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/media Low Product jar package name mediasource Highest Product pom artifactid io.wcm.handler.media Highest Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest service-component OSGI-INF/io.wcm.handler.media.format.impl.DefaultMediaFormatListProvider.xml,OSGI-INF/io.wcm.handler.media.format.impl.MediaFormatProviderManagerImpl.xml,OSGI-INF/com.day.cq.dam.core.impl.servlet.DamContentDispositionFilter.xml,OSGI-INF/io.wcm.handler.media.impl.DefaultMediaHandlerConfig.xml,OSGI-INF/io.wcm.handler.media.impl.DummyImageServlet.xml,OSGI-INF/io.wcm.handler.media.impl.ImageFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.InlineImageAuthorPreviewServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFileServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaFormatValidateServlet.xml,OSGI-INF/io.wcm.handler.media.impl.MediaHandlerConfigAdapterFactory.xml,OSGI-INF/io.wcm.handler.media.impl.ipeconfig.IPEConfigResourceProvider.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportServiceImpl.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataListenerService.xml,OSGI-INF/io.wcm.handler.mediasource.dam.impl.metadata.RenditionMetadataWorkflowProcess.xml Low Product pom groupid io.wcm Highest Product Manifest bundle-symbolicname io.wcm.handler.media Medium Product Manifest sling-namespaces wcmio=http://wcm.io/ns Medium Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product Manifest bundle-docurl https://wcm.io/handler/media/ Low Product file name io.wcm.handler.media High Product pom name Media Handler High Product jar package name handler Highest Product Manifest Bundle-Name wcm.io Media Handler Medium Product Manifest provide-capability osgi.service;objectClass:List="com.adobe.granite.workflow.exec.WorkflowProcess";uses:="com.adobe.granite.workflow.exec",osgi.service;objectClass:List="io.wcm.handler.media.format.MediaFormatProviderManager";uses:="io.wcm.handler.media.format",osgi.service;objectClass:List="io.wcm.handler.media.spi.MediaHandlerConfig";uses:="io.wcm.handler.media.spi",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.dynamicmedia.DynamicMediaSupportService";uses:="io.wcm.handler.mediasource.dam.impl.dynamicmedia",osgi.service;objectClass:List="io.wcm.handler.mediasource.dam.impl.metadata.AssetSynchonizationService";uses:="io.wcm.handler.mediasource.dam.impl.metadata",osgi.service;objectClass:List="javax.servlet.Filter";uses:="javax.servlet",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.spi.resource.provider.ResourceProvider";uses:="org.apache.sling.spi.resource.provider",osgi.service;objectClass:List="org.osgi.service.event.EventHandler";uses:="org.osgi.service.event" Low Version pom parent-version 1.13.8 Low Version file version 1.13.8 High Version pom version 1.13.8 Highest Version Manifest Bundle-Version 1.13.8 High
io.wcm.handler.richtext-1.5.0.jarDescription:
Rich text processing and markup generation. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.0/io.wcm.handler.richtext-1.5.0.jar
MD5: 331dd7a157dda6b868474c3596ef3d24
SHA1: b3a6d4fe949c0e1a27ac6200f4200f4b4767f2df
SHA256: 6120fe27bd3c33bdc0f8aaa79fbc96f27cea681d14b7486ded3505488dbcda48
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/richtext Low Vendor Manifest service-component OSGI-INF/io.wcm.handler.richtext.impl.DefaultRichTextHandlerConfig.xml,OSGI-INF/io.wcm.handler.richtext.impl.RTELinkPluginConfig.xml Low Vendor pom artifactid io.wcm.handler.richtext Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.richtext.spi.RichTextHandlerConfig";uses:="io.wcm.handler.richtext.spi",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom groupid io.wcm Highest Vendor Manifest bundle-symbolicname io.wcm.handler.richtext Medium Vendor jar package name richtext Highest Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor file name io.wcm.handler.richtext High Vendor Manifest bundle-docurl https://wcm.io/handler/richtext/ Low Vendor Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name handler Highest Vendor pom name RichText Handler High Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/richtext Low Product Manifest service-component OSGI-INF/io.wcm.handler.richtext.impl.DefaultRichTextHandlerConfig.xml,OSGI-INF/io.wcm.handler.richtext.impl.RTELinkPluginConfig.xml Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.richtext.spi.RichTextHandlerConfig";uses:="io.wcm.handler.richtext.spi",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product pom groupid io.wcm Highest Product Manifest bundle-symbolicname io.wcm.handler.richtext Medium Product jar package name richtext Highest Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product file name io.wcm.handler.richtext High Product Manifest bundle-docurl https://wcm.io/handler/richtext/ Low Product Manifest Bundle-Name wcm.io RichText Handler Medium Product Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name handler Highest Product pom name RichText Handler High Product pom artifactid io.wcm.handler.richtext Highest Version pom version 1.5.0 Highest Version file version 1.5.0 High Version pom parent-version 1.5.0 Low Version Manifest Bundle-Version 1.5.0 High
io.wcm.handler.richtext-1.5.0.jar: linkDialog.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.0/io.wcm.handler.richtext-1.5.0.jar/SLING-INF/app-root/clientlibs/rte.plugins/js/linkDialog.jsMD5: a5d161dd46013eff503a9142dbc9947fSHA1: ee3e66102ffac63119e74771225b2687af524147SHA256: 0e922cbcc77457105439b4471939362247eeafce5e00c2d48238715092b8e629Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.richtext-1.5.6.jar: linkDialog.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.6/io.wcm.handler.richtext-1.5.6.jar/SLING-INF/app-root/clientlibs/rte.plugins/js/linkDialog.js MD5: a5d161dd46013eff503a9142dbc9947f SHA1: ee3e66102ffac63119e74771225b2687af524147 SHA256: 0e922cbcc77457105439b4471939362247eeafce5e00c2d48238715092b8e629 io.wcm.handler.richtext-1.5.0.jar: linkPlugin.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.0/io.wcm.handler.richtext-1.5.0.jar/SLING-INF/app-root/clientlibs/rte.plugins/js/linkPlugin.jsMD5: 172b7860a2b277ba036e1a92025f5816SHA1: 7c180adb3baf031623bd716eb43977ed251bad28SHA256: d6c5b8a6897e43a4bb58273e693c329f831e0246ccae033877fd2708a65c13f2Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.richtext-1.5.6.jar: linkPlugin.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.6/io.wcm.handler.richtext-1.5.6.jar/SLING-INF/app-root/clientlibs/rte.plugins/js/linkPlugin.js MD5: 172b7860a2b277ba036e1a92025f5816 SHA1: 7c180adb3baf031623bd716eb43977ed251bad28 SHA256: d6c5b8a6897e43a4bb58273e693c329f831e0246ccae033877fd2708a65c13f2 io.wcm.handler.richtext-1.5.0.jar: namespace.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.0/io.wcm.handler.richtext-1.5.0.jar/SLING-INF/app-root/clientlibs/rte.plugins/js/namespace.jsMD5: 7ae55c6778a3c26445a0098fcefde074SHA1: fa7930101777f1f655cbbf99d6b2ec186260a462SHA256: 5eb6414d882dde4e5e49e64b15bf011d0e19f8fb09b8e3216c5211b01c836ff1Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.handler.richtext-1.5.6.jar: namespace.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.6/io.wcm.handler.richtext-1.5.6.jar/SLING-INF/app-root/clientlibs/rte.plugins/js/namespace.js MD5: 7ae55c6778a3c26445a0098fcefde074 SHA1: fa7930101777f1f655cbbf99d6b2ec186260a462 SHA256: 5eb6414d882dde4e5e49e64b15bf011d0e19f8fb09b8e3216c5211b01c836ff1 io.wcm.handler.richtext-1.5.6.jarDescription:
Rich text processing and markup generation. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.richtext/1.5.6/io.wcm.handler.richtext-1.5.6.jar
MD5: f3b5a60cb0b65cfc50fb5a566260815e
SHA1: e46a81b65646869eafd2deb4bfa5be91a63f3773
SHA256: 937a6eee2964d9eaf857bcd46ad1c7d23d708e28f8294c5e65ae6452b5aefc7b
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/richtext Low Vendor Manifest service-component OSGI-INF/io.wcm.handler.richtext.impl.DefaultRichTextHandlerConfig.xml,OSGI-INF/io.wcm.handler.richtext.impl.RTELinkPluginConfig.xml Low Vendor pom artifactid io.wcm.handler.richtext Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.richtext.spi.RichTextHandlerConfig";uses:="io.wcm.handler.richtext.spi",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom groupid io.wcm Highest Vendor Manifest bundle-symbolicname io.wcm.handler.richtext Medium Vendor jar package name richtext Highest Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor file name io.wcm.handler.richtext High Vendor Manifest bundle-docurl https://wcm.io/handler/richtext/ Low Vendor Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name handler Highest Vendor pom name RichText Handler High Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/richtext Low Product Manifest service-component OSGI-INF/io.wcm.handler.richtext.impl.DefaultRichTextHandlerConfig.xml,OSGI-INF/io.wcm.handler.richtext.impl.RTELinkPluginConfig.xml Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.richtext.spi.RichTextHandlerConfig";uses:="io.wcm.handler.richtext.spi",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product pom groupid io.wcm Highest Product Manifest bundle-symbolicname io.wcm.handler.richtext Medium Product jar package name richtext Highest Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product file name io.wcm.handler.richtext High Product Manifest bundle-docurl https://wcm.io/handler/richtext/ Low Product Manifest Bundle-Name wcm.io RichText Handler Medium Product Manifest require-capability osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name handler Highest Product pom name RichText Handler High Product pom artifactid io.wcm.handler.richtext Highest Version Manifest Bundle-Version 1.5.6 High Version pom version 1.5.6 Highest Version file version 1.5.6 High Version pom parent-version 1.5.6 Low
io.wcm.handler.url-1.5.4.jarDescription:
URL resolving and processing. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.url/1.5.4/io.wcm.handler.url-1.5.4.jar
MD5: 135b4a98e9c6ff743ec382c731a690ed
SHA1: 1bad50fefa3fb74bfd712bce8b9e961fa447cdc8
SHA256: eb7cd0213b60a1a4e6264b973f613df84a259d42399c40d422820675a8de9d11
