Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 1.2.11
Report Generated On: Jul 12, 2015 at 23:30:14 EDT
Dependencies Scanned: 60
Vulnerable Dependencies: 1
Vulnerabilities Found: 3
Vulnerabilities Suppressed: 0
...
CurrentEngineRelease:
NVD CVE 2002: 11/02/2015 21:51:09
NVD CVE 2003: 15/04/2015 05:23:13
NVD CVE 2004: 11/06/2015 04:59:25
NVD CVE 2005: 01/07/2015 05:28:20
NVD CVE 2006: 14/05/2015 05:46:37
NVD CVE 2007: 17/03/2015 05:50:14
NVD CVE 2008: 04/06/2015 06:31:11
NVD CVE 2009: 03/07/2015 04:29:23
NVD CVE 2010: 20/06/2015 05:08:21
NVD CVE 2011: 04/06/2015 05:36:48
NVD CVE 2012: 20/06/2015 04:25:12
NVD CVE 2013: 06/07/2015 04:23:13
NVD CVE 2014: 09/07/2015 03:49:47
NVD CVE 2015: 09/07/2015 03:13:12
NVD CVE Modified: 12/07/2015 20:06:48
VersionCheckOn: 1436492708243

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	CPE	GAV	Highest Severity	CVE Count	CPE Confidence	Evidence Count
guava-18.0.jar		com.google.guava:guava:18.0		0		18
javax.annotation-api-1.2.jar		javax.annotation:javax.annotation-api:1.2		0		21
javax.el-api-3.0.1-b04.jar		javax.el:javax.el-api:3.0.1-b04		0		20
javax.servlet-api-3.1.0.jar		javax.servlet:javax.servlet-api:3.1.0		0		21
javax.servlet.jsp-api-2.3.2-b01.jar	cpe:/a:oracle:jsp:2.3.2.b01	javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b01		0	LOW	19
jstl-api-1.2.jar		javax.servlet.jsp.jstl:jstl-api:1.2		0		12
javax.transaction-api-1.2.jar		javax.transaction:javax.transaction-api:1.2		0		21
javax.websocket-api-1.0.jar		javax.websocket:javax.websocket-api:1.0		0		18
jna-platform-4.1.0.jar		net.java.dev.jna:jna-platform:4.1.0		0		21
jna-4.1.0.jar		net.java.dev.jna:jna:4.1.0		0		23
jna-4.1.0.jar: jnidispatch.dll				0		1
jna-4.1.0.jar: jnidispatch.dll				0		1
jna-4.1.0.jar: jnidispatch.dll				0		1
ecj-4.4.2.jar		org.eclipse.jdt.core.compiler:ecj:4.4.2		0		15
http2-hpack-9.3.0.v20150612.jar	cpe:/a:jetty:jetty:9.3.0.v20150612	org.eclipse.jetty.http2:http2-hpack:9.3.0.v20150612		0	LOW	15
http2-server-9.3.0.v20150612.jar	cpe:/a:jetty:jetty:9.3.0.v20150612 cpe:/a:jetty:jetty_http_server:9.3.0.v20150612	org.eclipse.jetty.http2:http2-server:9.3.0.v20150612		0	LOW	15
jetty-io-9.3.0.v20150612.jar	cpe:/a:jetty:jetty:9.3.0.v20150612	org.eclipse.jetty:jetty-io:9.3.0.v20150612		0	LOW	14
javax.activation-1.1.0.v201105071233.jar	cpe:/a:jetty:jetty:1.1.0.v20110507	org.eclipse.jetty.orbit:javax.activation:1.1.0.v201105071233		0	LOW	15
javax.mail.glassfish-1.4.1.v201005082020.jar	cpe:/a:jetty:jetty:1.4.1.v20100508	org.eclipse.jetty.orbit:javax.mail.glassfish:1.4.1.v201005082020		0	LOW	15
javax.security.auth.message-1.0.0.v201108011116.jar	cpe:/a:jetty:jetty:1.0.0.v20110801	org.eclipse.jetty.orbit:javax.security.auth.message:1.0.0.v201108011116		0	LOW	19
javax-websocket-client-impl-9.3.0.v20150612.jar	cpe:/a:jetty:jetty:9.3.0.v20150612	org.eclipse.jetty.websocket:javax-websocket-client-impl:9.3.0.v20150612		0	LOW	14
websocket-api-9.3.0.v20150612.jar	cpe:/a:jetty:jetty:9.3.0.v20150612	org.eclipse.jetty.websocket:websocket-api:9.3.0.v20150612		0	LOW	15
javax.el-3.0.1-b08.jar		org.glassfish:javax.el:3.0.1-b08		0		24
javax.servlet.jsp.jstl-1.2.4.jar	cpe:/a:oracle:glassfish:1.2.4 cpe:/a:oracle:glassfish_server:1.2.4	org.glassfish.web:javax.servlet.jsp.jstl:1.2.4	Medium	3	LOW	26
javax.servlet.jsp-2.3.3-b02.jar	cpe:/a:oracle:jsp:2.3.3.b02	org.glassfish.web:javax.servlet.jsp:2.3.3-b02		0	LOW	20
asm-commons-5.0.1.jar		org.ow2.asm:asm-commons:5.0.1		0		19
asm-tree-5.0.1.jar		org.ow2.asm:asm-tree:5.0.1		0		19
asm-5.0.1.jar		org.ow2.asm:asm:5.0.1		0		18
jcl-over-slf4j-1.7.12.jar		org.slf4j:jcl-over-slf4j:1.7.12		0		17
slf4j-api-1.7.12.jar		org.slf4j:slf4j-api:1.7.12		0		17

