Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 3.1.2
Report Generated On: May 26, 2019 at 09:42:04 +00:00
Dependencies Scanned: 3 (3 unique)
Vulnerable Dependencies: 0
Vulnerabilities Found: 0
Vulnerabilities Suppressed: 0
...
NVD CVE 2002: 16/05/2019 09:15:31
NVD CVE 2003: 24/05/2019 08:15:38
NVD CVE 2004: 16/05/2019 09:15:31
NVD CVE 2005: 24/05/2019 08:15:38
NVD CVE 2006: 23/05/2019 08:15:43
NVD CVE 2007: 25/05/2019 08:15:38
NVD CVE 2008: 25/05/2019 08:15:38
NVD CVE 2009: 24/05/2019 08:15:38
NVD CVE 2010: 24/05/2019 08:15:38
NVD CVE 2011: 23/05/2019 08:15:44
NVD CVE 2012: 25/05/2019 08:15:39
NVD CVE 2013: 25/05/2019 08:15:39
NVD CVE 2014: 25/05/2019 08:15:39
NVD CVE 2015: 25/05/2019 07:45:46
NVD CVE 2016: 25/05/2019 07:45:46
NVD CVE 2017: 25/05/2019 07:45:47
NVD CVE 2018: 25/05/2019 07:45:47
NVD CVE 2019: 26/05/2019 07:15:28
NVD CVE Checked: 26/05/2019 08:05:29
NVD CVE Modified: 26/05/2019 05:15:29
VersionCheckOn: 1558857929499

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	Coordinates	Evidence Count
common-logging-2.2.2.Final.jar	org.gatein.common:common-logging:2.2.2.Final ✓	31
common-common-2.2.2.Final.jar	org.gatein.common:common-common:2.2.2.Final ✓	31
wci-wci-5.3.x-SNAPSHOT.jar	org.exoplatform.gatein.wci:wci-wci:5.3.x-SNAPSHOT	29

Dependencies

common-logging-2.2.2.Final.jar

File Path: /home/ciagent/.m2/repository/org/gatein/common/common-logging/2.2.2.Final/common-logging-2.2.2.Final.jar
MD5: 28b7108ee63899bca08636d360e7df11
SHA1: aee18008518671fb10982c0fe5f7383e98f71c47
Referenced In Project/Scope: eXo PLF:: Social Widget (Resources):runtime

Evidence

Type	Source	Name	Value	Confidence
Vendor	pom	parent-artifactid	common-parent	Low
Vendor	Manifest	implementation-url	www.gatein.org/common-parent/common-logging/	Low
Vendor	Manifest	java-vendor	Oracle Corporation	Medium
Vendor	pom	artifactid	common-logging	Low
Vendor	Manifest	Implementation-Vendor	JBoss by Red Hat	High
Vendor	pom	parent-groupid	org.gatein.common	Medium
Vendor	Manifest	build-timestamp	Mon, 17 Mar 2014 20:43:14 +0100	Low
Vendor	Manifest	os-name	Linux	Medium
Vendor	central	groupid	org.gatein.common	Highest
Vendor	pom	groupid	gatein.common	Highest
Vendor	Manifest	Implementation-Vendor-Id	org.gatein.common	Medium
Vendor	pom	groupid	org.gatein.common	Highest
Vendor	Manifest	specification-vendor	JBoss by Red Hat	Low
Vendor	file	name	common-logging	High
Vendor	pom	name	GateIn - Common component (logging)	High
Product	pom	artifactid	common-logging	Highest
Product	Manifest	implementation-url	www.gatein.org/common-parent/common-logging/	Low
Product	central	artifactid	common-logging	Highest
Product	Manifest	specification-title	GateIn - Common component (logging)	Medium
Product	pom	groupid	gatein.common	Low
Product	Manifest	build-timestamp	Mon, 17 Mar 2014 20:43:14 +0100	Low
Product	Manifest	os-name	Linux	Medium
Product	pom	parent-artifactid	common-parent	Medium
Product	pom	parent-groupid	org.gatein.common	Low
Product	Manifest	Implementation-Title	GateIn - Common component (logging)	High
Product	file	name	common-logging	High
Product	pom	name	GateIn - Common component (logging)	High
Version	Manifest	Implementation-Version	2.2.2.Final	High
Version	pom	version	2.2.2.Final	Highest
Version	file	version	2.2.2	Highest
Version	central	version	2.2.2.Final	Highest

Identifiers

maven: org.gatein.common:common-logging:2.2.2.Final ✓ Confidence:Highest

common-common-2.2.2.Final.jar

File Path: /home/ciagent/.m2/repository/org/gatein/common/common-common/2.2.2.Final/common-common-2.2.2.Final.jar
MD5: 8ce16b5e3991285cd27e553740d09d1f
SHA1: 44522d899e31a5a10dbd70f7b0ca2fe5a614f740
Referenced In Project/Scope: eXo PLF:: Social Widget (Resources):runtime