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor jar package name url Highest Vendor Manifest bundle-symbolicname io.wcm.handler.url Medium Vendor pom artifactid io.wcm.handler.url Low Vendor Manifest bundle-docurl https://wcm.io/handler/url/ Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/url Low Vendor Manifest service-component OSGI-INF/io.wcm.handler.url.impl.DefaultUrlHandlerConfig.xml,OSGI-INF/io.wcm.handler.url.impl.SiteRootDetectorImpl.xml,OSGI-INF/io.wcm.handler.url.impl.UrlHandlerAdapterFactory.xml,OSGI-INF/io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriterImpl.xml,OSGI-INF/io.wcm.handler.url.rewriter.impl.UrlExternalizerTransformerFactory.xml Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor pom name URL Handler High Vendor file name io.wcm.handler.url High Vendor jar package name handler Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.url.SiteRootDetector";uses:="io.wcm.handler.url",osgi.service;objectClass:List="io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriter";uses:="io.wcm.handler.url.impl.clientlib",osgi.service;objectClass:List="io.wcm.handler.url.spi.UrlHandlerConfig";uses:="io.wcm.handler.url.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.rewriter.TransformerFactory";uses:="org.apache.sling.rewriter" Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.handler.url.SiteRootDetector)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name url Highest Product Manifest bundle-symbolicname io.wcm.handler.url Medium Product Manifest bundle-docurl https://wcm.io/handler/url/ Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/url Low Product pom groupid io.wcm Highest Product pom artifactid io.wcm.handler.url Highest Product Manifest service-component OSGI-INF/io.wcm.handler.url.impl.DefaultUrlHandlerConfig.xml,OSGI-INF/io.wcm.handler.url.impl.SiteRootDetectorImpl.xml,OSGI-INF/io.wcm.handler.url.impl.UrlHandlerAdapterFactory.xml,OSGI-INF/io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriterImpl.xml,OSGI-INF/io.wcm.handler.url.rewriter.impl.UrlExternalizerTransformerFactory.xml Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product pom name URL Handler High Product file name io.wcm.handler.url High Product Manifest Bundle-Name wcm.io URL Handler Medium Product jar package name handler Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.url.SiteRootDetector";uses:="io.wcm.handler.url",osgi.service;objectClass:List="io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriter";uses:="io.wcm.handler.url.impl.clientlib",osgi.service;objectClass:List="io.wcm.handler.url.spi.UrlHandlerConfig";uses:="io.wcm.handler.url.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.rewriter.TransformerFactory";uses:="org.apache.sling.rewriter" Low Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.handler.url.SiteRootDetector)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Version Manifest Bundle-Version 1.5.4 High Version pom version 1.5.4 Highest Version file version 1.5.4 High Version pom parent-version 1.5.4 Low
io.wcm.handler.url-1.6.0.jarDescription:
URL resolving and processing. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.url/1.6.0/io.wcm.handler.url-1.6.0.jar
MD5: d6e4d166536812e383832fc1b6dee4d3
SHA1: 834b061d39aa3c7b5519e478f42b037f157f34f3
SHA256: 71aca33969fc6201aff3615bd0faba06e6c3ae75b5078be495b3b8e7ca88157c
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor jar package name url Highest Vendor Manifest bundle-symbolicname io.wcm.handler.url Medium Vendor pom artifactid io.wcm.handler.url Low Vendor Manifest bundle-docurl https://wcm.io/handler/url/ Low Vendor pom parent-artifactid io.wcm.handler.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/url Low Vendor Manifest service-component OSGI-INF/io.wcm.handler.url.impl.DefaultUrlHandlerConfig.xml,OSGI-INF/io.wcm.handler.url.impl.SiteRootDetectorImpl.xml,OSGI-INF/io.wcm.handler.url.impl.UrlHandlerAdapterFactory.xml,OSGI-INF/io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriterImpl.xml,OSGI-INF/io.wcm.handler.url.rewriter.impl.UrlExternalizerTransformerFactory.xml Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor pom name URL Handler High Vendor file name io.wcm.handler.url High Vendor jar package name handler Highest Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.url.SiteRootDetector";uses:="io.wcm.handler.url",osgi.service;objectClass:List="io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriter";uses:="io.wcm.handler.url.impl.clientlib",osgi.service;objectClass:List="io.wcm.handler.url.spi.UrlHandlerConfig";uses:="io.wcm.handler.url.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.rewriter.TransformerFactory";uses:="org.apache.sling.rewriter" Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.handler.url.SiteRootDetector)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name url Highest Product Manifest bundle-symbolicname io.wcm.handler.url Medium Product Manifest bundle-docurl https://wcm.io/handler/url/ Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/handler/url Low Product pom groupid io.wcm Highest Product pom artifactid io.wcm.handler.url Highest Product Manifest service-component OSGI-INF/io.wcm.handler.url.impl.DefaultUrlHandlerConfig.xml,OSGI-INF/io.wcm.handler.url.impl.SiteRootDetectorImpl.xml,OSGI-INF/io.wcm.handler.url.impl.UrlHandlerAdapterFactory.xml,OSGI-INF/io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriterImpl.xml,OSGI-INF/io.wcm.handler.url.rewriter.impl.UrlExternalizerTransformerFactory.xml Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product pom parent-artifactid io.wcm.handler.parent Medium Product pom name URL Handler High Product file name io.wcm.handler.url High Product Manifest Bundle-Name wcm.io URL Handler Medium Product jar package name handler Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.handler.url.SiteRootDetector";uses:="io.wcm.handler.url",osgi.service;objectClass:List="io.wcm.handler.url.impl.clientlib.ClientlibProxyRewriter";uses:="io.wcm.handler.url.impl.clientlib",osgi.service;objectClass:List="io.wcm.handler.url.spi.UrlHandlerConfig";uses:="io.wcm.handler.url.spi",osgi.service;objectClass:List="org.apache.sling.api.adapter.AdapterFactory";uses:="org.apache.sling.api.adapter",osgi.service;objectClass:List="org.apache.sling.rewriter.TransformerFactory";uses:="org.apache.sling.rewriter" Low Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.handler.url.SiteRootDetector)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.apache.sling.caconfig.resource.ConfigurationResourceResolver)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Version Manifest Bundle-Version 1.6.0 High Version file version 1.6.0 High Version pom version 1.6.0 Highest Version pom parent-version 1.6.0 Low
io.wcm.samples:io.wcm.wcm.core.components.examples-core:1.9.3-2.17.12-SNAPSHOTDescription:
Examples for wcm.io WCM Core Components. License:
The Apache Software License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/work/wcm-io-wcm-core-components/wcm-io-wcm-core-components/examples/bundles/examples-core/pom.xml
Evidence Type Source Name Value Confidence Vendor project artifactid io.wcm.wcm.core.components.examples-core Low Vendor project groupid io.wcm.samples Highest Vendor file name pom High Product project artifactid io.wcm.wcm.core.components.examples-core Highest Product project groupid io.wcm.samples Low Product file name pom High
io.wcm.sling.commons-1.4.0.jarDescription:
Common Sling utility and helper functions. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.sling.commons/1.4.0/io.wcm.sling.commons-1.4.0.jar
MD5: d62de019c010f8bc770e3779c2ef9b77
SHA1: 57bab1d2edf776d551f5c994b705add0fda569b7
SHA256: a6fcc35671f64d43f0a4253340e01655694a8e7fa60aed781410e9440dc053b2
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.sling.commons.caservice.ContextAwareServiceResolver";uses:="io.wcm.sling.commons.caservice",osgi.service;objectClass:List="io.wcm.sling.commons.request.RequestContext,javax.servlet.Filter";uses:="io.wcm.sling.commons.request,javax.servlet",osgi.service;objectClass:List="org.apache.felix.inventory.InventoryPrinter";uses:="org.apache.felix.inventory" Low Vendor pom parent-artifactid io.wcm.sling.parent Low Vendor pom name Sling Commons High Vendor file name io.wcm.sling.commons High Vendor Manifest bundle-docurl https://wcm.io/sling/commons/ Low Vendor pom artifactid io.wcm.sling.commons Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest service-component OSGI-INF/io.wcm.sling.commons.caservice.impl.ContextAwareServiceInventoryPrinter.xml,OSGI-INF/io.wcm.sling.commons.caservice.impl.ContextAwareServiceResolverImpl.xml,OSGI-INF/io.wcm.sling.commons.request.impl.RequestContextFilterImpl.xml Low Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest bundle-symbolicname io.wcm.sling.commons Medium Vendor jar package name sling Highest Vendor jar package name commons Highest Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.PathPreprocessor)";effective:=active;resolution:=optional,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest Bundle-Name wcm.io Sling Commons Medium Product pom artifactid io.wcm.sling.commons Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.sling.commons.caservice.ContextAwareServiceResolver";uses:="io.wcm.sling.commons.caservice",osgi.service;objectClass:List="io.wcm.sling.commons.request.RequestContext,javax.servlet.Filter";uses:="io.wcm.sling.commons.request,javax.servlet",osgi.service;objectClass:List="org.apache.felix.inventory.InventoryPrinter";uses:="org.apache.felix.inventory" Low Product pom name Sling Commons High Product file name io.wcm.sling.commons High Product Manifest bundle-docurl https://wcm.io/sling/commons/ Low Product pom parent-artifactid io.wcm.sling.parent Medium Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product pom groupid io.wcm Highest Product Manifest service-component OSGI-INF/io.wcm.sling.commons.caservice.impl.ContextAwareServiceInventoryPrinter.xml,OSGI-INF/io.wcm.sling.commons.caservice.impl.ContextAwareServiceResolverImpl.xml,OSGI-INF/io.wcm.sling.commons.request.impl.RequestContextFilterImpl.xml Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product Manifest bundle-symbolicname io.wcm.sling.commons Medium Product jar package name sling Highest Product jar package name commons Highest Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.ContextAwareServiceResolver)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.commons.caservice.PathPreprocessor)";effective:=active;resolution:=optional,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Version file version 1.4.0 High Version pom version 1.4.0 Highest Version Manifest Bundle-Version 1.4.0 High