Dependencies

guava-18.0.jar

Description: Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more. Guava has only one code dependency - javax.annotation, per the JSR-305 spec.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\guava\18.0\guava-18.0.jar
MD5: 947641f6bb535b1d942d1bc387c45290
SHA1: cce0823396aa693798f8882e64213b1772032b09
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	guava
central	groupid	com.google.guava
file	name	guava-18.0
jar	package name	collect
jar	package name	google
jar	package name	io
jar	package name	util
manifest	Bundle-Description	Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more. Guava has only one code dependency - javax.annotation, per the JSR-305 spec.
Manifest	bundle-docurl	https://guava-libraries.googlecode.com/
Manifest	Bundle-Name	Guava: Google Core Libraries for Java
Manifest	bundle-symbolicname	com.google.guava
pom	artifactid	guava
pom	description	Guava is a suite of core and expanded libraries that include utility classes, google's collections, io classes, and much much more. Guava has only one code dependency - javax.annotation, per the JSR-305 spec.
pom	groupid	com.google.guava
pom	groupid	google.guava
pom	name	Guava: Google Core Libraries for Java
pom	parent-artifactid	guava-parent
pom	parent-groupid	com.google.guava

Identifiers

maven: com.google.guava:guava:18.0 Confidence:HIGHEST

javax.annotation-api-1.2.jar

Description: Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\javax\annotation\javax.annotation-api\1.2\javax.annotation-api-1.2.jar
MD5: 75fe320d2b3763bd6883ae1ede35e987
SHA1: 479c1e06db31c432330183f5cae684163f186146
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.annotation-api
central	groupid	javax.annotation
file	name	javax.annotation-api-1.2
jar	package name	annotation
jar	package name	javax
manifest	Bundle-Description	Java(TM) Common Annotations 1.2 API Design Specification
Manifest	bundle-docurl	https://glassfish.java.net
Manifest	Bundle-Name	javax.annotation API
Manifest	bundle-symbolicname	javax.annotation-api
Manifest	Bundle-Vendor	GlassFish Community
Manifest	extension-name	javax.annotation
Manifest	Implementation-Vendor	GlassFish Community
Manifest	Implementation-Vendor-Id	org.glassfish
Manifest	specification-vendor	Oracle Corporation
pom	artifactid	javax.annotation-api
pom	description	Common Annotations for the JavaTM Platform API
pom	groupid	javax.annotation
pom	name	${extension.name} API
pom	organization name	https://glassfish.java.net
pom	parent-artifactid	jvnet-parent
pom	parent-groupid	net.java

Related Dependencies

Identifiers

maven: javax.annotation:javax.annotation-api:1.2 Confidence:HIGHEST

javax.el-api-3.0.1-b04.jar

Description: Expression Language 3.0 API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\javax\el\javax.el-api\3.0.1-b04\javax.el-api-3.0.1-b04.jar
MD5: fe9f96efeb44172a4e8a54a81c93f39d
SHA1: 8c0c970b8deae5054ff0bf4b17979c8181a506d3
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.el-api
central	groupid	javax.el
file	name	javax.el-api-3.0.1-b04
jar	package name	el
jar	package name	expression
jar	package name	javax
manifest	Bundle-Description	Expression Language 3.0 API
Manifest	bundle-docurl	http://glassfish.org
Manifest	Bundle-Name	Expression Language 3.0 API
Manifest	bundle-symbolicname	javax.el-api
Manifest	Bundle-Vendor	GlassFish Community
Manifest	extension-name	javax.el
Manifest	Implementation-Vendor	Oracle Corporation
Manifest	specification-vendor	Oracle Corporation
pom	artifactid	javax.el-api
pom	groupid	javax.el
pom	name	Expression Language 3.0 API
pom	organization name	http://glassfish.org
pom	parent-artifactid	jvnet-parent
pom	parent-groupid	net.java

