Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Camel Integration

org.dynamoframework:dynamo-integration-camel:4.0.0-RC2

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
HikariCP-5.1.0.jarpkg:maven/com.zaxxer/HikariCP@5.1.0 035
accessors-smart-2.5.1.jarpkg:maven/net.minidev/accessors-smart@2.5.1 041
android-json-0.0.20131108.vaadin1.jarpkg:maven/com.vaadin.external.google/android-json@0.0.20131108.vaadin1 034
angus-activation-2.0.2.jarpkg:maven/org.eclipse.angus/angus-activation@2.0.2 035
antlr4-runtime-4.13.0.jarpkg:maven/org.antlr/antlr4-runtime@4.13.0 030
apiguardian-api-1.1.2.jarpkg:maven/org.apiguardian/apiguardian-api@1.1.2 040
asm-9.6.jarpkg:maven/org.ow2.asm/asm@9.6 054
aspectjweaver-1.9.22.1.jarpkg:maven/org.aspectj/aspectjweaver@1.9.22.1 049
assertj-core-3.25.3.jarpkg:maven/org.assertj/assertj-core@3.25.3 067
awaitility-4.2.2.jarpkg:maven/org.awaitility/awaitility@4.2.2 023
byte-buddy-1.14.19.jarpkg:maven/net.bytebuddy/byte-buddy@1.14.19 029
byte-buddy-agent-1.14.19.jarpkg:maven/net.bytebuddy/byte-buddy-agent@1.14.19 033
byte-buddy-agent-1.14.19.jar: attach_hotspot_windows.dll 02
byte-buddy-agent-1.14.19.jar: attach_hotspot_windows.dll 02
camel-core-engine-4.8.0.jarcpe:2.3:a:apache:camel:4.8.0:*:*:*:*:*:*:*pkg:maven/org.apache.camel/camel-core-engine@4.8.0 0Highest22
classmate-1.7.0.jarpkg:maven/com.fasterxml/classmate@1.7.0 052
commons-codec-1.16.1.jarpkg:maven/commons-codec/commons-codec@1.16.1 0123
commons-lang3-3.14.0.jarpkg:maven/org.apache.commons/commons-lang3@3.14.0 0145
dynamo-api-4.0.0-RC2.jarpkg:maven/org.dynamoframework/dynamo-api@4.0.0-RC2 016
dynamo-impl-4.0.0-RC2.jarpkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2 018
dynamo-test-4.0.0-RC2.jarpkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2 018
h2-2.2.224.jarcpe:2.3:a:h2database:h2:2.2.224:*:*:*:*:*:*:*pkg:maven/com.h2database/h2@2.2.224MEDIUM1Highest44
h2-2.2.224.jar: data.zip: table.js 00
h2-2.2.224.jar: data.zip: tree.js 00
hamcrest-2.2.jarcpe:2.3:a:steve_project:steve:2.2:*:*:*:*:*:*:*pkg:maven/org.hamcrest/hamcrest@2.2 0Low40
hibernate-commons-annotations-6.0.6.Final.jarpkg:maven/org.hibernate.common/hibernate-commons-annotations@6.0.6.Final 038
hibernate-core-6.5.3.Final.jarcpe:2.3:a:hibernate:hibernate_orm:6.5.3:*:*:*:*:*:*:*pkg:maven/org.hibernate.orm/hibernate-core@6.5.3.Final 0Highest43
hibernate-validator-8.0.1.Final.jarcpe:2.3:a:redhat:hibernate_validator:8.0.1:*:*:*:*:*:*:*pkg:maven/org.hibernate.validator/hibernate-validator@8.0.1.Final 0Highest34
istack-commons-runtime-4.1.2.jarpkg:maven/com.sun.istack/istack-commons-runtime@4.1.2 029
jakarta.activation-api-2.1.3.jarpkg:maven/jakarta.activation/jakarta.activation-api@2.1.3 045
jakarta.annotation-api-2.1.1.jarcpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:*pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1 0Low42
jakarta.inject-api-2.0.1.jarpkg:maven/jakarta.inject/jakarta.inject-api@2.0.1 056
jakarta.persistence-api-3.1.0.jarpkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0 040
jakarta.transaction-api-2.0.1.jarcpe:2.3:a:oracle:projects:2.0.1:*:*:*:*:*:*:*pkg:maven/jakarta.transaction/jakarta.transaction-api@2.0.1 0Low50
jakarta.validation-api-3.0.2.jarpkg:maven/jakarta.validation/jakarta.validation-api@3.0.2 056
jakarta.xml.bind-api-4.0.2.jarpkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.2 031
jandex-3.1.2.jarpkg:maven/io.smallrye/jandex@3.1.2 027
jaxb-core-4.0.5.jarcpe:2.3:a:eclipse:glassfish:4.0.5:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.5MEDIUM1Highest40
jboss-logging-3.5.3.Final.jarpkg:maven/org.jboss.logging/jboss-logging@3.5.3.Final 041
json-path-2.9.0.jarcpe:2.3:a:json-path:jayway_jsonpath:2.9.0:*:*:*:*:*:*:*pkg:maven/com.jayway.jsonpath/json-path@2.9.0 0Highest34
json-smart-2.5.1.jarcpe:2.3:a:json-smart_project:json-smart:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:json-smart_project:json-smart-v2:2.5.1:*:*:*:*:*:*:*		pkg:maven/net.minidev/json-smart@2.5.1 0Highest51
jsonassert-1.5.3.jarpkg:maven/org.skyscreamer/jsonassert@1.5.3 037
jul-to-slf4j-2.0.16.jarpkg:maven/org.slf4j/jul-to-slf4j@2.0.16 031
junit-jupiter-5.10.3.jarpkg:maven/org.junit.jupiter/junit-jupiter@5.10.3 070
junit-jupiter-api-5.10.3.jarpkg:maven/org.junit.jupiter/junit-jupiter-api@5.10.3 076
junit-jupiter-engine-5.10.3.jarpkg:maven/org.junit.jupiter/junit-jupiter-engine@5.10.3 078
junit-jupiter-params-5.10.3.jarpkg:maven/org.junit.jupiter/junit-jupiter-params@5.10.3 076
junit-platform-engine-1.10.3.jarcpe:2.3:a:fan_platform_project:fan_platform:1.10.3:*:*:*:*:*:*:*pkg:maven/org.junit.platform/junit-platform-engine@1.10.3 0Low76
log4j-api-2.23.1.jarcpe:2.3:a:apache:log4j:2.23.1:*:*:*:*:*:*:*pkg:maven/org.apache.logging.log4j/log4j-api@2.23.1 0Highest39
log4j-to-slf4j-2.23.1.jarpkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.23.1 037
logback-core-1.5.8.jarcpe:2.3:a:qos:logback:1.5.8:*:*:*:*:*:*:*pkg:maven/ch.qos.logback/logback-core@1.5.8 0Highest39
lombok-1.18.34.jarpkg:maven/org.projectlombok/lombok@1.18.34 036
lombok-1.18.34.jar: mavenEcjBootstrapAgent.jar 07
micrometer-commons-1.13.4.jarpkg:maven/io.micrometer/micrometer-commons@1.13.4 065
micrometer-observation-1.13.4.jarpkg:maven/io.micrometer/micrometer-observation@1.13.4 065
mockito-core-5.11.0.jarpkg:maven/org.mockito/mockito-core@5.11.0 041
mockito-junit-jupiter-5.11.0.jarpkg:maven/org.mockito/mockito-junit-jupiter@5.11.0 041
mysema-commons-lang-0.2.4.jarpkg:maven/com.mysema.commons/mysema-commons-lang@0.2.4 026
objenesis-3.3.jarpkg:maven/org.objenesis/objenesis@3.3 027
opentest4j-1.3.0.jarpkg:maven/org.opentest4j/opentest4j@1.3.0 060
querydsl-core-5.1.0.jarcpe:2.3:a:homepage_project:homepage:5.1.0:*:*:*:*:*:*:*pkg:maven/com.querydsl/querydsl-core@5.1.0 0Low23
querydsl-jpa-5.1.0-jakarta.jarpkg:maven/com.querydsl/querydsl-jpa@5.1.0 023
slf4j-api-2.0.16.jarpkg:maven/org.slf4j/slf4j-api@2.0.16 029
snakeyaml-2.2.jarcpe:2.3:a:snakeyaml_project:snakeyaml:2.2:*:*:*:*:*:*:*pkg:maven/org.yaml/snakeyaml@2.2 0Highest42
spring-boot-3.3.4.jarcpe:2.3:a:vmware:spring_boot:3.3.4:*:*:*:*:*:*:*pkg:maven/org.springframework.boot/spring-boot@3.3.4 0Highest38
spring-core-6.1.13.jarcpe:2.3:a:pivotal_software:spring_framework:6.1.13:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:6.1.13:*:*:*:*:*:*:*
cpe:2.3:a:vmware:spring_framework:6.1.13:*:*:*:*:*:*:*		pkg:maven/org.springframework/spring-core@6.1.13MEDIUM1Highest41
spring-data-commons-3.3.4.jarcpe:2.3:a:pivotal_software:spring_data_commons:3.3.4:*:*:*:*:*:*:*pkg:maven/org.springframework.data/spring-data-commons@3.3.4 0Highest32
spring-data-jpa-3.3.4.jarcpe:2.3:a:pivotal_software:spring_data_jpa:3.3.4:*:*:*:*:*:*:*pkg:maven/org.springframework.data/spring-data-jpa@3.3.4 0Highest30
tomcat-embed-el-10.1.30.jarpkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.30 033
txw2-4.0.5.jarcpe:2.3:a:eclipse:glassfish:4.0.5:*:*:*:*:*:*:*pkg:maven/org.glassfish.jaxb/txw2@4.0.5MEDIUM1Highest34
xmlunit-core-2.9.1.jarpkg:maven/org.xmlunit/xmlunit-core@2.9.1HIGH137