io.wcm.sling.models-1.6.0.jarDescription:
AEM Object Injector for Sling Models. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.sling.models/1.6.0/io.wcm.sling.models-1.6.0.jar
MD5: 11233d382ac989a7c00b69fe6191d0cc
SHA1: 06a9483c7502638bc25552917a20cdfb904c34bb
SHA256: eb19e7903e1cb3c9d98f9d70d68b0687c82923b70a3d6f84f435b358223c64fa
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.sling.models.injectors.impl.ModelsImplConfiguration";uses:="io.wcm.sling.models.injectors.impl",osgi.service;objectClass:List="org.apache.sling.models.spi.Injector,org.apache.sling.models.spi.injectorspecific.StaticInjectAnnotationProcessorFactory";uses:="org.apache.sling.models.spi,org.apache.sling.models.spi.injectorspecific" Low Vendor pom parent-artifactid io.wcm.sling.parent Low Vendor Manifest bundle-symbolicname io.wcm.sling.models Medium Vendor Manifest bundle-docurl https://wcm.io/sling/models/ Low Vendor file name io.wcm.sling.models High Vendor jar package name wcm Highest Vendor pom name AEM Sling Models Extensions High Vendor pom groupid io.wcm Highest Vendor pom artifactid io.wcm.sling.models Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.request.RequestContext)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.models.injectors.impl.ModelsImplConfiguration)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor jar package name sling Highest Vendor Manifest service-component OSGI-INF/io.wcm.sling.models.injectors.impl.AemObjectInjector.xml,OSGI-INF/io.wcm.sling.models.injectors.impl.ModelsImplConfiguration.xml,OSGI-INF/io.wcm.sling.models.injectors.impl.SlingObjectOverlayInjector.xml Low Vendor jar package name models Highest Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.sling.models.injectors.impl.ModelsImplConfiguration";uses:="io.wcm.sling.models.injectors.impl",osgi.service;objectClass:List="org.apache.sling.models.spi.Injector,org.apache.sling.models.spi.injectorspecific.StaticInjectAnnotationProcessorFactory";uses:="org.apache.sling.models.spi,org.apache.sling.models.spi.injectorspecific" Low Product Manifest Bundle-Name wcm.io AEM Sling Models Extensions Medium Product pom artifactid io.wcm.sling.models Highest Product Manifest bundle-symbolicname io.wcm.sling.models Medium Product Manifest bundle-docurl https://wcm.io/sling/models/ Low Product pom parent-artifactid io.wcm.sling.parent Medium Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product file name io.wcm.sling.models High Product jar package name wcm Highest Product pom name AEM Sling Models Extensions High Product pom groupid io.wcm Highest Product Manifest require-capability osgi.service;filter:="(objectClass=io.wcm.sling.commons.request.RequestContext)";effective:=active,osgi.service;filter:="(objectClass=io.wcm.sling.models.injectors.impl.ModelsImplConfiguration)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product jar package name sling Highest Product Manifest service-component OSGI-INF/io.wcm.sling.models.injectors.impl.AemObjectInjector.xml,OSGI-INF/io.wcm.sling.models.injectors.impl.ModelsImplConfiguration.xml,OSGI-INF/io.wcm.sling.models.injectors.impl.SlingObjectOverlayInjector.xml Low Product jar package name models Highest Version Manifest Bundle-Version 1.6.0 High Version file version 1.6.0 High Version pom version 1.6.0 Highest Version pom parent-version 1.6.0 Low
io.wcm.wcm.commons-1.9.0.jarDescription:
Common WCM utility and helper functions. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.commons/1.9.0/io.wcm.wcm.commons-1.9.0.jar
MD5: 04799632ef83b8d9295c7328d5c0b247
SHA1: 15b79398cd63bbc02ff54a04a98cc04cc0b04d1c
SHA256: 98b6e6915fbba4d4642bbf6500d590c430765a1e28279e86fb63546b24a97e98
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor file name io.wcm.wcm.commons High Vendor Manifest require-capability osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.osgi.service.cm.ConfigurationAdmin)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest bundle-symbolicname io.wcm.wcm.commons Medium Vendor Manifest provide-capability osgi.service;objectClass:List="io.wcm.sling.commons.caservice.PathPreprocessor";uses:="io.wcm.sling.commons.caservice",osgi.service;objectClass:List="io.wcm.wcm.commons.bundleinfo.BundleInfoService";uses:="io.wcm.wcm.commons.bundleinfo",osgi.service;objectClass:List="io.wcm.wcm.commons.component.ComponentPropertyResolverFactory";uses:="io.wcm.wcm.commons.component",osgi.service;objectClass:List="io.wcm.wcm.commons.instancetype.InstanceTypeService";uses:="io.wcm.wcm.commons.instancetype" Low Vendor pom parent-artifactid io.wcm.wcm.parent Low Vendor jar package name wcm Highest Vendor Manifest bundle-docurl https://wcm.io/wcm/commons/ Low Vendor pom groupid io.wcm Highest Vendor Manifest sling-namespaces wcmio=http://wcm.io/ns Medium Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/wcm/commons Low Vendor pom artifactid io.wcm.wcm.commons Low Vendor jar package name commons Highest Vendor Manifest service-component OSGI-INF/io.wcm.wcm.commons.bundleinfo.impl.BundleInfoServiceImpl.xml,OSGI-INF/io.wcm.wcm.commons.caservice.impl.WcmPathPreprocessor.xml,OSGI-INF/io.wcm.wcm.commons.component.impl.ComponentPropertyResolverFactoryImpl.xml,OSGI-INF/io.wcm.wcm.commons.instancetype.impl.InstanceTypeServiceImpl.xml Low Vendor pom name WCM Commons High Product file name io.wcm.wcm.commons High Product Manifest require-capability osgi.service;filter:="(objectClass=org.apache.sling.api.resource.ResourceResolverFactory)";effective:=active,osgi.service;filter:="(objectClass=org.osgi.service.cm.ConfigurationAdmin)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom parent-artifactid io.wcm.wcm.parent Medium Product Manifest Bundle-Name wcm.io WCM Commons Medium Product Manifest bundle-symbolicname io.wcm.wcm.commons Medium Product Manifest provide-capability osgi.service;objectClass:List="io.wcm.sling.commons.caservice.PathPreprocessor";uses:="io.wcm.sling.commons.caservice",osgi.service;objectClass:List="io.wcm.wcm.commons.bundleinfo.BundleInfoService";uses:="io.wcm.wcm.commons.bundleinfo",osgi.service;objectClass:List="io.wcm.wcm.commons.component.ComponentPropertyResolverFactory";uses:="io.wcm.wcm.commons.component",osgi.service;objectClass:List="io.wcm.wcm.commons.instancetype.InstanceTypeService";uses:="io.wcm.wcm.commons.instancetype" Low Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product Manifest bundle-docurl https://wcm.io/wcm/commons/ Low Product pom groupid io.wcm Highest Product Manifest sling-namespaces wcmio=http://wcm.io/ns Medium Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/wcm/commons Low Product jar package name commons Highest Product Manifest service-component OSGI-INF/io.wcm.wcm.commons.bundleinfo.impl.BundleInfoServiceImpl.xml,OSGI-INF/io.wcm.wcm.commons.caservice.impl.WcmPathPreprocessor.xml,OSGI-INF/io.wcm.wcm.commons.component.impl.ComponentPropertyResolverFactoryImpl.xml,OSGI-INF/io.wcm.wcm.commons.instancetype.impl.InstanceTypeServiceImpl.xml Low Product pom name WCM Commons High Product pom artifactid io.wcm.wcm.commons Highest Version pom parent-version 1.9.0 Low Version Manifest Bundle-Version 1.9.0 High Version file version 1.9.0 High Version pom version 1.9.0 Highest
io.wcm.wcm.ui.granite-1.8.0.jarDescription:
Granite UI Components for AEM Touch UI. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.ui.granite/1.8.0/io.wcm.wcm.ui.granite-1.8.0.jar
MD5: 6af6dbee86e9885d22ea6b5827397a8c
SHA1: 93944ff43600dd24d7257e13de9261e2973c3050
SHA256: e99d87ce7340396d8ebb6c68ed9d12119be6d398030f944249cbfa3fdb9eb006
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor file name io.wcm.wcm.ui.granite High Vendor Manifest bundle-docurl https://wcm.io/wcm/ui/granite/ Low Vendor Manifest bundle-symbolicname io.wcm.wcm.ui.granite Medium Vendor jar package name ui Highest Vendor pom parent-artifactid io.wcm.wcm.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor pom name WCM Granite UI Extensions High Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest provide-capability osgi.service;objectClass:List="com.day.cq.wcm.emulator.EmulatorProvider";uses:="com.day.cq.wcm.emulator",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom artifactid io.wcm.wcm.ui.granite Low Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/wcm/ui/granite Low Vendor Manifest service-component OSGI-INF/io.wcm.wcm.ui.granite.emulator.impl.EmulatorProviderImpl.xml,OSGI-INF/io.wcm.wcm.ui.granite.pathfield.impl.PathFieldChildrenDatasourceServlet.xml Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.ui.components.ExpressionResolver)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.commons.predicate.PredicateProvider)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product file name io.wcm.wcm.ui.granite High Product Manifest bundle-docurl https://wcm.io/wcm/ui/granite/ Low Product Manifest bundle-symbolicname io.wcm.wcm.ui.granite Medium Product pom parent-artifactid io.wcm.wcm.parent Medium Product jar package name ui Highest Product Manifest Bundle-Name wcm.io WCM Granite UI Extensions Medium Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product pom groupid io.wcm Highest Product pom name WCM Granite UI Extensions High Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product Manifest provide-capability osgi.service;objectClass:List="com.day.cq.wcm.emulator.EmulatorProvider";uses:="com.day.cq.wcm.emulator",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/wcm/ui/granite Low Product pom artifactid io.wcm.wcm.ui.granite Highest Product Manifest service-component OSGI-INF/io.wcm.wcm.ui.granite.emulator.impl.EmulatorProviderImpl.xml,OSGI-INF/io.wcm.wcm.ui.granite.pathfield.impl.PathFieldChildrenDatasourceServlet.xml Low Product Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.ui.components.ExpressionResolver)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.commons.predicate.PredicateProvider)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Version pom version 1.8.0 Highest Version file version 1.8.0 High Version pom parent-version 1.8.0 Low Version Manifest Bundle-Version 1.8.0 High