Identifiers

maven: javax.el:javax.el-api:3.0.1-b04 Confidence:HIGHEST

javax.servlet-api-3.1.0.jar

Description: Java(TM) Servlet 3.1 API Design Specification

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\javax\servlet\javax.servlet-api\3.1.0\javax.servlet-api-3.1.0.jar
MD5: 79de69e9f5ed8c7fcb8342585732bbf7
SHA1: 3cd63d075497751784b2fa84be59432f4905bf7c
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.servlet-api
central	groupid	javax.servlet
file	name	javax.servlet-api-3.1.0
jar	package name	http
jar	package name	javax
jar	package name	servlet
manifest	Bundle-Description	Java(TM) Servlet 3.1 API Design Specification
Manifest	bundle-docurl	https://glassfish.dev.java.net
Manifest	Bundle-Name	Java Servlet API
Manifest	bundle-symbolicname	javax.servlet-api
Manifest	Bundle-Vendor	GlassFish Community
Manifest	extension-name	javax.servlet
Manifest	Implementation-Vendor	GlassFish Community
Manifest	Implementation-Vendor-Id	org.glassfish
Manifest	specification-vendor	Oracle Corporation
pom	artifactid	javax.servlet-api
pom	groupid	javax.servlet
pom	name	Java Servlet API
pom	organization name	https://glassfish.dev.java.net
pom	parent-artifactid	jvnet-parent
pom	parent-groupid	net.java

Related Dependencies

Identifiers

maven: javax.servlet:javax.servlet-api:3.1.0 Confidence:HIGHEST

javax.servlet.jsp-api-2.3.2-b01.jar

Description: Java.net - The Source for Java Technology Collaboration

License:

CDDL + GPLv2 with classpath exception: http://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\javax\servlet\jsp\javax.servlet.jsp-api\2.3.2-b01\javax.servlet.jsp-api-2.3.2-b01.jar
MD5: c02166e3637f58f6625d2e62b46c9247
SHA1: 070de11e93085f225d04803e14ee76b93744f5f4
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.servlet.jsp-api
central	groupid	javax.servlet.jsp
central	version	2.3.2-b01
file	name	2.3.2.b01
file	name	javax.servlet.jsp-api-2.3.2-b01
jar	package name	javax
jar	package name	jsp
jar	package name	servlet
Manifest	Bundle-Vendor	GlassFish Community
Manifest	Bundle-Version	2.3.2.b01
Manifest	Implementation-Vendor	Oracle Corporation
Manifest	Implementation-Version	2.3.2-b01
Manifest	specification-version	2.3
pom	artifactid	javax.servlet.jsp-api
pom	groupid	javax.servlet.jsp
pom	name	JavaServer Pages(TM) API
pom	organization name	http://glassfish.org
pom	parent-version	2.3.2-b01
pom	version	2.3.2-b01

Identifiers

cpe: cpe:/a:oracle:jsp:2.3.2.b01 Confidence:LOW
maven: javax.servlet.jsp:javax.servlet.jsp-api:2.3.2-b01 Confidence:HIGHEST

jstl-api-1.2.jar

File Path: C:\Users\Jeremy\.m2\repository\javax\servlet\jsp\jstl\jstl-api\1.2\jstl-api-1.2.jar
MD5: 7fe4f9829d305ef5b257bfc52e0e97db
SHA1: f9a034c1ca1f79c03bb461805a688f944544d138
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	jstl-api
central	groupid	javax.servlet.jsp.jstl
file	name	jstl-api-1.2
jar	package name	javax
jar	package name	jsp
jar	package name	jstl
jar	package name	servlet
pom	artifactid	jstl-api
pom	groupid	javax.servlet.jsp.jstl
pom	name	JavaServer Pages(TM) Standard Tag Library
pom	parent-artifactid	jstl
pom	parent-groupid	org.glassfish.web