Dependencies (vulnerable)

HikariCP-5.1.0.jar

Description:

Ultimate JDBC Connection Pool

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/com/zaxxer/HikariCP/5.1.0/HikariCP-5.1.0.jar
MD5: 37404f82207a28141bd9b0fe6b1d0a16
SHA1: 8c96e36c14461fc436bb02b264b96ef3ca5dca8c
SHA256:a47a6ee62379694ee52c30036f0931b72f9aee2a801d590341ed82bd839e2134
Referenced In Project/Scope: Camel Integration:compile
HikariCP-5.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

accessors-smart-2.5.1.jar

Description:

Java reflect give poor performance on getter setter an constructor calls, accessors-smart use ASM to speed up those calls.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/net/minidev/accessors-smart/2.5.1/accessors-smart-2.5.1.jar
MD5: 51e60dbf9ac51f6666f0077317990944
SHA1: 19b820261eb2e7de7d5bde11d1c06e4501dd7e5f
SHA256:2796ae857d0c7be4bc3580daa4d3828d555212355f4c83d38dd0af0742b3c812
Referenced In Project/Scope: Camel Integration:compile
accessors-smart-2.5.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

android-json-0.0.20131108.vaadin1.jar

Description:

      JSON (JavaScript Object Notation) is a lightweight data-interchange format.
      This is the org.json compatible Android implementation extracted from the Android SDK
    

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /Users/tommym/.m2/repository/com/vaadin/external/google/android-json/0.0.20131108.vaadin1/android-json-0.0.20131108.vaadin1.jar
MD5: 10612241a9cc269501a7a2b8a984b949
SHA1: fa26d351fe62a6a17f5cda1287c1c6110dec413f
SHA256:dfb7bae2f404cfe0b72b4d23944698cb716b7665171812a0a4d0f5926c0fac79
Referenced In Project/Scope: Camel Integration:compile
android-json-0.0.20131108.vaadin1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

angus-activation-2.0.2.jar

Description:

 Implementation

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/tommym/.m2/repository/org/eclipse/angus/angus-activation/2.0.2/angus-activation-2.0.2.jar
MD5: 42bba74155dc773eca277ee7a16f74be
SHA1: 41f1e0ddd157c856926ed149ab837d110955a9fc
SHA256:6dd3bcffc22bce83b07376a0e2e094e4964a3195d4118fb43e380ef35436cc1e
Referenced In Project/Scope: Camel Integration:runtime
angus-activation-2.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

antlr4-runtime-4.13.0.jar

Description:

The ANTLR 4 Runtime

License:

https://www.antlr.org/license.html
File Path: /Users/tommym/.m2/repository/org/antlr/antlr4-runtime/4.13.0/antlr4-runtime-4.13.0.jar
MD5: bff95723c494b332b14575d713a65df4
SHA1: 5a02e48521624faaf5ff4d99afc88b01686af655
SHA256:bd7f7b5d07bc0b047f10915b32ca4bb1de9e57d8049098882e4453c88c076a5d
Referenced In Project/Scope: Camel Integration:compile
antlr4-runtime-4.13.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

apiguardian-api-1.1.2.jar

Description:

@API Guardian

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/apiguardian/apiguardian-api/1.1.2/apiguardian-api-1.1.2.jar
MD5: 8c7de3f82037fa4a2e8be2a2f13092af
SHA1: a231e0d844d2721b0fa1b238006d15c6ded6842a
SHA256:b509448ac506d607319f182537f0b35d71007582ec741832a1f111e5b5b70b38
Referenced In Project/Scope: Camel Integration:compile
apiguardian-api-1.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter@5.10.3

Identifiers

asm-9.6.jar

Description:

ASM, a very small and fast Java bytecode manipulation framework

License:

BSD-3-Clause: https://asm.ow2.io/license.html
File Path: /Users/tommym/.m2/repository/org/ow2/asm/asm/9.6/asm-9.6.jar
MD5: 6f8bccf756f170d4185bb24c8c2d2020
SHA1: aa205cf0a06dbd8e04ece91c0b37c3f5d567546a
SHA256:3c6fac2424db3d4a853b669f4e3d1d9c3c552235e19a319673f887083c2303a1
Referenced In Project/Scope: Camel Integration:compile
asm-9.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

aspectjweaver-1.9.22.1.jar

Description:

The AspectJ weaver applies aspects to Java classes. It can be used as a Java agent in order to apply load-time
		weaving (LTW) during class-loading and also contains the AspectJ runtime classes.