io.wcm.wcm.ui.granite-1.8.0.jar: showhide.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.ui.granite/1.8.0/io.wcm.wcm.ui.granite-1.8.0.jar/SLING-INF/app-root/clientlibs/io.wcm.ui.granite.showhidedialogfields/js/showhide.jsMD5: 8dac12e53129a74b52cfad2a9b0e3da6SHA1: e7462e84281e399c1603d2f27ae18307568f0020SHA256: 15a10493faebc8f947792f91bdc29ae5af34e7e45fa318a851144982510be626Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
io.wcm.wcm.ui.granite-1.8.0.jar: validation.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.ui.granite/1.8.0/io.wcm.wcm.ui.granite-1.8.0.jar/SLING-INF/app-root/clientlibs/io.wcm.ui.granite.validation/js/validation.jsMD5: edad5110d166c768cd7f0fd2b4013d3bSHA1: 6a28b836ec56eff5783abf566825e876cf45b8a2SHA256: e2fc0a071a292fb9b3a9c9ce4d99081930519bbb6193d01ecd6f7e6418322364Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence
Related Dependencies io.wcm.wcm.ui.granite-1.8.2.jar: validation.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.ui.granite/1.8.2/io.wcm.wcm.ui.granite-1.8.2.jar/SLING-INF/app-root/clientlibs/io.wcm.ui.granite.validation/js/validation.js MD5: edad5110d166c768cd7f0fd2b4013d3b SHA1: 6a28b836ec56eff5783abf566825e876cf45b8a2 SHA256: e2fc0a071a292fb9b3a9c9ce4d99081930519bbb6193d01ecd6f7e6418322364 io.wcm.wcm.ui.granite-1.8.2.jarDescription:
Granite UI Components for AEM Touch UI. License:
"The Apache Software License, Version 2.0";link="http://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.ui.granite/1.8.2/io.wcm.wcm.ui.granite-1.8.2.jar
MD5: bc05a55d23d26cca2c907988bb1556d1
SHA1: 99daf61c8f79d00e6a75176a1ad0b510f0b19624
SHA256: 8bca56150fc251039af47d803932875dbb8c5396d628ee61bebfb8aa1bab193d
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor file name io.wcm.wcm.ui.granite High Vendor Manifest bundle-docurl https://wcm.io/wcm/ui/granite/ Low Vendor Manifest bundle-symbolicname io.wcm.wcm.ui.granite Medium Vendor jar package name ui Highest Vendor pom parent-artifactid io.wcm.wcm.parent Low Vendor jar package name wcm Highest Vendor pom groupid io.wcm Highest Vendor pom name WCM Granite UI Extensions High Vendor pom url ${site.url}/${site.url.module.prefix}/ Highest Vendor Manifest build-jdk-spec 11 Low Vendor jar package name io Highest Vendor Manifest provide-capability osgi.service;objectClass:List="com.day.cq.wcm.emulator.EmulatorProvider";uses:="com.day.cq.wcm.emulator",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Vendor pom artifactid io.wcm.wcm.ui.granite Low Vendor Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/wcm/ui/granite Low Vendor Manifest service-component OSGI-INF/io.wcm.wcm.ui.granite.emulator.impl.EmulatorProviderImpl.xml,OSGI-INF/io.wcm.wcm.ui.granite.pathfield.impl.PathFieldChildrenDatasourceServlet.xml Low Vendor Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.ui.components.ExpressionResolver)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.commons.predicate.PredicateProvider)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product file name io.wcm.wcm.ui.granite High Product Manifest bundle-docurl https://wcm.io/wcm/ui/granite/ Low Product Manifest bundle-symbolicname io.wcm.wcm.ui.granite Medium Product pom parent-artifactid io.wcm.wcm.parent Medium Product jar package name ui Highest Product Manifest Bundle-Name wcm.io WCM Granite UI Extensions Medium Product pom url ${site.url}/${site.url.module.prefix}/ Medium Product jar package name wcm Highest Product pom groupid io.wcm Highest Product pom name WCM Granite UI Extensions High Product Manifest build-jdk-spec 11 Low Product jar package name io Highest Product Manifest provide-capability osgi.service;objectClass:List="com.day.cq.wcm.emulator.EmulatorProvider";uses:="com.day.cq.wcm.emulator",osgi.service;objectClass:List="javax.servlet.Servlet";uses:="javax.servlet" Low Product Manifest sling-initial-content SLING-INF/app-root;overwrite:=true;ignoreImportProviders:=xml;path:=/apps/wcm-io/wcm/ui/granite Low Product pom artifactid io.wcm.wcm.ui.granite Highest Product Manifest service-component OSGI-INF/io.wcm.wcm.ui.granite.emulator.impl.EmulatorProviderImpl.xml,OSGI-INF/io.wcm.wcm.ui.granite.pathfield.impl.PathFieldChildrenDatasourceServlet.xml Low Product Manifest require-capability osgi.service;filter:="(objectClass=com.adobe.granite.ui.components.ExpressionResolver)";effective:=active,osgi.service;filter:="(objectClass=com.day.cq.commons.predicate.PredicateProvider)";effective:=active,osgi.extender;filter:="(&(osgi.extender=osgi.component)(version>=1.4.0)(!(version>=2.0.0)))",osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Version Manifest Bundle-Version 1.8.2 High Version pom version 1.8.2 Highest Version file version 1.8.2 High Version pom parent-version 1.8.2 Low
io.wcm.wcm.ui.granite-1.8.2.jar: showhide.jsFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.wcm.ui.granite/1.8.2/io.wcm.wcm.ui.granite-1.8.2.jar/SLING-INF/app-root/clientlibs/io.wcm.ui.granite.showhidedialogfields/js/showhide.jsMD5: b062f9782dd8dcf34c6ac6d7b4c9b1f8SHA1: 2640429ce3328de4e4c04b1f5feb59a701ce47aeSHA256: bda2ce9fcee197f710ac87daf2838121c69743d5a49cd843f32ecb590f6e4926Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence
io.wcm:io.wcm.wcm.core.components:1.9.3-2.17.12-SNAPSHOTDescription:
Enhances AEM WCM Core Components with wcm.io functionality. License:
The Apache Software License, Version 2.0 http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/work/wcm-io-wcm-core-components/wcm-io-wcm-core-components/bundles/core/pom.xml
Evidence Type Source Name Value Confidence Vendor project groupid io.wcm Highest Vendor project artifactid io.wcm.wcm.core.components Low Vendor file name pom High Product project groupid io.wcm Low Product project artifactid io.wcm.wcm.core.components Highest Product file name pom High
jackson-core-2.9.5.jarDescription:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.9.5/jackson-core-2.9.5.jar
MD5: ec59f24f7f8d9acf53301c562722adf2
SHA1: a22ac51016944b06fd9ffbc9541c6e7ce5eea117
SHA256: a2bebaa325ad25455b02149c67e6052367a7d7fc1ce77de000eed284a5214eac
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom name Jackson-core High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor jar package name jackson Highest Vendor pom artifactid jackson-core Low Vendor jar package name core Highest Vendor jar package name base Highest Vendor Manifest implementation-build-date 2018-03-26 15:03:46+0000 Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom groupid com.fasterxml.jackson.core Highest Vendor file name jackson-core High Vendor Manifest automatic-module-name com.fasterxml.jackson.core Medium Vendor jar package name fasterxml Highest Vendor jar package name json Highest Vendor pom parent-artifactid jackson-base Low Vendor Manifest specification-vendor FasterXML Low Vendor Manifest Implementation-Vendor FasterXML High Vendor pom url FasterXML/jackson-core Highest Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor pom groupid fasterxml.jackson.core Highest Product jar package name jackson Highest Product jar package name base Highest Product Manifest Bundle-Name Jackson-core Medium Product Manifest implementation-build-date 2018-03-26 15:03:46+0000 Low Product pom parent-groupid com.fasterxml.jackson Medium Product file name jackson-core High Product Manifest automatic-module-name com.fasterxml.jackson.core Medium Product jar package name fasterxml Highest Product jar package name filter Highest Product jar package name json Highest Product hint analyzer product modules Highest Product pom parent-artifactid jackson-base Medium Product Manifest specification-title Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product pom groupid fasterxml.jackson.core Highest Product pom name Jackson-core High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product jar package name core Highest Product pom artifactid jackson-core Highest Product hint analyzer product java8 Highest Product Manifest Implementation-Title Jackson-core High Product jar package name version Highest Product pom url FasterXML/jackson-core High Version Manifest Bundle-Version 2.9.5 High Version file version 2.9.5 High Version pom version 2.9.5 Highest Version Manifest Implementation-Version 2.9.5 High
Related Dependencies jackson-annotations-2.9.5.jarFile Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.9.5/jackson-annotations-2.9.5.jar MD5: 93ff99082f89beba3dd7b594a478df10 SHA1: 9056ec9db21c57d43219a84bb18c129ae51c6a5d SHA256: 38a0e450049f643570adac99888aa3480ec2de385790a7096908bf43bfc085d6 pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.9.5 Published Vulnerabilities CVE-2018-1000873 suppress
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
jackson-databind-2.9.5.jarDescription:
General data-binding functionality for Jackson: works on core streaming API License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.9.5/jackson-databind-2.9.5.jar
MD5: 34b37affbf74f5d199be10622ddc83cd
SHA1: 3490508379d065fe3fcb80042b62f630f7588606
SHA256: 0fb4e079c118e752cc94c15ad22e6782b0dfc5dc09145f4813fb39d82e686047