Identifiers

maven: javax.servlet.jsp.jstl:jstl-api:1.2 Confidence:HIGHEST

javax.transaction-api-1.2.jar

Description: Project GlassFish Java Transaction API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\javax\transaction\javax.transaction-api\1.2\javax.transaction-api-1.2.jar
MD5: 2dfee184286530e726ad155816e15b4c
SHA1: d81aff979d603edd90dcd8db2abc1f4ce6479e3e
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.transaction-api
central	groupid	javax.transaction
file	name	javax.transaction-api-1.2
jar	package name	javax
jar	package name	transaction
manifest	Bundle-Description	Java(TM) JTA 1.2 API Design Specification
Manifest	bundle-docurl	https://glassfish.java.net
Manifest	Bundle-Name	javax.transaction API
Manifest	bundle-symbolicname	javax.transaction-api
Manifest	Bundle-Vendor	GlassFish Community
Manifest	extension-name	javax.transaction
Manifest	Implementation-Vendor	GlassFish Community
Manifest	Implementation-Vendor-Id	org.glassfish
Manifest	specification-vendor	Oracle Corporation
pom	artifactid	javax.transaction-api
pom	description	Project GlassFish Java Transaction API
pom	groupid	javax.transaction
pom	name	${extension.name} API
pom	organization name	https://glassfish.java.net
pom	parent-artifactid	jvnet-parent
pom	parent-groupid	net.java

Identifiers

maven: javax.transaction:javax.transaction-api:1.2 Confidence:HIGHEST

javax.websocket-api-1.0.jar

Description: JSR 356: Java API for WebSocket

License:

https://glassfish.java.net/public/CDDL+GPL_1_1.html

File Path: C:\Users\Jeremy\.m2\repository\javax\websocket\javax.websocket-api\1.0\javax.websocket-api-1.0.jar
MD5: 510563ac69503be2d6cbb6d492a8027b
SHA1: fc843b649d4a1dcb0497669d262befa3918c7ba8
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.websocket-api
central	groupid	javax.websocket
file	name	javax.websocket-api-1.0
jar	package name	javax
jar	package name	server
jar	package name	websocket
manifest	Bundle-Description	JSR 356: Java API for WebSocket
Manifest	bundle-docurl	http://www.oracle.com
Manifest	Bundle-Name	WebSocket server API
Manifest	bundle-symbolicname	javax.websocket-api
Manifest	Bundle-Vendor	Oracle
Manifest	extension-name	javax.websocket
Manifest (hint)	Bundle-Vendor	sun
pom	artifactid	javax.websocket-api
pom	description	JSR 356: Java API for WebSocket
pom	groupid	javax.websocket
pom	name	WebSocket server API
pom	parent-artifactid	javax.websocket-all

Related Dependencies

Identifiers

maven: javax.websocket:javax.websocket-api:1.0 Confidence:HIGHEST

jna-platform-4.1.0.jar

Description: Java Native Access Platform

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/

File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna-platform\4.1.0\jna-platform-4.1.0.jar
MD5: 533e404eda70bbf8e40de134ffeec95b
SHA1: 23457ad1cf75c2c16763330de5565a0e67b4bc0a
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	jna-platform
central	groupid	net.java.dev.jna
file	name	jna-platform-4.1.0
jar	package name	jna
jar	package name	platform
jar	package name	sun
jar (hint)	package name	oracle
manifest	Bundle-Description	JNA Platform Library
Manifest	Bundle-Name	jna-platform
Manifest	bundle-requiredexecutionenvironment	J2SE-1.4
Manifest	bundle-symbolicname	com.sun.jna.platform
Manifest	Bundle-Vendor	JNA Development Team
Manifest	Implementation-Title	com.sun.jna.platform
Manifest	Implementation-Vendor	JNA Development Team
Manifest	require-bundle	com.sun.jna;bundle-version="4.1.0"
Manifest	specification-title	Java Native Access (JNA)
Manifest	specification-vendor	JNA Development Team
pom	artifactid	jna-platform
pom	description	Java Native Access Platform
pom	groupid	net.java.dev.jna
pom	name	Java Native Access Platform

Identifiers

maven: net.java.dev.jna:jna-platform:4.1.0 Confidence:HIGHEST

jna-4.1.0.jar

Description: Java Native Access

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/

File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\4.1.0\jna-4.1.0.jar
MD5: b0e08c9936dc52aa40439c71fcad6297
SHA1: 1c12d070e602efd8021891cdd7fd18bc129372d4
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	jna
central	groupid	net.java.dev.jna
file	name	jna-4.1.0
jar	package name	jna
jar	package name	library
jar	package name	native
jar	package name	sun
jar	package name	win32
jar (hint)	package name	oracle
manifest	Bundle-Description	JNA Library
Manifest	Bundle-Name	jna
Manifest	bundle-nativecode	com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin/libjnidispatch.jnilib; osname=macosx;processor=x86;processor=x86-64;processor=ppc
Manifest	bundle-requiredexecutionenvironment	J2SE-1.4
Manifest	bundle-symbolicname	com.sun.jna
Manifest	Bundle-Vendor	JNA Development Team
Manifest	Implementation-Title	com.sun.jna
Manifest	Implementation-Vendor	JNA Development Team
Manifest	specification-title	Java Native Access (JNA)
Manifest	specification-vendor	JNA Development Team
pom	artifactid	jna
pom	description	Java Native Access
pom	groupid	net.java.dev.jna
pom	name	Java Native Access