Evidence

Type	Source	Name	Value	Confidence
Vendor	pom	parent-artifactid	common-parent	Low
Vendor	file	name	common-common	High
Vendor	Manifest	implementation-url	www.gatein.org/common-parent/common-common/	Low
Vendor	Manifest	java-vendor	Oracle Corporation	Medium
Vendor	pom	name	GateIn - Common component (common)	High
Vendor	Manifest	Implementation-Vendor	JBoss by Red Hat	High
Vendor	pom	parent-groupid	org.gatein.common	Medium
Vendor	Manifest	build-timestamp	Mon, 17 Mar 2014 20:43:14 +0100	Low
Vendor	Manifest	os-name	Linux	Medium
Vendor	pom	artifactid	common-common	Low
Vendor	central	groupid	org.gatein.common	Highest
Vendor	pom	groupid	gatein.common	Highest
Vendor	Manifest	Implementation-Vendor-Id	org.gatein.common	Medium
Vendor	pom	groupid	org.gatein.common	Highest
Vendor	Manifest	specification-vendor	JBoss by Red Hat	Low
Product	Manifest	Implementation-Title	GateIn - Common component (common)	High
Product	pom	artifactid	common-common	Highest
Product	file	name	common-common	High
Product	Manifest	implementation-url	www.gatein.org/common-parent/common-common/	Low
Product	pom	name	GateIn - Common component (common)	High
Product	pom	groupid	gatein.common	Low
Product	central	artifactid	common-common	Highest
Product	Manifest	build-timestamp	Mon, 17 Mar 2014 20:43:14 +0100	Low
Product	Manifest	os-name	Linux	Medium
Product	pom	parent-artifactid	common-parent	Medium
Product	pom	parent-groupid	org.gatein.common	Low
Product	Manifest	specification-title	GateIn - Common component (common)	Medium
Version	Manifest	Implementation-Version	2.2.2.Final	High
Version	pom	version	2.2.2.Final	Highest
Version	file	version	2.2.2	Highest
Version	central	version	2.2.2.Final	Highest

Identifiers

maven: org.gatein.common:common-common:2.2.2.Final ✓ Confidence:Highest

wci-wci-5.3.x-SNAPSHOT.jar

File Path: /home/ciagent/.m2/repository/org/exoplatform/gatein/wci/wci-wci/5.3.x-SNAPSHOT/wci-wci-5.3.x-SNAPSHOT.jar
MD5: 2ab001252fa543ff2b30839d5d8b60ec
SHA1: 70f414374362f77fa7ec7a35797e32395bbf36ee
Referenced In Project/Scope: eXo PLF:: Social Widget (Resources):runtime

Evidence

Type	Source	Name	Value	Confidence
Vendor	pom	parent-groupid	org.exoplatform.gatein.wci	Medium
Vendor	pom	groupid	org.exoplatform.gatein.wci	Highest
Vendor	Manifest	java-vendor	Oracle Corporation	Medium
Vendor	Manifest	Implementation-Vendor	JBoss by Red Hat	High
Vendor	pom	groupid	exoplatform.gatein.wci	Highest
Vendor	Manifest	os-name	Linux	Medium
Vendor	file	name	wci-wci	High
Vendor	Manifest	implementation-url	www.gatein.org/wci-parent/wci-wci/	Low
Vendor	Manifest	specification-vendor	JBoss by Red Hat	Low
Vendor	pom	parent-artifactid	wci-parent	Low
Vendor	Manifest	build-timestamp	Thu, 23 May 2019 09:57:20 +0000	Low
Vendor	Manifest	Implementation-Vendor-Id	org.exoplatform.gatein.wci	Medium
Vendor	pom	artifactid	wci-wci	Low
Vendor	pom	name	GateIn - Web Container Integration component (wci)	High
Product	file	name	wci-wci	High
Product	pom	groupid	exoplatform.gatein.wci	Low
Product	Manifest	implementation-url	www.gatein.org/wci-parent/wci-wci/	Low
Product	pom	artifactid	wci-wci	Highest
Product	Manifest	Implementation-Title	GateIn - Web Container Integration component (wci)	High
Product	Manifest	specification-title	GateIn - Web Container Integration component (wci)	Medium
Product	pom	parent-groupid	org.exoplatform.gatein.wci	Low
Product	Manifest	build-timestamp	Thu, 23 May 2019 09:57:20 +0000	Low
Product	pom	parent-artifactid	wci-parent	Medium
Product	Manifest	os-name	Linux	Medium
Product	pom	name	GateIn - Web Container Integration component (wci)	High
Version	file	version	5.3	Highest
Version	pom	version	5.3.x-20190523.095728-1	Highest
Version	pom	version	5.3.x-SNAPSHOT	Highest
Version	Manifest	Implementation-Version	5.3.x-SNAPSHOT	High

Identifiers

maven: org.exoplatform.gatein.wci:wci-wci:5.3.x-SNAPSHOT Confidence:High

How to read the report | Suppressing false positives | Getting Help: google group | github issues

Project: eXo PLF:: Social Widget (Resources)

org.exoplatform.social:social-extras-widget-resources:5.3.x-SNAPSHOT

Dependencies

common-logging-2.2.2.Final.jar

Evidence

Identifiers

common-common-2.2.2.Final.jar

Evidence

Identifiers

wci-wci-5.3.x-SNAPSHOT.jar

Evidence

Identifiers