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor pom url http://github.com/FasterXML/jackson Highest Vendor jar package name jackson Highest Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom groupid com.fasterxml.jackson.core Highest Vendor jar package name fasterxml Highest Vendor pom artifactid jackson-databind Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor pom name jackson-databind High Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson Low Vendor pom parent-artifactid jackson-base Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor Manifest implementation-build-date 2018-03-26 15:13:41+0000 Low Vendor jar package name databind Highest Vendor Manifest automatic-module-name com.fasterxml.jackson.databind Medium Vendor Manifest specification-vendor FasterXML Low Vendor Manifest Implementation-Vendor FasterXML High Vendor pom groupid fasterxml.jackson.core Highest Product file name jackson-databind High Product jar package name jackson Highest Product pom url http://github.com/FasterXML/jackson Medium Product Manifest Bundle-Name jackson-databind Medium Product pom artifactid jackson-databind Highest Product Manifest Implementation-Title jackson-databind High Product pom parent-groupid com.fasterxml.jackson Medium Product jar package name fasterxml Highest Product hint analyzer product java8 Highest Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product pom name jackson-databind High Product Manifest bundle-docurl http://github.com/FasterXML/jackson Low Product hint analyzer product modules Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest implementation-build-date 2018-03-26 15:13:41+0000 Low Product pom parent-artifactid jackson-base Medium Product jar package name databind Highest Product Manifest automatic-module-name com.fasterxml.jackson.databind Medium Product Manifest specification-title jackson-databind Medium Product pom groupid fasterxml.jackson.core Highest Version Manifest Bundle-Version 2.9.5 High Version file version 2.9.5 High Version pom version 2.9.5 Highest Version Manifest Implementation-Version 2.9.5 High
Published Vulnerabilities CVE-2018-1000873 suppress
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (6.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-11307 (OSSINDEX) suppress
An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6. CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:com.fasterxml.jackson.core:jackson-databind:2.9.5:*:*:*:*:*:*:* CVE-2018-12022 suppress
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.1) Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-12023 suppress
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.1) Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14718 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14719 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14720 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. CWE-611 Improper Restriction of XML External Entity Reference ('XXE'), CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14721 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (10.0) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-19360 suppress
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-19361 suppress
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-19362 suppress
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-12086 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2019-12384 suppress
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N References:
BUGTRAQ - 20191007 [SECURITY] [DSA 4542-1] jackson-databind security update CONFIRM - https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html CONFIRM - https://security.netapp.com/advisory/ntap-20190703-0002/ DEBIAN - DSA-4542 FEDORA - FEDORA-2019-99ff6aa32c FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://blog.doyensec.com/2019/07/22/jackson-gadgets.html MISC - https://doyensec.com/research.html MISC - https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [geode-notifications] 20191007 [GitHub] [geode] jmelchio commented on issue #4102: Fix for GEODE-7255: Pickup Jackson CVE fix MLIST - [nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html MLIST - [nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 N/A - N/A OSSINDEX - [CVE-2019-12384] Deserialization of Untrusted Data REDHAT - RHSA-2019:1820 REDHAT - RHSA-2019:2720 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:2935 REDHAT - RHSA-2019:2936 REDHAT - RHSA-2019:2937 REDHAT - RHSA-2019:2938 REDHAT - RHSA-2019:2998 REDHAT - RHSA-2019:3149 REDHAT - RHSA-2019:3200 REDHAT - RHSA-2019:3292 REDHAT - RHSA-2019:3297 REDHAT - RHSA-2019:3901 REDHAT - RHSA-2019:4352 Vulnerable Software & Versions: (show all )
CVE-2019-12814 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N References:
CONFIRM - https://github.com/FasterXML/jackson-databind/issues/2341 CONFIRM - https://security.netapp.com/advisory/ntap-20190625-0006/ FEDORA - FEDORA-2019-99ff6aa32c FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [accumulo-commits] 20190723 [accumulo] branch 2.0 updated: Fix CVE-2019-12814 Use jackson-databind 2.9.9.1 MLIST - [cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities MLIST - [debian-lts-announce] 20190621 [SECURITY] [DLA 1831-1] jackson-databind security update MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [geode-notifications] 20191007 [GitHub] [geode] jmelchio commented on issue #4102: Fix for GEODE-7255: Pickup Jackson CVE fix MLIST - [nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html MLIST - [nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [zookeeper-dev] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190623 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190708 [jira] [Commented] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190712 [jira] [Assigned] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190712 [jira] [Commented] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190712 [jira] [Resolved] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190713 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190623 [GitHub] [zookeeper] eolivelli opened a new pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli closed pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli commented on issue #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt closed pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt opened a new pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 OSSINDEX - [CVE-2019-12814] Information Exposure REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:2935 REDHAT - RHSA-2019:2936 REDHAT - RHSA-2019:2937 REDHAT - RHSA-2019:2938 REDHAT - RHSA-2019:3044 REDHAT - RHSA-2019:3045 REDHAT - RHSA-2019:3046 REDHAT - RHSA-2019:3050 REDHAT - RHSA-2019:3149 REDHAT - RHSA-2019:3200 REDHAT - RHSA-2019:3292 REDHAT - RHSA-2019:3297 Vulnerable Software & Versions: (show all )
CVE-2019-14379 suppress
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20190814-0001/ FEDORA - FEDORA-2019-99ff6aa32c FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2 MISC - https://github.com/FasterXML/jackson-databind/issues/2387 MISC - https://www.oracle.com/security-alerts/cpuApr2021.html MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [ambari-commits] 20190813 [ambari] branch branch-2.7 updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379 (#3066) MLIST - [ambari-commits] 20190813 [ambari] branch trunk updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379(trunk) (#3067) MLIST - [bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image MLIST - [debian-lts-announce] 20190812 [SECURITY] [DLA 1879-1] jackson-databind security update MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah opened a new pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue closed pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #533: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue merged pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue opened a new pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191027 [GitHub] [incubator-iceberg] rdsr commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [pulsar-commits] 20190822 [GitHub] [pulsar] massakam opened a new pull request #5011: [security] Upgrade jackson-databind MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tinkerpop-commits] 20190924 [GitHub] [tinkerpop] justinchuch opened a new pull request #1200: Upgrade jackson due to CVE issues MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 N/A - N/A OSSINDEX - [CVE-2019-14379] SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles de... REDHAT - RHBA-2019:2824 REDHAT - RHSA-2019:2743 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:2935 REDHAT - RHSA-2019:2936 REDHAT - RHSA-2019:2937 REDHAT - RHSA-2019:2938 REDHAT - RHSA-2019:2998 REDHAT - RHSA-2019:3044 REDHAT - RHSA-2019:3045 REDHAT - RHSA-2019:3046 REDHAT - RHSA-2019:3050 REDHAT - RHSA-2019:3149 REDHAT - RHSA-2019:3200 REDHAT - RHSA-2019:3292 REDHAT - RHSA-2019:3297 REDHAT - RHSA-2019:3901 REDHAT - RHSA-2020:0727 Vulnerable Software & Versions: (show all )
CVE-2019-14439 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
BUGTRAQ - 20191007 [SECURITY] [DSA 4542-1] jackson-databind security update CONFIRM - https://security.netapp.com/advisory/ntap-20190814-0001/ DEBIAN - DSA-4542 FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b MISC - https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2 MISC - https://github.com/FasterXML/jackson-databind/issues/2389 MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities MLIST - [debian-lts-announce] 20190812 [SECURITY] [DLA 1879-1] jackson-databind security update MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html MLIST - [nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 N/A - N/A OSSINDEX - [CVE-2019-14439] A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo... REDHAT - RHSA-2019:3200 Vulnerable Software & Versions: (show all )
CVE-2019-14540 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-14892 suppress
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-14893 suppress
A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-16335 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-16942 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-16943 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-17267 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-17531 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-20330 suppress