Identifiers

maven: net.java.dev.jna:jna:4.1.0 Confidence:HIGHEST

jna-4.1.0.jar: jnidispatch.dll

File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\4.1.0\jna-4.1.0.jar\com\sun\jna\w32ce-arm\jnidispatch.dll
MD5: 57697cbdd321ae7d06f5da04e821f908
SHA1: 67167f2b2fce8db5f9f64a372b0da54730d3ee51

Evidence

Source	Name	Value
file	name	jnidispatch

Identifiers

None

jna-4.1.0.jar: jnidispatch.dll

File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\4.1.0\jna-4.1.0.jar\com\sun\jna\win32-x86-64\jnidispatch.dll
MD5: 06b2f1f909d2436dff20d7a668ef26a9
SHA1: bd1bdda9a91f3b0d9067e323f7394bef933f81f6

Evidence

Source	Name	Value
file	name	jnidispatch

Identifiers

None

jna-4.1.0.jar: jnidispatch.dll

File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\4.1.0\jna-4.1.0.jar\com\sun\jna\win32-x86\jnidispatch.dll
MD5: 05a72ada9247aeb114a9ef01a394b6c4
SHA1: 8b32cc82740fc62afdf5ea211f1ca8bb72269bbf

Evidence

Source	Name	Value
file	name	jnidispatch

Identifiers

None

ecj-4.4.2.jar

Description: Eclipse JDT Core Batch Compiler

License:

Eclipse Public License v1.0: http://www.eclipse.org/org/documents/epl-v10.php

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jdt\core\compiler\ecj\4.4.2\ecj-4.4.2.jar
MD5: ee97ab38f390547839b950bb51bf5cb5
SHA1: 71d67f5bab9465ec844596ef844f40902ae25392
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	ecj
central	groupid	org.eclipse.jdt.core.compiler
file	name	ecj-4.4.2
jar	package name	compiler
jar	package name	core
jar	package name	eclipse
jar	package name	jdt
Manifest	Bundle-Name	Eclipse Compiler for Java(TM)
Manifest	bundle-symbolicname	org.eclipse.jdt.core.compiler.batch
Manifest	Bundle-Vendor	Eclipse.org
pom	artifactid	ecj
pom	description	Eclipse JDT Core Batch Compiler
pom	groupid	eclipse.jdt.core.compiler
pom	groupid	org.eclipse.jdt.core.compiler
pom	name	Eclipse ECJ

Identifiers

maven: org.eclipse.jdt.core.compiler:ecj:4.4.2 Confidence:HIGHEST

http2-hpack-9.3.0.v20150612.jar

Description: Jetty module for Jetty :: HTTP2 :: HPACK

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\http2\http2-hpack\9.3.0.v20150612\http2-hpack-9.3.0.v20150612.jar
MD5: 40fb6941c08816746cd9409d590cf45e
SHA1: 2939212572cbbce6d8a1aae184b9cf33af4f0c85
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	http2-hpack
central	groupid	org.eclipse.jetty.http2
central	version	9.3.0.v20150612
file	name	9.3.0.v20150612
file	name	http2-hpack-9.3.0.v20150612
jar	package name	eclipse
jar	package name	hpack
jar	package name	http2
jar	package name	jetty
Manifest	Bundle-Version	9.3.0.v20150612
Manifest	Implementation-Version	9.3.0.v20150612
pom	artifactid	http2-hpack
pom	groupid	eclipse.jetty.http2
pom	groupid	org.eclipse.jetty.http2
pom	version	9.3.0.v20150612

Related Dependencies

http2-client-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\http2\http2-client\9.3.0.v20150612\http2-client-9.3.0.v20150612.jar
- SHA1: 1d2baa9c5263b5c103444bb0f1ad2769a5aad5b2
- MD5: 24ad0fc2ecb0ff1c047bfeed14679c23
- maven: org.eclipse.jetty.http2:http2-client:9.3.0.v20150612
http2-common-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\http2\http2-common\9.3.0.v20150612\http2-common-9.3.0.v20150612.jar
- SHA1: 9bb4ff23ba5980c9810aac0308ce9c83529e904f
- MD5: edd54f5fc72a8242ecac663f215fc7a5
- maven: org.eclipse.jetty.http2:http2-common:9.3.0.v20150612