License:

Eclipse Public License - v 2.0: https://www.eclipse.org/org/documents/epl-2.0/EPL-2.0.txt
File Path: /Users/tommym/.m2/repository/org/aspectj/aspectjweaver/1.9.22.1/aspectjweaver-1.9.22.1.jar
MD5: f2edbc088126174a11b68279bd26c6eb
SHA1: bca243d0af0db4758fbae45c5f4995cb5dabb612
SHA256:cd2dd01ec2424c05669df4d557f6c6cd7ed87b05257ee3c866b4c5b116b18a78
Referenced In Project/Scope: Camel Integration:compile
aspectjweaver-1.9.22.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

assertj-core-3.25.3.jar

Description:

Rich and fluent assertions for testing in Java

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/assertj/assertj-core/3.25.3/assertj-core-3.25.3.jar
MD5: 88258246abdcbf7298b7c3401273e15b
SHA1: 792b270e73aa1cfc28fa135be0b95e69ea451432
SHA256:7fbdffa1996d43cc08e2576e01008b07e57bbad2b4741aa6c3ab73ce8511130e
Referenced In Project/Scope: Camel Integration:compile
assertj-core-3.25.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

awaitility-4.2.2.jar

Description:

A Java DSL for synchronizing asynchronous operations

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/awaitility/awaitility/4.2.2/awaitility-4.2.2.jar
MD5: 04ec00a85d39fffdfed9e5df1120adf4
SHA1: 7336242073ebf83fe034e42b46a403c5501b63c9
SHA256:e831fee30ed401e2208f1bd5a0ef9add538d9cb1103c0e43216691b647bde9c6
Referenced In Project/Scope: Camel Integration:compile
awaitility-4.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

byte-buddy-1.14.19.jar

Description:

        Byte Buddy is a Java library for creating Java classes at run time.
        This artifact is a build of Byte Buddy with all ASM dependencies repackaged into its own name space.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/net/bytebuddy/byte-buddy/1.14.19/byte-buddy-1.14.19.jar
MD5: 745f8db2db7678ff12cb654343cee830
SHA1: 4c0c637b8f47dc08f89240e6f59900011752c97b
SHA256:8415a44d841b2cdecdf5d73a05c29a8cf92dc2b60fca7ff7b3f21cd431b5a4ec
Referenced In Project/Scope: Camel Integration:compile
byte-buddy-1.14.19.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@5.11.0

Identifiers

byte-buddy-agent-1.14.19.jar

Description:

The Byte Buddy agent offers convenience for attaching an agent to the local or a remote VM.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/net/bytebuddy/byte-buddy-agent/1.14.19/byte-buddy-agent-1.14.19.jar
MD5: 6a974aa27ef3ae082f74b1dffdcf2211
SHA1: 154da3a65b4f4a909d3e5bdec55d1b2b4cbb6ce1
SHA256:9f33867a61e7261af0fe4b78e8d8434284b577295978524d1681e5bfbcfde84d
Referenced In Project/Scope: Camel Integration:provided
byte-buddy-agent-1.14.19.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@5.11.0

Identifiers

byte-buddy-agent-1.14.19.jar: attach_hotspot_windows.dll

File Path: /Users/tommym/.m2/repository/net/bytebuddy/byte-buddy-agent/1.14.19/byte-buddy-agent-1.14.19.jar/win32-x86-64/attach_hotspot_windows.dll
MD5: 053a783e5777c6a9867c27d51af89677
SHA1: 5ef4d98ae6a033a5707d0b5466e6138beb337e76
SHA256:16d424423f9b09accf132ad35dbeaa52ac9f6bd45bba1406b89df851f651db20
Referenced In Project/Scope: Camel Integration:provided

Identifiers

  • None

byte-buddy-agent-1.14.19.jar: attach_hotspot_windows.dll

File Path: /Users/tommym/.m2/repository/net/bytebuddy/byte-buddy-agent/1.14.19/byte-buddy-agent-1.14.19.jar/win32-x86/attach_hotspot_windows.dll
MD5: fbca33102ac97be0ed496c0f78e466b3
SHA1: c4df05146a86a6d073769bb697d550ef42518ed5
SHA256:810f94c4a2f5ca1a072c19859f7954fed9aa3a1dcb0d601e92d2338793202e72
Referenced In Project/Scope: Camel Integration:provided

Identifiers

  • None

camel-core-engine-4.8.0.jar

Description:

Just the Camel Core engine without any core components

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/apache/camel/camel-core-engine/4.8.0/camel-core-engine-4.8.0.jar
MD5: c05705a5db8ab8754ce2c292443a0cb4
SHA1: 16aef0b49fd7d8f9bb56cdcb4c69a22e950d67a8
SHA256:82d9b17f2457562d20142e0fdabda49f79636fa87a9cdc21b230c2f796b73204
Referenced In Project/Scope: Camel Integration:compile
camel-core-engine-4.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

classmate-1.7.0.jar

Description:

Library for introspecting types with full generic information
        including resolving of field and method types.

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/com/fasterxml/classmate/1.7.0/classmate-1.7.0.jar
MD5: 3b8f14fe92feb865a8205aa63c5ed769
SHA1: 0e98374da1f2143ac8e6e0a95036994bb19137a3
SHA256:cb868f231c5cceb89d795ea00e6e1b7a93b8f4ac1ce1d8be76dde322dff4a046
Referenced In Project/Scope: Camel Integration:compile
classmate-1.7.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

commons-codec-1.16.1.jar

Description:

     The Apache Commons Codec component contains encoder and decoders for
     various formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/commons-codec/commons-codec/1.16.1/commons-codec-1.16.1.jar
MD5: 6c5be822d8d3fa61c3b54c4c8978dfdc
SHA1: 47bd4d333fba53406f6c6c51884ddbca435c8862
SHA256:ec87bfb55f22cbd1b21e2190eeda28b2b312ed2a431ee49fbdcc01812d04a5e4
Referenced In Project/Scope: Camel Integration:compile
commons-codec-1.16.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

commons-lang3-3.14.0.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/apache/commons/commons-lang3/3.14.0/commons-lang3-3.14.0.jar
MD5: 4e5c3f5e6b0b965ef241d7d72ac8971f
SHA1: 1ed471194b02f2c6cb734a0cd6f6f107c673afae
SHA256:7b96bf3ee68949abb5bc465559ac270e0551596fa34523fddf890ec418dde13c
Referenced In Project/Scope: Camel Integration:compile
commons-lang3-3.14.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

dynamo-api-4.0.0-RC2.jar

Description:

Dynamo Framework API project.