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-10672 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-10673 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-10968 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-10969 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-11111 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-11112 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-11113 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-11619 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-11620 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-14060 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-14061 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-14062 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-14195 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-24616 suppress
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-24750 suppress
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-25649 suppress
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity. CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2020-35490 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-35491 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-35728 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36179 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36180 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36181 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36182 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36183 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36184 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36185 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36186 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36187 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36188 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-36189 suppress
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-8840 suppress
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-9546 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20200904-0006/ MISC - https://github.com/FasterXML/jackson-databind/issues/2631 MISC - https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E MISC - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 MISC - https://www.oracle.com/security-alerts/cpujan2021.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2021.html MLIST - [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 OSSINDEX - [CVE-2020-9546] FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee... Vulnerable Software & Versions: (show all )
CVE-2020-9547 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20200904-0006/ MISC - https://github.com/FasterXML/jackson-databind/issues/2634 MISC - https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/redbe4f1e21bf080f637cf9fbec47729750a2f443a919765360337428@%3Cnotifications.zookeeper.apache.org%3E MISC - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 MISC - https://www.oracle.com/security-alerts/cpujan2021.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2021.html MLIST - [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [zookeeper-dev] 20200307 Build failed in Jenkins: PreCommit-ZOOKEEPER-github-pr-build-maven #1898 MLIST - [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 OSSINDEX - [CVE-2020-9547] FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee... Vulnerable Software & Versions: (show all )
CVE-2020-9548 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20200904-0006/ MISC - https://github.com/FasterXML/jackson-databind/issues/2634 MISC - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 MISC - https://www.oracle.com/security-alerts/cpujan2021.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2021.html MLIST - [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 OSSINDEX - [CVE-2020-9548] FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee... Vulnerable Software & Versions: (show all )
CVE-2021-20190 suppress
A flaw was found in jackson-databind before 2.9.10.7. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (8.3) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:C CVSSv3:
Base Score: HIGH (8.1) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
javax.servlet-api-3.1.0.jarDescription:
Java(TM) Servlet 3.1 API Design Specification License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html File Path: /home/runner/.m2/repository/javax/servlet/javax.servlet-api/3.1.0/javax.servlet-api-3.1.0.jar
MD5: 79de69e9f5ed8c7fcb8342585732bbf7
SHA1: 3cd63d075497751784b2fa84be59432f4905bf7c
SHA256: af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom url http://servlet-spec.java.net Highest Vendor Manifest bundle-symbolicname javax.servlet-api Medium Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor file name javax.servlet-api High Vendor Manifest bundle-docurl https://glassfish.dev.java.net Low Vendor Manifest Implementation-Vendor GlassFish Community High Vendor Manifest extension-name javax.servlet Medium Vendor pom organization url https://glassfish.dev.java.net Medium Vendor jar package name servlet Highest Vendor pom organization name GlassFish Community High Vendor pom parent-groupid net.java Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom name Java Servlet API High Vendor pom artifactid javax.servlet-api Low Vendor pom parent-artifactid jvnet-parent Low Vendor jar package name javax Highest Vendor pom groupid javax.servlet Highest Product pom url http://servlet-spec.java.net Medium Product Manifest bundle-symbolicname javax.servlet-api Medium Product Manifest Bundle-Name Java Servlet API Medium Product file name javax.servlet-api High Product Manifest bundle-docurl https://glassfish.dev.java.net Low Product pom parent-artifactid jvnet-parent Medium Product Manifest extension-name javax.servlet Medium Product jar package name servlet Highest Product pom organization url https://glassfish.dev.java.net Low Product pom parent-groupid net.java Medium Product pom name Java Servlet API High Product pom organization name GlassFish Community Low Product jar package name javax Highest Product pom artifactid javax.servlet-api Highest Product pom groupid javax.servlet Highest Version pom version 3.1.0 Highest Version Manifest Bundle-Version 3.1.0 High Version Manifest Implementation-Version 3.1.0 High Version pom parent-version 3.1.0 Low Version file version 3.1.0 High
jcr-2.0.jarDescription:
The Content Repository API for JavaTM Technology Version 2.0 is specified by JSR-283.
This module contains the complete API as specified.
License:
Day Specification License: http://www.day.com/dam/day/downloads/jsr283/day-spec-license.htm
Day Specification License addendum: http://www.day.com/content/dam/day/downloads/jsr283/LICENSE.txt File Path: /home/runner/.m2/repository/javax/jcr/jcr/2.0/jcr-2.0.jar
MD5: ede5e78b16c8ed298ce0b6d296584ebd
SHA1: 08297216bcfe4aea369ed6ee0d1718133f752e97
SHA256: cbf083bc58cb88a0c19112187a4c52d3115f525b5bb7f2913635f5679e6e9743
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom groupid javax.jcr Highest Vendor pom organization name Day Software High Vendor jar package name repository Highest Vendor pom artifactid jcr Low Vendor file name jcr High Vendor pom url http://www.jcp.org/en/jsr/detail?id=283 Highest Vendor jar package name jcr Highest Vendor pom name Content Repository for JavaTM Technology API High Vendor Manifest bundle-symbolicname javax.jcr Medium Vendor jar package name version Highest Vendor Manifest bundle-category jcr Low Vendor Manifest bundle-docurl http://www.jcp.org/en/jsr/detail?id=283 Low Vendor jar package name javax Highest Vendor pom organization url http://www.day.com Medium Product pom groupid javax.jcr Highest Product jar package name repository Highest Product file name jcr High Product pom organization name Day Software Low Product jar package name jcr Highest Product pom organization url http://www.day.com Low Product pom name Content Repository for JavaTM Technology API High Product pom artifactid jcr Highest Product Manifest Bundle-Name Content Repository for JavaTM Technology API Medium Product Manifest bundle-symbolicname javax.jcr Medium Product jar package name version Highest Product pom url http://www.jcp.org/en/jsr/detail?id=283 Medium Product Manifest bundle-category jcr Low Product Manifest bundle-docurl http://www.jcp.org/en/jsr/detail?id=283 Low Product jar package name javax Highest Version pom version 2.0 Highest Version Manifest Bundle-Version 2.0 High Version file version 2.0 High
jdom2-2.0.6.jarDescription:
A complete, Java-based solution for accessing, manipulating,
and outputting XML data
License:
Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt File Path: /home/runner/.m2/repository/org/jdom/jdom2/2.0.6/jdom2-2.0.6.jar
MD5: 86a30c9b1ddc08ca155747890db423b7
SHA1: 6f14738ec2e9dd0011e343717fa624a10f8aab64
SHA256: 1345f11ba606d15603d6740551a8c21947c0215640770ec67271fe78bea97cf5