Identifiers

cpe: cpe:/a:jetty:jetty:9.3.0.v20150612 Confidence:LOW
maven: org.eclipse.jetty.http2:http2-hpack:9.3.0.v20150612 Confidence:HIGHEST

http2-server-9.3.0.v20150612.jar

Description: Jetty module for Jetty :: HTTP2 :: Server

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\http2\http2-server\9.3.0.v20150612\http2-server-9.3.0.v20150612.jar
MD5: 42001c06371564079809c5d8c854cd8e
SHA1: 1d2cfd3baedcea2e81ad46e0b83c2ee135dd90eb
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	http2-server
central	groupid	org.eclipse.jetty.http2
central	version	9.3.0.v20150612
file	name	9.3.0.v20150612
file	name	http2-server-9.3.0.v20150612
jar	package name	eclipse
jar	package name	http2
jar	package name	jetty
jar	package name	server
Manifest	Bundle-Version	9.3.0.v20150612
Manifest	Implementation-Version	9.3.0.v20150612
pom	artifactid	http2-server
pom	groupid	eclipse.jetty.http2
pom	groupid	org.eclipse.jetty.http2
pom	version	9.3.0.v20150612

Identifiers

cpe: cpe:/a:jetty:jetty:9.3.0.v20150612 Confidence:LOW
cpe: cpe:/a:jetty:jetty_http_server:9.3.0.v20150612 Confidence:LOW
maven: org.eclipse.jetty.http2:http2-server:9.3.0.v20150612 Confidence:HIGHEST

jetty-io-9.3.0.v20150612.jar

Description: Jetty module for Jetty :: IO Utility

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-io\9.3.0.v20150612\jetty-io-9.3.0.v20150612.jar
MD5: a45f096d55c2a1b4efa108d292af91f2
SHA1: f656fc8a5daaeb180431014b9dc01b205d4ab21e
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	jetty-io
central	groupid	org.eclipse.jetty
central	version	9.3.0.v20150612
file	name	9.3.0.v20150612
file	name	jetty-io-9.3.0.v20150612
jar	package name	eclipse
jar	package name	io
jar	package name	jetty
Manifest	Bundle-Version	9.3.0.v20150612
Manifest	Implementation-Version	9.3.0.v20150612
pom	artifactid	jetty-io
pom	groupid	eclipse.jetty
pom	groupid	org.eclipse.jetty
pom	version	9.3.0.v20150612