File Path: /Users/tommym/Work/opencirclesolutions/dynamo/dynamo-api/target/dynamo-api-4.0.0-RC2.jar
MD5: c9f04fa11e97fea9bbef969ef5e567a7
SHA1: 0eeb7c8b42419068611cee3141dc37be05e00783
SHA256:bb2209146baf1c0a811a3819da0e65cdd9902bcfc6e02193999c8119c400754b
Referenced In Project/Scope: Camel Integration:compile
dynamo-api-4.0.0-RC2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

dynamo-impl-4.0.0-RC2.jar

Description:

Dynamo Framework implementation project.

File Path: /Users/tommym/Work/opencirclesolutions/dynamo/dynamo-impl/target/dynamo-impl-4.0.0-RC2.jar
MD5: 143b8fc2dc4c5c766e4b4015840a2df5
SHA1: 9709cfb81182fd4cbbe3e5ee73fc9853421d1554
SHA256:f5075f96c46bb106d78dc5d566eb2184d5fee783fe7b4fda0cbf1956e483562a
Referenced In Project/Scope: Camel Integration:compile
dynamo-impl-4.0.0-RC2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-integration-camel@4.0.0-RC2

Identifiers

dynamo-test-4.0.0-RC2.jar

Description:

Dynamo Framework supporting test classes project.

File Path: /Users/tommym/Work/opencirclesolutions/dynamo/dynamo-test/target/dynamo-test-4.0.0-RC2.jar
MD5: 5a7464ffa26267cf3d3b2f982a58b1c6
SHA1: 25a5715e38b6278828bc8f70022249753668ef90
SHA256:1e10db2b95c25bc0afa73b49d7e6de6594353db33cd56fab4256f375a7ae7095
Referenced In Project/Scope: Camel Integration:compile
dynamo-test-4.0.0-RC2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-integration-camel@4.0.0-RC2

Identifiers

h2-2.2.224.jar

Description:

H2 Database Engine

License:

MPL 2.0: https://www.mozilla.org/en-US/MPL/2.0/
EPL 1.0: https://opensource.org/licenses/eclipse-1.0.php
File Path: /Users/tommym/.m2/repository/com/h2database/h2/2.2.224/h2-2.2.224.jar
MD5: 769d5a85d19ccc2b06620f8c81d6d8f8
SHA1: 7bdade27d8cd197d9b5ce9dc251f41d2edc5f7ad
SHA256:b9d8f19358ada82a4f6eb5b174c6cfe320a375b5a9cb5a4fe456d623e6e55497
Referenced In Project/Scope: Camel Integration:compile
h2-2.2.224.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-integration-camel@4.0.0-RC2

Identifiers

CVE-2018-14335 (OSSINDEX)  

h2database - Improper Link Resolution Before File Access

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
CWE-59 Improper Link Resolution Before File Access ('Link Following')

CVSSv3:
  • Base Score: MEDIUM (6.0)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:com.h2database:h2:2.2.224:*:*:*:*:*:*:*

h2-2.2.224.jar: data.zip: table.js

File Path: /Users/tommym/.m2/repository/com/h2database/h2/2.2.224/h2-2.2.224.jar/org/h2/util/data.zip/org/h2/server/web/res/table.js
MD5: f374e067dff4b106b77abab77b360d8b
SHA1: 67d0af73251e86e079f1db4b837920309a1a3993
SHA256:75e452b34b317d0a8c630b9ac469db3d82988e221d41adc17cf1bab3c0e88c78
Referenced In Project/Scope: Camel Integration:compile

Identifiers

  • None

h2-2.2.224.jar: data.zip: tree.js

File Path: /Users/tommym/.m2/repository/com/h2database/h2/2.2.224/h2-2.2.224.jar/org/h2/util/data.zip/org/h2/server/web/res/tree.js
MD5: 760f137680a67ae829c2000c4156e050
SHA1: d947ebba0777d68aa9397fc7d8b04ce2a725c12b
SHA256:2bb3d968d50a5d96912f77552d772184d0213e2601895517ba53afa64dc433ed
Referenced In Project/Scope: Camel Integration:compile

Identifiers

  • None

hamcrest-2.2.jar

Description:

Core API and libraries of hamcrest matcher framework.

License:

BSD License 3: http://opensource.org/licenses/BSD-3-Clause
File Path: /Users/tommym/.m2/repository/org/hamcrest/hamcrest/2.2/hamcrest-2.2.jar
MD5: 10b47e837f271d0662f28780e60388e8
SHA1: 1820c0968dba3a11a1b30669bb1f01978a91dedc
SHA256:5e62846a89f05cd78cd9c1a553f340d002458380c320455dd1f8fc5497a8a1c1
Referenced In Project/Scope: Camel Integration:compile
hamcrest-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

hibernate-commons-annotations-6.0.6.Final.jar

Description:

Common reflection code used in support of annotation processing

License:

GNU Library General Public License v2.1 or later: http://www.opensource.org/licenses/LGPL-2.1
File Path: /Users/tommym/.m2/repository/org/hibernate/common/hibernate-commons-annotations/6.0.6.Final/hibernate-commons-annotations-6.0.6.Final.jar
MD5: c155df7d9f04d15f3f6bbe79f4907074
SHA1: 77a5f94b56d49508e0ee334751db5b78e5ccd50c
SHA256:cd974e0a8481fafdbaf9b4a0f08bb5a6c969b0365482763eedf77e6fd7f493b7
Referenced In Project/Scope: Camel Integration:runtime
hibernate-commons-annotations-6.0.6.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

hibernate-core-6.5.3.Final.jar

Description:

Hibernate's core ORM functionality

License:

GNU Library General Public License v2.1 or later: https://www.opensource.org/licenses/LGPL-2.1
File Path: /Users/tommym/.m2/repository/org/hibernate/orm/hibernate-core/6.5.3.Final/hibernate-core-6.5.3.Final.jar
MD5: 7cee9d560d7ca13dd0fc4e6d5f34f9b7
SHA1: 1e23c320a5d10f5eaecbd23095fca5c5c83c1fb5
SHA256:f79b5e5029a72e2f0ba7542591fba8305c9edbc0dbdc974541f2376ff1203422
Referenced In Project/Scope: Camel Integration:compile
hibernate-core-6.5.3.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

hibernate-validator-8.0.1.Final.jar

Description:

Hibernate's Jakarta Bean Validation reference implementation.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/hibernate/validator/hibernate-validator/8.0.1.Final/hibernate-validator-8.0.1.Final.jar
MD5: 66985b6bf8da17611031e2421c235241
SHA1: e49e116b3d3928060599b176b3538bb848718e95
SHA256:8c1244a498231091fe723d9666a93444ee9f93607245c6b29829dc5fe57a335c
Referenced In Project/Scope: Camel Integration:compile
hibernate-validator-8.0.1.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

istack-commons-runtime-4.1.2.jar

Description:

istack common utility code

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/tommym/.m2/repository/com/sun/istack/istack-commons-runtime/4.1.2/istack-commons-runtime-4.1.2.jar
MD5: 535154ef647af2a52478c4debec93659
SHA1: 18ec117c85f3ba0ac65409136afa8e42bc74e739
SHA256:7fd6792361f4dd00f8c56af4a20cecc0066deea4a8f3dec38348af23fc2296ee
Referenced In Project/Scope: Camel Integration:runtime
istack-commons-runtime-4.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

jakarta.activation-api-2.1.3.jar

Description:

  Specification

License:

EDL 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/tommym/.m2/repository/jakarta/activation/jakarta.activation-api/2.1.3/jakarta.activation-api-2.1.3.jar
MD5: 76e7b680375ea9f40f3ddbd702efcd25
SHA1: fa165bd70cda600368eee31555222776a46b881f
SHA256:01b176d718a169263e78290691fc479977186bcc6b333487325084d6586f4627
Referenced In Project/Scope: Camel Integration:compile
jakarta.activation-api-2.1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

jakarta.annotation-api-2.1.1.jar

Description:

Jakarta Annotations API

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /Users/tommym/.m2/repository/jakarta/annotation/jakarta.annotation-api/2.1.1/jakarta.annotation-api-2.1.1.jar
MD5: 5dac2f68e8288d0add4dc92cb161711d
SHA1: 48b9bda22b091b1f48b13af03fe36db3be6e1ae3
SHA256:5f65fdaf424eee2b55e1d882ba9bb376be93fb09b37b808be6e22e8851c909fe
Referenced In Project/Scope: Camel Integration:compile
jakarta.annotation-api-2.1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

jakarta.inject-api-2.0.1.jar

Description:

Jakarta Dependency Injection

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/jakarta/inject/jakarta.inject-api/2.0.1/jakarta.inject-api-2.0.1.jar
MD5: 72003bf6efcc8455d414bbd7da86c11c
SHA1: 4c28afe1991a941d7702fe1362c365f0a8641d1e
SHA256:f7dc98062fccf14126abb751b64fab12c312566e8cbdc8483598bffcea93af7c
Referenced In Project/Scope: Camel Integration:runtime
jakarta.inject-api-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

jakarta.persistence-api-3.1.0.jar

Description:

Jakarta Persistence 3.1 API jar

License:

Eclipse Public License v. 2.0: http://www.eclipse.org/legal/epl-2.0
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/tommym/.m2/repository/jakarta/persistence/jakarta.persistence-api/3.1.0/jakarta.persistence-api-3.1.0.jar
MD5: 35a1b7dfb38cf44ff795be607b0e6b5b
SHA1: 66901fa1c373c6aff65c13791cc11da72060a8d6
SHA256:475389446d35c6f46c565728b756dc508c284644ea2690644e0d8e7e339d42fd
Referenced In Project/Scope: Camel Integration:compile
jakarta.persistence-api-3.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

jakarta.transaction-api-2.0.1.jar

Description:

Jakarta Transactions

License:

EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html
File Path: /Users/tommym/.m2/repository/jakarta/transaction/jakarta.transaction-api/2.0.1/jakarta.transaction-api-2.0.1.jar
MD5: 5315974a3935e342b40849478e1c9966
SHA1: 51a520e3fae406abb84e2e1148e6746ce3f80a1a
SHA256:50c0a7c760c13ae6c042acf182b28f0047413db95b4636fb8879bcffab5ba875
Referenced In Project/Scope: Camel Integration:compile
jakarta.transaction-api-2.0.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

jakarta.validation-api-3.0.2.jar

Description:

        Jakarta Bean Validation API

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/jakarta/validation/jakarta.validation-api/3.0.2/jakarta.validation-api-3.0.2.jar
MD5: 3a1ee6efca3e41e3320599790f54c5eb
SHA1: 92b6631659ba35ca09e44874d3eb936edfeee532
SHA256:291c25e6910cc6a7ebd96d4c6baebf6d7c37676c5482c2d96146e901b62c1fc9
Referenced In Project/Scope: Camel Integration:compile
jakarta.validation-api-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

jakarta.xml.bind-api-4.0.2.jar

Description:

Jakarta XML Binding API 4.0 Design Specification

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/tommym/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/4.0.2/jakarta.xml.bind-api-4.0.2.jar
MD5: 0c8f9991081def819435c3ff36e4d93f
SHA1: 6cd5a999b834b63238005b7144136379dc36cad2
SHA256:0d6bcfe47763e85047acf7c398336dc84ff85ebcad0a7cb6f3b9d3e981245406
Referenced In Project/Scope: Camel Integration:compile
jakarta.xml.bind-api-4.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

jandex-3.1.2.jar

Description:

SmallRye Build Parent POM

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/io/smallrye/jandex/3.1.2/jandex-3.1.2.jar
MD5: 757ae579a3a52c03c3c60fbe393c086f
SHA1: a6c1c89925c7df06242b03dddb353116ceb9584c
SHA256:dee12fa1787d5523ed1a02d6c63b19e7aef6ac560f7c6d70595db01aa37e041e
Referenced In Project/Scope: Camel Integration:runtime
jandex-3.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

jaxb-core-4.0.5.jar

Description:

JAXB Core module. Contains sources required by XJC, JXC and Runtime modules.

License:

http://www.eclipse.org/org/documents/edl-v10.php
File Path: /Users/tommym/.m2/repository/org/glassfish/jaxb/jaxb-core/4.0.5/jaxb-core-4.0.5.jar
MD5: ab09aef6bebd4438b0a02707881801e4
SHA1: 007b4b11ea5542eea4ad55e1080b23be436795b3
SHA256:ad3fd9bf00de3eda9859f70b6cfb011e2fe9904804e16a2665092888ece0fdca
Referenced In Project/Scope: Camel Integration:runtime
jaxb-core-4.0.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

CVE-2024-9329  

In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
CWE-601 URL Redirection to Untrusted Site ('Open Redirect'), CWE-233 Improper Handling of Parameters

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

jboss-logging-3.5.3.Final.jar

Description:

The JBoss Logging Framework

License:

Apache License 2.0: https://repository.jboss.org/licenses/apache-2.0.txt
File Path: /Users/tommym/.m2/repository/org/jboss/logging/jboss-logging/3.5.3.Final/jboss-logging-3.5.3.Final.jar
MD5: ee7e24e94235c13f53392ecaa53f938c
SHA1: c88fc1d8a96d4c3491f55d4317458ccad53ca663
SHA256:7b119460de174195aca412dfed52ca0bbef0ece26c2d74301b6172cfadf4ff59
Referenced In Project/Scope: Camel Integration:compile
jboss-logging-3.5.3.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

json-path-2.9.0.jar

Description:

A library to query and verify JSON

License:

The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/com/jayway/jsonpath/json-path/2.9.0/json-path-2.9.0.jar
MD5: e89678d2e4ff45e4f39a97ccd0223719
SHA1: 37fe2217f577b0b68b18e62c4d17a8858ecf9b69
SHA256:11a9ee6f88bb31f1450108d1cf6441377dec84aca075eb6bb2343be157575bea
Referenced In Project/Scope: Camel Integration:compile
json-path-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

json-smart-2.5.1.jar

Description:

JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write. It is easy for machines to parse and generate. It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition - December 1999. JSON is a text format that is completely language independent but uses conventions that are familiar to programmers of the C-family of languages, including C, C++, C#, Java, JavaScript, Perl, Python, and many others. These properties make JSON an ideal data-interchange language.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/net/minidev/json-smart/2.5.1/json-smart-2.5.1.jar
MD5: 88a65001b616c2e7796f9263ad97bbf1
SHA1: 4c11d2808d009132dfbbf947ebf37de6bf266c8e
SHA256:86c0c189581b79b57b0719f443a724e9f628ffbb9eef645cf79194f5973a1001
Referenced In Project/Scope: Camel Integration:compile
json-smart-2.5.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

jsonassert-1.5.3.jar

Description:

Write JSON unit tests in less code. Great for testing REST interfaces.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/skyscreamer/jsonassert/1.5.3/jsonassert-1.5.3.jar
MD5: aee6947b4d626e3e37c21c7ac7652ae6
SHA1: aaa43e0823d2a0e106e8754d6a9c4ab24e05e9bc
SHA256:719095c07d4203961320da593441d8b3b643c18eb1d81aa98ea933bb7eb351ba
Referenced In Project/Scope: Camel Integration:compile
jsonassert-1.5.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

jul-to-slf4j-2.0.16.jar

Description:

JUL to SLF4J bridge

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /Users/tommym/.m2/repository/org/slf4j/jul-to-slf4j/2.0.16/jul-to-slf4j-2.0.16.jar
MD5: 410ad2f2230e0150216d86e12a4af995
SHA1: 6d57da3e961daac65bcca0dd3def6cd11e48a24a
SHA256:0f2ec396ea29c9a440890d1f09fdb82fdd574b47b298435764235451c193861d
Referenced In Project/Scope: Camel Integration:compile
jul-to-slf4j-2.0.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

junit-jupiter-5.10.3.jar

Description:

Module "junit-jupiter" of JUnit 5.

License:

Eclipse Public License v2.0: https://www.eclipse.org/legal/epl-v20.html
File Path: /Users/tommym/.m2/repository/org/junit/jupiter/junit-jupiter/5.10.3/junit-jupiter-5.10.3.jar
MD5: 8312d239f10b3aaa94c3dc69f84a250f
SHA1: 6686d8fbf251f9bf8ecba413cab57b9e00f9134d
SHA256:e6fc09f881eba8b8d8a7660a6c7f4d582fa7881f306136afe2d82964a2e7c22f
Referenced In Project/Scope: Camel Integration:compile
junit-jupiter-5.10.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-integration-camel@4.0.0-RC2

Identifiers

junit-jupiter-api-5.10.3.jar

Description:

Module "junit-jupiter-api" of JUnit 5.

License:

Eclipse Public License v2.0: https://www.eclipse.org/legal/epl-v20.html
File Path: /Users/tommym/.m2/repository/org/junit/jupiter/junit-jupiter-api/5.10.3/junit-jupiter-api-5.10.3.jar
MD5: 9c5af4543b8784a55eab254418cc367b
SHA1: a22aa91d1d6c69b2020a9aeb6d095ea81132bfa5
SHA256:6efe6e01ca1ff79b7bf4c6f1eed0b29292e166c27eaf7b00ac981a14d4de61aa
Referenced In Project/Scope: Camel Integration:compile
junit-jupiter-api-5.10.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter@5.10.3

Identifiers

junit-jupiter-engine-5.10.3.jar

Description:

Module "junit-jupiter-engine" of JUnit 5.

License:

Eclipse Public License v2.0: https://www.eclipse.org/legal/epl-v20.html
File Path: /Users/tommym/.m2/repository/org/junit/jupiter/junit-jupiter-engine/5.10.3/junit-jupiter-engine-5.10.3.jar
MD5: c87ca6659d594120a6030a2760bcdf14
SHA1: 48c14e866bb1a87ca35d24ff068463bb202ada24
SHA256:bbd3ce8dc11e9925071ef9691d68af1ab6e712faa6851f7c5275bc8aafc88673
Referenced In Project/Scope: Camel Integration:runtime
junit-jupiter-engine-5.10.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter@5.10.3

Identifiers

junit-jupiter-params-5.10.3.jar

Description:

Module "junit-jupiter-params" of JUnit 5.

License:

Eclipse Public License v2.0: https://www.eclipse.org/legal/epl-v20.html
File Path: /Users/tommym/.m2/repository/org/junit/jupiter/junit-jupiter-params/5.10.3/junit-jupiter-params-5.10.3.jar
MD5: 8c0d875131fa73e688df785a3b2f338d
SHA1: 4852f4e4af9074d9214213b199751f99efeab8b9
SHA256:7c3ed8cefb12496b76c53c3da986ea8f0bf3f426781869475551ae3a506c1ad8
Referenced In Project/Scope: Camel Integration:compile
junit-jupiter-params-5.10.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter@5.10.3

Identifiers

junit-platform-engine-1.10.3.jar

Description:

Module "junit-platform-engine" of JUnit 5.

License:

Eclipse Public License v2.0: https://www.eclipse.org/legal/epl-v20.html
File Path: /Users/tommym/.m2/repository/org/junit/platform/junit-platform-engine/1.10.3/junit-platform-engine-1.10.3.jar
MD5: 8fe56ec6a59c1e208e8ba0def9e47bf3
SHA1: 365a320c3cfd47f3346625e541e424e35dc75c42
SHA256:df7c32bf75cf47c4c8ddd1942091027947a7d765d30b731fe00830115fafa133
Referenced In Project/Scope: Camel Integration:runtime
junit-platform-engine-1.10.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter@5.10.3

Identifiers

log4j-api-2.23.1.jar

Description:

The Apache Log4j API

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/apache/logging/log4j/log4j-api/2.23.1/log4j-api-2.23.1.jar
MD5: bee2e2dcbeeb983bdb6b71c9c3476b6a
SHA1: 9c15c29c526d9c6783049c0a77722693c66706e1
SHA256:92ec1fd36ab3bc09de6198d2d7c0914685c0f7127ea931acc32fd2ecdd82ea89
Referenced In Project/Scope: Camel Integration:compile
log4j-api-2.23.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

log4j-to-slf4j-2.23.1.jar

Description:

The Apache Log4j binding between Log4j 2 API and SLF4J.