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom organization url http://www.jdom.org Medium Vendor pom name JDOM High Vendor manifest: org/jdom2/output/ Implementation-Vendor jdom.org Medium Vendor pom groupid org.jdom Highest Vendor pom organization name JDOM High Vendor manifest: org/jdom2/adapters/ Implementation-Vendor jdom.org Medium Vendor pom url http://www.jdom.org Highest Vendor file name jdom2 High Vendor manifest: org/jdom2/xpath/ Implementation-Vendor jdom.org Medium Vendor pom artifactid jdom2 Low Vendor manifest: org/jdom2/input/ Implementation-Vendor jdom.org Medium Vendor jar package name jdom2 Highest Vendor manifest: org/jdom2/transform/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/filter/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom2/ Implementation-Vendor jdom.org Medium Vendor pom groupid jdom Highest Product pom name JDOM High Product manifest: org/jdom2/adapters/ Specification-Title JDOM Adapter Classes Medium Product manifest: org/jdom2/input/ Implementation-Title org.jdom2.input Medium Product manifest: org/jdom2/input/ Specification-Title JDOM Input Classes Medium Product manifest: org/jdom2/transform/ Implementation-Title org.jdom2.transform Medium Product jar package name jdom2 Highest Product jar package name filter Highest Product manifest: org/jdom2/output/ Specification-Title JDOM Output Classes Medium Product manifest: org/jdom2/output/ Implementation-Title org.jdom2.output Medium Product pom organization name JDOM Low Product manifest: org/jdom2/filter/ Specification-Title JDOM Filter Classes Medium Product manifest: org/jdom2/adapters/ Implementation-Title org.jdom2.adapters Medium Product manifest: org/jdom2/ Implementation-Title org.jdom2 Medium Product pom url http://www.jdom.org Medium Product manifest: org/jdom2/ Specification-Title JDOM Classes Medium Product jar package name output Highest Product manifest: org/jdom2/xpath/ Implementation-Title org.jdom2.xpath Medium Product manifest: org/jdom2/transform/ Specification-Title JDOM Transformation Classes Medium Product jar package name xpath Highest Product jar package name input Highest Product file name jdom2 High Product jar package name adapters Highest Product pom artifactid jdom2 Highest Product pom organization url http://www.jdom.org Low Product manifest: org/jdom2/xpath/ Specification-Title JDOM XPath Classes Medium Product manifest: org/jdom2/filter/ Implementation-Title org.jdom2.filter Medium Product jar package name transform Highest Product pom groupid jdom Highest Version manifest: org/jdom2/xpath/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/output/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/input/ Implementation-Version 2.0.6 Medium Version pom version 2.0.6 Highest Version manifest: org/jdom2/transform/ Implementation-Version 2.0.6 Medium Version file version 2.0.6 High Version manifest: org/jdom2/filter/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/adapters/ Implementation-Version 2.0.6 Medium Version manifest: org/jdom2/ Implementation-Version 2.0.6 Medium
Related Dependencies io.wcm.handler.commons-1.4.0.jar: jdom2-2.0.6.jarFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.commons/1.4.0/io.wcm.handler.commons-1.4.0.jar/jdom2-2.0.6.jar MD5: 86a30c9b1ddc08ca155747890db423b7 SHA1: 6f14738ec2e9dd0011e343717fa624a10f8aab64 SHA256: 1345f11ba606d15603d6740551a8c21947c0215640770ec67271fe78bea97cf5 io.wcm.handler.commons-1.4.2.jar: jdom2-2.0.6.jarFile Path: /home/runner/.m2/repository/io/wcm/io.wcm.handler.commons/1.4.2/io.wcm.handler.commons-1.4.2.jar/jdom2-2.0.6.jar MD5: 86a30c9b1ddc08ca155747890db423b7 SHA1: 6f14738ec2e9dd0011e343717fa624a10f8aab64 SHA256: 1345f11ba606d15603d6740551a8c21947c0215640770ec67271fe78bea97cf5 Published Vulnerabilities CVE-2021-33813 suppress
An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request. CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
jsp-api-2.1.jarFile Path: /home/runner/.m2/repository/javax/servlet/jsp/jsp-api/2.1/jsp-api-2.1.jarMD5: b8a34113a3a1ce29c8c60d7141f5a704SHA1: 63f943103f250ef1f3a4d5e94d145a0f961f5316SHA256: 545f4e7dc678ffb4cf8bd0fd40b4a4470a409a787c0ea7d0ad2f08d56112987bReferenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom artifactid jsp-api Low Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor jar package name jsp Highest Vendor Manifest extension-name javax.servlet.jsp Medium Vendor pom groupid javax.servlet.jsp Highest Vendor jar package name servlet Highest Vendor jar package name javax Highest Vendor Manifest specification-vendor Sun Microsystems, Inc. Low Vendor Manifest Implementation-Vendor Sun Microsystems, Inc. High Vendor file name jsp-api High Product jar package name jsp Highest Product pom artifactid jsp-api Highest Product Manifest extension-name javax.servlet.jsp Medium Product Manifest specification-title JavaServer Pages(TM) Specification Medium Product jar package name servlet Highest Product pom groupid javax.servlet.jsp Highest Product jar package name javax Highest Product file name jsp-api High Version pom version 2.1 Highest Version Manifest Implementation-Version 2.1 High Version file version 2.1 High
org.apache.sling.caconfig.api-1.1.0.jarDescription:
Apache Sling Context-Aware Configuration API License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/sling/org.apache.sling.caconfig.api/1.1.0/org.apache.sling.caconfig.api-1.1.0.jar
MD5: 231c80a8f980016d79f32ee99ad9e920
SHA1: 4a8674192c5da0d03d090e4dade5055b84aa0885
SHA256: dda109a6b232a7f92c042b5e15e7b381f27eebe3ce526aaed496892288516a4b
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor jar package name caconfig Highest Vendor pom groupid apache.sling Highest Vendor pom artifactid apache.sling.caconfig.api Low Vendor pom groupid org.apache.sling Highest Vendor jar package name apache Highest Vendor pom parent-groupid org.apache.sling Medium Vendor Manifest bundle-category sling Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor file name org.apache.sling.caconfig.api High Vendor jar package name sling Highest Vendor pom name Apache Sling Context-Aware Configuration API High Vendor pom parent-artifactid sling Low Vendor Manifest bundle-symbolicname org.apache.sling.caconfig.api Medium Vendor Manifest bundle-docurl http://sling.apache.org Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product jar package name caconfig Highest Product pom groupid apache.sling Highest Product Manifest Bundle-Name Apache Sling Context-Aware Configuration API Medium Product jar package name apache Highest Product pom artifactid org.apache.sling.caconfig.api Highest Product pom parent-groupid org.apache.sling Medium Product Manifest bundle-category sling Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product file name org.apache.sling.caconfig.api High Product pom artifactid apache.sling.caconfig.api Highest Product jar package name sling Highest Product pom parent-artifactid sling Medium Product pom name Apache Sling Context-Aware Configuration API High Product Manifest bundle-symbolicname org.apache.sling.caconfig.api Medium Product Manifest bundle-docurl http://sling.apache.org Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Version pom parent-version 1.1.0 Low Version file version 1.1.0 High Version pom version 1.1.0 Highest Version Manifest Bundle-Version 1.1.0 High
Published Vulnerabilities CVE-2015-2944 suppress
Multiple cross-site scripting (XSS) vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to (1) org/apache/sling/api/servlets/HtmlResponse and (2) org/apache/sling/servlets/post/HtmlResponse. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N References:
Vulnerable Software & Versions: (show all )
org.osgi.dto-1.0.0.jarDescription:
OSGi Companion Code for org.osgi.dto Version 1.0.0. License:
Apache License, Version 2.0: http://opensource.org/licenses/apache2.0.php File Path: /home/runner/.m2/repository/org/osgi/org.osgi.dto/1.0.0/org.osgi.dto-1.0.0.jar
MD5: c2bce9030f4b5a2d3c489dfc11fee529
SHA1: 1d01eb8c487477f929127d4a88fbfe97af0379a4
SHA256: cb75f3c7e48e5a31a31df22e26873346f5bf659e2dcab2369e031e4850d2ff43
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2015). All Rights Reserved. Low Vendor pom groupid osgi Highest Vendor Manifest git-descriptor hudson-build.cmpn-793 Low Vendor pom url http://www.osgi.org/ Highest Vendor pom groupid org.osgi Highest Vendor jar package name dto Highest Vendor pom name org.osgi:org.osgi.dto High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest bundle-docurl http://www.osgi.org/ Low Vendor Manifest git-sha b0858c3b90a73ecc81055c7565fbbcbd4f76674e Low Vendor jar package name osgi Highest Vendor pom artifactid osgi.dto Low Vendor file name org.osgi.dto High Vendor Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance" Low Vendor pom organization url http://www.osgi.org/ Medium Vendor Manifest bundle-symbolicname org.osgi.dto Medium Vendor pom organization name OSGi Alliance High Product Manifest Bundle-Name org.osgi:org.osgi.dto Medium Product pom artifactid osgi.dto Highest Product Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2015). All Rights Reserved. Low Product pom groupid osgi Highest Product Manifest git-descriptor hudson-build.cmpn-793 Low Product pom organization name OSGi Alliance Low Product jar package name dto Highest Product pom name org.osgi:org.osgi.dto High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product Manifest bundle-docurl http://www.osgi.org/ Low Product Manifest git-sha b0858c3b90a73ecc81055c7565fbbcbd4f76674e Low Product pom artifactid org.osgi.dto Highest Product jar package name osgi Highest Product file name org.osgi.dto High Product pom organization url http://www.osgi.org/ Low Product pom url http://www.osgi.org/ Medium Product Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance" Low Product Manifest bundle-symbolicname org.osgi.dto Medium Version pom version 1.0.0 Highest Version file version 1.0.0 High
org.osgi.framework-1.8.0.jarDescription:
OSGi Companion Code for org.osgi.framework Version 1.8.0. License:
Apache License, Version 2.0: http://opensource.org/licenses/apache2.0.php File Path: /home/runner/.m2/repository/org/osgi/org.osgi.framework/1.8.0/org.osgi.framework-1.8.0.jar
MD5: 1a40fb57099ef5530d25bc9600d509b1
SHA1: b54d03f9621136b7d9d93b5017b0a4fa490e78b0
SHA256: ec194b7871af27681716ff05259319a5c3c9b9727e8000e9e832499b93484b4e
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2015). All Rights Reserved. Low Vendor pom groupid osgi Highest Vendor Manifest git-descriptor hudson-build.cmpn-793 Low Vendor pom url http://www.osgi.org/ Highest Vendor pom groupid org.osgi Highest Vendor jar package name framework Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest bundle-docurl http://www.osgi.org/ Low Vendor Manifest bundle-symbolicname org.osgi.framework Medium Vendor pom name org.osgi:org.osgi.framework High Vendor Manifest git-sha b0858c3b90a73ecc81055c7565fbbcbd4f76674e Low Vendor file name org.osgi.framework High Vendor jar package name osgi Highest Vendor pom artifactid osgi.framework Low Vendor jar package name version Highest Vendor Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance" Low Vendor pom organization url http://www.osgi.org/ Medium Vendor pom organization name OSGi Alliance High Product pom artifactid osgi.framework Highest Product Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2015). All Rights Reserved. Low Product pom groupid osgi Highest Product Manifest git-descriptor hudson-build.cmpn-793 Low Product pom organization name OSGi Alliance Low Product jar package name framework Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product Manifest bundle-docurl http://www.osgi.org/ Low Product Manifest bundle-symbolicname org.osgi.framework Medium Product pom name org.osgi:org.osgi.framework High Product Manifest Bundle-Name org.osgi:org.osgi.framework Medium Product Manifest git-sha b0858c3b90a73ecc81055c7565fbbcbd4f76674e Low Product jar package name filter Highest Product file name org.osgi.framework High Product jar package name osgi Highest Product pom artifactid org.osgi.framework Highest Product jar package name version Highest Product pom organization url http://www.osgi.org/ Low Product pom url http://www.osgi.org/ Medium Product Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance" Low Version pom version 1.8.0 Highest Version file version 1.8.0 High