Related Dependencies

jetty-all-9.3.0.v20150612-uber.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\aggregate\jetty-all\9.3.0.v20150612\jetty-all-9.3.0.v20150612-uber.jar
- SHA1: 8418d9c0eb43edcf8c185afe7bff9385d8be8b61
- MD5: 5100a48ae522c13ac75059462afaa017
jetty-alpn-client-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-alpn-client\9.3.0.v20150612\jetty-alpn-client-9.3.0.v20150612.jar
- SHA1: 2e682dfac0eb7b01f069d58a6d7a35fb99b2ac6b
- MD5: e535a7eb425d614ed26e928474d9153f
- maven: org.eclipse.jetty:jetty-alpn-client:9.3.0.v20150612
jetty-annotations-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-annotations\9.3.0.v20150612\jetty-annotations-9.3.0.v20150612.jar
- SHA1: 517b464cae710119fc063d5fbde5029b25052067
- MD5: 2208e7ad9930576c711e3a750b80fdaf
- maven: org.eclipse.jetty:jetty-annotations:9.3.0.v20150612
jetty-client-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-client\9.3.0.v20150612\jetty-client-9.3.0.v20150612.jar
- SHA1: c7145e18434eaa5619881669e71f72b6291f2e61
- MD5: e0c05ec4d2a3f62df35e9261b686e23e
- maven: org.eclipse.jetty:jetty-client:9.3.0.v20150612
jetty-continuation-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-continuation\9.3.0.v20150612\jetty-continuation-9.3.0.v20150612.jar
- SHA1: 22d1b3995a6bbbf990754920bf16a124bf0f0d2e
- MD5: 5d7994fcde7daf946633fcfb8c992947
- maven: org.eclipse.jetty:jetty-continuation:9.3.0.v20150612
jetty-deploy-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-deploy\9.3.0.v20150612\jetty-deploy-9.3.0.v20150612.jar
- SHA1: 9581a235b23831c489544830dbcb424fffa897a2
- MD5: e69e5a911965620f0368bc17922b5fb4
- maven: org.eclipse.jetty:jetty-deploy:9.3.0.v20150612
jetty-http-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-http\9.3.0.v20150612\jetty-http-9.3.0.v20150612.jar
- SHA1: 9f25873cc687a61288462559a84f89cda4831316
- MD5: 8d9663223f3284c276360c0d328683ca
- maven: org.eclipse.jetty:jetty-http:9.3.0.v20150612
jetty-jaspi-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-jaspi\9.3.0.v20150612\jetty-jaspi-9.3.0.v20150612.jar
- SHA1: 1f2cb1aa3de467247dd2e64b1461ae18e433e921
- MD5: a0fb75897b117bd87168df3484a412de
- maven: org.eclipse.jetty:jetty-jaspi:9.3.0.v20150612
jetty-jmx-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-jmx\9.3.0.v20150612\jetty-jmx-9.3.0.v20150612.jar
- SHA1: 96b55286cff22ff8ecc5eefe8a95f4059f164d7b
- MD5: 8cc4550a909ef4face15b3beb706766e
- maven: org.eclipse.jetty:jetty-jmx:9.3.0.v20150612
jetty-jndi-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-jndi\9.3.0.v20150612\jetty-jndi-9.3.0.v20150612.jar
- SHA1: 8f87670201c4e477c52519ca281b727527578506
- MD5: 1e616287e2e557180fe6147e0ac71008
- maven: org.eclipse.jetty:jetty-jndi:9.3.0.v20150612
jetty-plus-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-plus\9.3.0.v20150612\jetty-plus-9.3.0.v20150612.jar
- SHA1: 98108bf1e9f241f153686d567473214c44f9453c
- MD5: b1af5e4461b61b948bf518f8000f5df1
- maven: org.eclipse.jetty:jetty-plus:9.3.0.v20150612
jetty-quickstart-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-quickstart\9.3.0.v20150612\jetty-quickstart-9.3.0.v20150612.jar
- SHA1: 26ec4f3c2b21aa8db8d44926991644c347582826
- MD5: 21faa83ba47d4a9f4f71b994db3939c8
- maven: org.eclipse.jetty:jetty-quickstart:9.3.0.v20150612
jetty-rewrite-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-rewrite\9.3.0.v20150612\jetty-rewrite-9.3.0.v20150612.jar
- SHA1: 328c7e9edf31e19e240436414ca125e3e61061f4
- MD5: b867b4e432f09f5848788bf6601196ea
- maven: org.eclipse.jetty:jetty-rewrite:9.3.0.v20150612
jetty-security-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-security\9.3.0.v20150612\jetty-security-9.3.0.v20150612.jar
- SHA1: cd43cad427ac013ad0c20c7a703b26f32a19749a
- MD5: fb246e2d8e8967d2ddb43ac7592f0d8f
- maven: org.eclipse.jetty:jetty-security:9.3.0.v20150612
jetty-server-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-server\9.3.0.v20150612\jetty-server-9.3.0.v20150612.jar
- SHA1: cdad74e5eaefd21d64cb77770733f4dab4706694
- MD5: 1fbffa810003a5cf4f31918f2dd09dbf
- maven: org.eclipse.jetty:jetty-server:9.3.0.v20150612
jetty-servlet-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-servlet\9.3.0.v20150612\jetty-servlet-9.3.0.v20150612.jar
- SHA1: 6e06ad45a0e3ffee927d91f2dcac0dfb2df3935a
- MD5: 4d9f8572e2024d543a2dae97d29063d0
- maven: org.eclipse.jetty:jetty-servlet:9.3.0.v20150612
jetty-servlets-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-servlets\9.3.0.v20150612\jetty-servlets-9.3.0.v20150612.jar
- SHA1: 21ee645d00e34252bfa0ef9bde581a49506e2a44
- MD5: a4808d3ef230b24ae616a86f3cbc69be
- maven: org.eclipse.jetty:jetty-servlets:9.3.0.v20150612
jetty-util-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-util\9.3.0.v20150612\jetty-util-9.3.0.v20150612.jar
- SHA1: 129d64d682340409c695402aad5090a87900d988
- MD5: f4c8c2c931ebbd2f6615c60d93a02bb7
- maven: org.eclipse.jetty:jetty-util:9.3.0.v20150612
jetty-webapp-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-webapp\9.3.0.v20150612\jetty-webapp-9.3.0.v20150612.jar
- SHA1: 70b006980b9572e4a7296ce95a8229105e77b088
- MD5: 8cbc27933e8ea98dad8c00bf5c8abc64
- maven: org.eclipse.jetty:jetty-webapp:9.3.0.v20150612
jetty-xml-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-xml\9.3.0.v20150612\jetty-xml-9.3.0.v20150612.jar
- SHA1: 23b12c3626943344694b0e5aa55bcd607845c316
- MD5: 8ce83782003b08fef85a3c8c3188c9b3
- maven: org.eclipse.jetty:jetty-xml:9.3.0.v20150612

Identifiers

cpe: cpe:/a:jetty:jetty:9.3.0.v20150612 Confidence:LOW
maven: org.eclipse.jetty:jetty-io:9.3.0.v20150612 Confidence:HIGHEST

javax.activation-1.1.0.v201105071233.jar

Description: This artifact originates from the Orbit Project at Eclipse, it is an osgi bundle and is signed as well.