License:

Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/apache/logging/log4j/log4j-to-slf4j/2.23.1/log4j-to-slf4j-2.23.1.jar
MD5: d60143628bb91f9dfa0148c213388b39
SHA1: 425ad1eb8a39904d2830e907a324e956fb456520
SHA256:7937a84055156910234e3b42868f55e68ff4b7becbb6ffd10146f72f5bf54dd5
Referenced In Project/Scope: Camel Integration:compile
log4j-to-slf4j-2.23.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

logback-core-1.5.8.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /Users/tommym/.m2/repository/ch/qos/logback/logback-core/1.5.8/logback-core-1.5.8.jar
MD5: 6048cf7daf6489ce151130cc993edccf
SHA1: 3fce599197de3b6f387cc9bee412ead2b4994a46
SHA256:a698e4cff3eac45eec9b2755df93bb7a9725d853f7938030654ce5430b37c41d
Referenced In Project/Scope: Camel Integration:compile
logback-core-1.5.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

lombok-1.18.34.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: /Users/tommym/.m2/repository/org/projectlombok/lombok/1.18.34/lombok-1.18.34.jar
MD5: 91ce91dbfa7694bff4ddc1e51643f8b2
SHA1: ec547ef414ab1d2c040118fb9c1c265ada63af14
SHA256:c27d6b2aff56241d1b07fcbcc6b183709e6b432c80f7374eeb1d823e86d4b81a
Referenced In Project/Scope: Camel Integration:compile
lombok-1.18.34.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

lombok-1.18.34.jar: mavenEcjBootstrapAgent.jar

File Path: /Users/tommym/.m2/repository/org/projectlombok/lombok/1.18.34/lombok-1.18.34.jar/lombok/launch/mavenEcjBootstrapAgent.jar
MD5: e5552f93605e20eb4039662ee38ee41a
SHA1: 257946794d3fbaff9023c991de99d6b7a7be8c8d
SHA256:7f93cde1d476e8d84f51213c52d70eb596fcde669fbd30fbd5a6745346fdde9d
Referenced In Project/Scope: Camel Integration:compile

Identifiers

  • None

micrometer-commons-1.13.4.jar

Description:

Module containing common code

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/io/micrometer/micrometer-commons/1.13.4/micrometer-commons-1.13.4.jar
MD5: 3058e9b29fff7d5f2d4bdabd3ba6b806
SHA1: edcf69518a4c382c48e19c7fb7d4aedfb115c0c3
SHA256:7407cc52817cfb66814292de841a4495c5af5309b15be367565d4bc700a433c2
Referenced In Project/Scope: Camel Integration:compile
micrometer-commons-1.13.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

micrometer-observation-1.13.4.jar

Description:

Module containing Observation related code

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/io/micrometer/micrometer-observation/1.13.4/micrometer-observation-1.13.4.jar
MD5: f2731d224c64773ce187592e6cbf3fc0
SHA1: 2673c9b181ab2512002b23b7ad0f1dd02212696c
SHA256:58642b0c0c965d1dc42bc49573657e948ea2a6c54d4902a6bc7e12a558d71f50
Referenced In Project/Scope: Camel Integration:compile
micrometer-observation-1.13.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

mockito-core-5.11.0.jar

Description:

Mockito mock objects library core API and implementation

License:

MIT: https://opensource.org/licenses/MIT
File Path: /Users/tommym/.m2/repository/org/mockito/mockito-core/5.11.0/mockito-core-5.11.0.jar
MD5: 73997150a1d85f77aa03fdb7750dc2d0
SHA1: e4069fa4f4ff2c94322cfec5f2e45341c6c70aff
SHA256:f076c96b1f49b8d9bc42e46b0969aaf5684c40c8b5b679d400e5d880073a0e00
Referenced In Project/Scope: Camel Integration:provided
mockito-core-5.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-integration-camel@4.0.0-RC2

Identifiers

mockito-junit-jupiter-5.11.0.jar

Description:

Mockito JUnit 5 support

License:

MIT: https://opensource.org/licenses/MIT
File Path: /Users/tommym/.m2/repository/org/mockito/mockito-junit-jupiter/5.11.0/mockito-junit-jupiter-5.11.0.jar
MD5: 42d14b53962b3641779a11271c26418f
SHA1: 8e658dd339f40305ed4293db25545b5df98b171b
SHA256:a30ea4fe0484e54f64cdc15269a6c6ff1bd89bc26a0d41e4c27cb91cb78dc548
Referenced In Project/Scope: Camel Integration:compile
mockito-junit-jupiter-5.11.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

mysema-commons-lang-0.2.4.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/com/mysema/commons/mysema-commons-lang/0.2.4/mysema-commons-lang-0.2.4.jar
MD5: c13bde1d0dae26b8ca3c56b5e4e40157
SHA1: d09c8489d54251a6c22fbce804bdd4a070557317
SHA256:dbbdd6816b33d3bead50f4d217825fcf568d50a43af881df5cdd01468c2b6efe
Referenced In Project/Scope: Camel Integration:compile
mysema-commons-lang-0.2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

objenesis-3.3.jar

Description:

A library for instantiating Java objects

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/objenesis/objenesis/3.3/objenesis-3.3.jar
MD5: ab0e0b2ab81affdd7f38bcc60fd85571
SHA1: 1049c09f1de4331e8193e579448d0916d75b7631
SHA256:02dfd0b0439a5591e35b708ed2f5474eb0948f53abf74637e959b8e4ef69bfeb
Referenced In Project/Scope: Camel Integration:provided
objenesis-3.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.mockito/mockito-core@5.11.0

Identifiers

opentest4j-1.3.0.jar

Description:

Open Test Alliance for the JVM

License:

The Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/opentest4j/opentest4j/1.3.0/opentest4j-1.3.0.jar
MD5: 03c404f727531f3fd3b4c73997899327
SHA1: 152ea56b3a72f655d4fd677fc0ef2596c3dd5e6e
SHA256:48e2df636cab6563ced64dcdff8abb2355627cb236ef0bf37598682ddf742f1b
Referenced In Project/Scope: Camel Integration:compile
opentest4j-1.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.junit.jupiter/junit-jupiter@5.10.3

Identifiers

querydsl-core-5.1.0.jar

Description:

core module for querydsl

File Path: /Users/tommym/.m2/repository/com/querydsl/querydsl-core/5.1.0/querydsl-core-5.1.0.jar
MD5: 2c9349a570cc9b090e44a22bff6be406
SHA1: be322c3fe98de8e7c204afb8860bfabd81a3bafd
SHA256:57a3033ddbb4d928552b33443be7195bc3caba6fa85cd9a492bc874a5ef98c8e
Referenced In Project/Scope: Camel Integration:compile
querydsl-core-5.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

querydsl-jpa-5.1.0-jakarta.jar

Description:

JPA support for Querydsl

File Path: /Users/tommym/.m2/repository/com/querydsl/querydsl-jpa/5.1.0/querydsl-jpa-5.1.0-jakarta.jar
MD5: 54dae173af07a330f1a80cc48b0e02f3
SHA1: f44ee79a324cf92d6821eca736b2028e69542050
SHA256:01b064b511e093ceff2a8698829354b4fb1dc08f576e405dd6dfa8ab35736ca2
Referenced In Project/Scope: Camel Integration:compile
querydsl-jpa-5.1.0-jakarta.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

slf4j-api-2.0.16.jar

Description:

The slf4j API

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /Users/tommym/.m2/repository/org/slf4j/slf4j-api/2.0.16/slf4j-api-2.0.16.jar
MD5: c8de8f5d740584cb24b5652cfba8b3c4
SHA1: 0172931663a09a1fa515567af5fbef00897d3c04
SHA256:a12578dde1ba00bd9b816d388a0b879928d00bab3c83c240f7013bf4196c579a
Referenced In Project/Scope: Camel Integration:compile
slf4j-api-2.0.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

snakeyaml-2.2.jar

Description:

YAML 1.1 parser and emitter for Java

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/yaml/snakeyaml/2.2/snakeyaml-2.2.jar
MD5: d78aacf5f2de5b52f1a327470efd1ad7
SHA1: 3af797a25458550a16bf89acc8e4ab2b7f2bfce0
SHA256:1467931448a0817696ae2805b7b8b20bfb082652bf9c4efaed528930dc49389b
Referenced In Project/Scope: Camel Integration:compile
snakeyaml-2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.camel.springboot/camel-spring-boot-starter@4.8.0

Identifiers

spring-boot-3.3.4.jar

Description:

Spring Boot

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /Users/tommym/.m2/repository/org/springframework/boot/spring-boot/3.3.4/spring-boot-3.3.4.jar
MD5: f0ef22445df4734fbd86ac1f976833c0
SHA1: f06c6950aa5766b63328e821641f5c7d71be819d
SHA256:2d3b43ade67d8b8ff23e80fa7f9f3d469a28413a826042808bcb3b718f13e01a
Referenced In Project/Scope: Camel Integration:compile
spring-boot-3.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

spring-core-6.1.13.jar

Description:

Spring Core

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /Users/tommym/.m2/repository/org/springframework/spring-core/6.1.13/spring-core-6.1.13.jar
MD5: e1965e1d05b8ed52cee0593007d2e40f
SHA1: ddbd765408d2665f47017c8f05a7682012f91da3
SHA256:5f0059701b1c0bcdab78bb72dc252fce9eab16147819587238cacbdbf7b794cf
Referenced In Project/Scope: Camel Integration:compile
spring-core-6.1.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

CVE-2024-38820  

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase() has some Locale dependent exceptions that could potentially result in fields not protected as expected.
NVD-CWE-noinfo, CWE-178 Improper Handling of Case Sensitivity

CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:3.9/RC:R/MAV:A

References:

Vulnerable Software & Versions: (show all)

spring-data-commons-3.3.4.jar

Description:

Core Spring concepts underpinning every Spring Data module.

File Path: /Users/tommym/.m2/repository/org/springframework/data/spring-data-commons/3.3.4/spring-data-commons-3.3.4.jar
MD5: cfc6e5fee5e1e6e8984739077de12819
SHA1: f0f6bca5b0cd7d318666e2d3f02726c615334678
SHA256:f44a2d79928fefe9879d76b3ae8141dbc5793cda7930543f295d9394f115a76d
Referenced In Project/Scope: Camel Integration:compile
spring-data-commons-3.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

spring-data-jpa-3.3.4.jar

Description:

Spring Data module for JPA repositories.

File Path: /Users/tommym/.m2/repository/org/springframework/data/spring-data-jpa/3.3.4/spring-data-jpa-3.3.4.jar
MD5: 4041bcb81e2078d07519fe237ab5aaf0
SHA1: f92296e4b6d18f5f79c5e6074da96bf0de2006d3
SHA256:99dade6857529c77afeb83703732c1a37e61c0e0d25ec3d064a0b88b6679b71b
Referenced In Project/Scope: Camel Integration:compile
spring-data-jpa-3.3.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

tomcat-embed-el-10.1.30.jar

Description:

Core Tomcat implementation

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/apache/tomcat/embed/tomcat-embed-el/10.1.30/tomcat-embed-el-10.1.30.jar
MD5: da24b9956c9ed9e5b10b6bedc2de2261
SHA1: 432b176aa50de87c3bbda99b0fe85523abfd1382
SHA256:ee94bb23409ac67cc6c79c0f7c3e61be0262adcf6e4d778bfe292944109f6697
Referenced In Project/Scope: Camel Integration:compile
tomcat-embed-el-10.1.30.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

txw2-4.0.5.jar

Description:

        TXW is a library that allows you to write XML documents.

File Path: /Users/tommym/.m2/repository/org/glassfish/jaxb/txw2/4.0.5/txw2-4.0.5.jar
MD5: 2f5aa7dbd5e326562cff6ce720a1485a
SHA1: f36a4ef12120a9bb06d766d6a0e54b144fd7ed98
SHA256:917355bc451481f30d043b24d123110517966af34383901773882810dca480e5
Referenced In Project/Scope: Camel Integration:runtime
txw2-4.0.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-impl@4.0.0-RC2

Identifiers

CVE-2024-9329  

In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
CWE-601 URL Redirection to Untrusted Site ('Open Redirect'), CWE-233 Improper Handling of Parameters

CVSSv3:
  • Base Score: MEDIUM (6.1)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:2.8/RC:R/MAV:A

References:

Vulnerable Software & Versions:

xmlunit-core-2.9.1.jar

Description:

XMLUnit for Java

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Users/tommym/.m2/repository/org/xmlunit/xmlunit-core/2.9.1/xmlunit-core-2.9.1.jar
MD5: 011288450a3905a7d97e3957b69e713e
SHA1: e5833662d9a1279a37da3ef6f62a1da29fcd68c4
SHA256:7e70f23d4f75e05f0ee79f0f6b9e13b6cf51d34f36c5fc3a6b839429dde1efef
Referenced In Project/Scope: Camel Integration:compile
xmlunit-core-2.9.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.dynamoframework/dynamo-test@4.0.0-RC2

Identifiers

CVE-2024-31573 (OSSINDEX)  

xmlunit-core - XSLT Injection
CWE-1188 Insecure Default Initialization of Resource

CVSSv2:
  • Base Score: HIGH (9.199999809265137)
  • Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:org.xmlunit:xmlunit-core:2.9.1:*:*:*:*:*:*:*



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.