org.osgi.service.cm-1.6.0.jarDescription:
OSGi Companion Code for org.osgi.service.cm Version 1.6.0 License:
Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /home/runner/.m2/repository/org/osgi/org.osgi.service.cm/1.6.0/org.osgi.service.cm-1.6.0.jar
MD5: b0756197dc4ce853b05e686ec0df8dbf
SHA1: f0c01d6da3799107b17f894ae7920cfd6fa69da6
SHA256: c1768352603abdeb18ca160ac8c712768f88d2e418fe4c5cf50845e783154233
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor pom groupid osgi Highest Vendor Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2018). All Rights Reserved. Low Vendor pom groupid org.osgi Highest Vendor jar package name cm Highest Vendor pom organization url https://www.osgi.org/ Medium Vendor jar package name service Highest Vendor pom artifactid osgi.service.cm Low Vendor Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance"; organizationUrl=https://www.osgi.org/ Low Vendor Manifest bundle-docurl https://www.osgi.org/ Low Vendor Manifest git-sha ac877b9fdaa36e26adb939cf9dd425e77243f449 Low Vendor file name org.osgi.service.cm High Vendor jar package name osgi Highest Vendor pom name org.osgi:org.osgi.service.cm High Vendor Manifest bundle-symbolicname org.osgi.service.cm Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor pom url https://www.osgi.org/ Highest Vendor pom organization name OSGi Alliance High Vendor Manifest git-descriptor hudson-build.core-1432 Low Product pom groupid osgi Highest Product Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2018). All Rights Reserved. Low Product Manifest Bundle-Name org.osgi:org.osgi.service.cm Medium Product pom organization url https://www.osgi.org/ Low Product pom organization name OSGi Alliance Low Product jar package name cm Highest Product jar package name service Highest Product Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance"; organizationUrl=https://www.osgi.org/ Low Product Manifest bundle-docurl https://www.osgi.org/ Low Product Manifest git-sha ac877b9fdaa36e26adb939cf9dd425e77243f449 Low Product pom artifactid osgi.service.cm Highest Product file name org.osgi.service.cm High Product pom artifactid org.osgi.service.cm Highest Product jar package name osgi Highest Product pom name org.osgi:org.osgi.service.cm High Product pom url https://www.osgi.org/ Medium Product Manifest bundle-symbolicname org.osgi.service.cm Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest git-descriptor hudson-build.core-1432 Low Version file version 1.6.0 High Version pom version 1.6.0 Highest
org.osgi.service.component-1.4.0.jarDescription:
OSGi Companion Code for org.osgi.service.component Version 1.4.0 License:
Apache-2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: /home/runner/.m2/repository/org/osgi/org.osgi.service.component/1.4.0/org.osgi.service.component-1.4.0.jar
MD5: 83d6179ca4179b2569ce68a510325e8a
SHA1: 4934dce3e552c172283a4962929c39f9075f4393
SHA256: 607b85148c03e9385b91dd355200aeda3cbfaa6374edba737a9460aac5d576e1
Referenced In Project/Scope: WCM Core Components Examples:compile
Evidence Type Source Name Value Confidence Vendor pom groupid osgi Highest Vendor Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2018). All Rights Reserved. Low Vendor pom groupid org.osgi Highest Vendor pom organization url https://www.osgi.org/ Medium Vendor jar package name service Highest Vendor Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance"; organizationUrl=https://www.osgi.org/ Low Vendor Manifest bundle-docurl https://www.osgi.org/ Low Vendor Manifest git-sha ac877b9fdaa36e26adb939cf9dd425e77243f449 Low Vendor jar package name component Highest Vendor jar package name osgi Highest Vendor file name org.osgi.service.component High Vendor pom artifactid osgi.service.component Low Vendor Manifest bundle-symbolicname org.osgi.service.component Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor pom url https://www.osgi.org/ Highest Vendor pom organization name OSGi Alliance High Vendor Manifest git-descriptor hudson-build.core-1432 Low Vendor pom name org.osgi:org.osgi.service.component High Product pom groupid osgi Highest Product Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2018). All Rights Reserved. Low Product pom organization url https://www.osgi.org/ Low Product pom organization name OSGi Alliance Low Product jar package name service Highest Product pom artifactid osgi.service.component Highest Product pom artifactid org.osgi.service.component Highest Product Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance"; organizationUrl=https://www.osgi.org/ Low Product Manifest bundle-docurl https://www.osgi.org/ Low Product Manifest git-sha ac877b9fdaa36e26adb939cf9dd425e77243f449 Low Product jar package name component Highest Product jar package name osgi Highest Product pom url https://www.osgi.org/ Medium Product file name org.osgi.service.component High Product Manifest bundle-symbolicname org.osgi.service.component Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest Bundle-Name org.osgi:org.osgi.service.component Medium Product Manifest git-descriptor hudson-build.core-1432 Low Product pom name org.osgi:org.osgi.service.component High Version file version 1.4.0 High Version pom version 1.4.0 Highest
org.osgi.util.tracker-1.5.1.jarDescription:
OSGi Companion Code for org.osgi.util.tracker Version 1.5.1. License:
Apache License, Version 2.0: http://opensource.org/licenses/apache2.0.php File Path: /home/runner/.m2/repository/org/osgi/org.osgi.util.tracker/1.5.1/org.osgi.util.tracker-1.5.1.jar
MD5: fd34c8f47613e751a25aa7e627c7cc85
SHA1: 18c3821aa2e98b3e5aacf73b3833347a894a5053
SHA256: 5efad34ab9a7753dcde1415b62e6e21e4dec83dfad5a570df485c1b931c1ebed
Referenced In Projects/Scopes: WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor jar package name util Highest Vendor Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2015). All Rights Reserved. Low Vendor pom groupid osgi Highest Vendor Manifest git-descriptor hudson-build.cmpn-793 Low Vendor pom url http://www.osgi.org/ Highest Vendor pom groupid org.osgi Highest Vendor jar package name tracker Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest bundle-docurl http://www.osgi.org/ Low Vendor Manifest git-sha b0858c3b90a73ecc81055c7565fbbcbd4f76674e Low Vendor Manifest bundle-symbolicname org.osgi.util.tracker Medium Vendor pom name org.osgi:org.osgi.util.tracker High Vendor jar package name osgi Highest Vendor pom artifactid osgi.util.tracker Low Vendor file name org.osgi.util.tracker High Vendor Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance" Low Vendor pom organization url http://www.osgi.org/ Medium Vendor pom organization name OSGi Alliance High Product jar package name util Highest Product Manifest bundle-copyright Copyright (c) OSGi Alliance (2000, 2015). All Rights Reserved. Low Product pom groupid osgi Highest Product Manifest git-descriptor hudson-build.cmpn-793 Low Product pom organization name OSGi Alliance Low Product jar package name tracker Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product Manifest Bundle-Name org.osgi:org.osgi.util.tracker Medium Product pom artifactid org.osgi.util.tracker Highest Product Manifest bundle-docurl http://www.osgi.org/ Low Product Manifest git-sha b0858c3b90a73ecc81055c7565fbbcbd4f76674e Low Product Manifest bundle-symbolicname org.osgi.util.tracker Medium Product pom name org.osgi:org.osgi.util.tracker High Product jar package name osgi Highest Product pom organization url http://www.osgi.org/ Low Product file name org.osgi.util.tracker High Product pom url http://www.osgi.org/ Medium Product Manifest bundle-developers osgi; email=info@osgi.org; name="OSGi Alliance"; organization="OSGi Alliance" Low Product pom artifactid osgi.util.tracker Highest Version pom version 1.5.1 Highest Version file version 1.5.1 High
slf4j-api-1.7.25.jarDescription:
The slf4j API File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/1.7.25/slf4j-api-1.7.25.jarMD5: caafe376afb7086dcbee79f780394ca3SHA1: da76ca59f6a57ee3102f8f9bd9cee742973efa8aSHA256: 18c4a0095d5c1da6b817592e767bb23d29dd2f560ad74df75ff3961dbde25b79Referenced In Projects/Scopes:
WCM Core Components:compile WCM Core Components Examples:compile WCM Core Components Examples Core:compile Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor pom parent-artifactid slf4j-parent Low Vendor file name slf4j-api High Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor jar package name slf4j Highest Vendor pom groupid slf4j Highest Vendor pom url http://www.slf4j.org Highest Vendor pom name SLF4J API Module High Vendor pom parent-groupid org.slf4j Medium Product Manifest Implementation-Title slf4j-api High Product file name slf4j-api High Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest Bundle-Name slf4j-api Medium Product pom groupid slf4j Highest Product pom artifactid slf4j-api Highest Product pom name SLF4J API Module High Product Manifest bundle-symbolicname slf4j.api Medium Product pom parent-artifactid slf4j-parent Medium Product jar package name slf4j Highest Product pom url http://www.slf4j.org Medium Product pom parent-groupid org.slf4j Medium Version Manifest Implementation-Version 1.7.25 High Version file version 1.7.25 High Version pom version 1.7.25 Highest Version Manifest Bundle-Version 1.7.25 High