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\orbit\javax.activation\1.1.0.v201105071233\javax.activation-1.1.0.v201105071233.jar
MD5: 1402e9e48aa8bd79196b9a509be492ea
SHA1: b394a9fbf664ca835452b3ced452710bcf79fd81
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.activation
central	groupid	org.eclipse.jetty.orbit
central	version	1.1.0.v201105071233
file	name	1.1.0.v20110507
file	name	javax.activation-1.1.0.v201105071233
jar	package name	activation
jar	package name	javax
Manifest	Bundle-Vendor	%Bundle-Vendor.0
Manifest	Bundle-Version	1.1.0.v201105071233
pom	artifactid	javax.activation
pom	groupid	eclipse.jetty.orbit
pom	groupid	org.eclipse.jetty.orbit
pom	name	Jetty Orbit :: Activation
pom	parent-version	1.1.0.v201105071233
pom	version	1.1.0.v201105071233

Identifiers

cpe: cpe:/a:jetty:jetty:1.1.0.v20110507 Confidence:LOW
maven: org.eclipse.jetty.orbit:javax.activation:1.1.0.v201105071233 Confidence:HIGHEST

javax.mail.glassfish-1.4.1.v201005082020.jar

Description: This artifact originates from the Orbit Project at Eclipse, it is an osgi bundle and is signed as well.

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\orbit\javax.mail.glassfish\1.4.1.v201005082020\javax.mail.glassfish-1.4.1.v201005082020.jar
MD5: 4338c1dd7b00b31633ca1067d0685255
SHA1: b707c39fc080529c4a9ffc1df4eac58421133aaf
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.mail.glassfish
central	groupid	org.eclipse.jetty.orbit
central	version	1.4.1.v201005082020
file	name	1.4.1.v20100508
file	name	javax.mail.glassfish-1.4.1.v201005082020
jar	package name	javax
jar	package name	mail
Manifest	Bundle-Vendor	%Bundle-Vendor.0
Manifest	Bundle-Version	1.4.1.v201005082020
pom	artifactid	javax.mail.glassfish
pom	groupid	eclipse.jetty.orbit
pom	groupid	org.eclipse.jetty.orbit
pom	name	Jetty Orbit :: Glassfish Mail
pom	parent-version	1.4.1.v201005082020
pom	version	1.4.1.v201005082020

Identifiers

cpe: cpe:/a:jetty:jetty:1.4.1.v20100508 Confidence:LOW
maven: org.eclipse.jetty.orbit:javax.mail.glassfish:1.4.1.v201005082020 Confidence:HIGHEST

javax.security.auth.message-1.0.0.v201108011116.jar

Description: This artifact originates from the Orbit Project at Eclipse, it is an osgi bundle and is signed as well.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\orbit\javax.security.auth.message\1.0.0.v201108011116\javax.security.auth.message-1.0.0.v201108011116.jar
MD5: 4d19b63b9722a19e19f5d374b3cec353
SHA1: 864ac89e01622b020fa2104bfda379692146b3b6
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.security.auth.message
central	groupid	org.eclipse.jetty.orbit
central	version	1.0.0.v201108011116
file	name	1.0.0.v20110801
file	name	javax.security.auth.message-1.0.0.v201108011116
jar	package name	auth
jar	package name	javax
jar	package name	message
jar	package name	security
Manifest	Bundle-Vendor	%bundleProvider
Manifest	Bundle-Version	1.0.0.v201108011116
Manifest	Implementation-Title	Java Authentication SPI for Containers
Manifest	Implementation-Version	1.0
pom	artifactid	javax.security.auth.message
pom	groupid	eclipse.jetty.orbit
pom	groupid	org.eclipse.jetty.orbit
pom	name	Jetty Orbit :: JASPI API
pom	parent-version	1.0.0.v201108011116
pom	version	1.0.0.v201108011116

Identifiers

cpe: cpe:/a:jetty:jetty:1.0.0.v20110801 Confidence:LOW
maven: org.eclipse.jetty.orbit:javax.security.auth.message:1.0.0.v201108011116 Confidence:HIGHEST

javax-websocket-client-impl-9.3.0.v20150612.jar

Description: javax.websocket.client Implementation

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\websocket\javax-websocket-client-impl\9.3.0.v20150612\javax-websocket-client-impl-9.3.0.v20150612.jar
MD5: 9b4ce8cabb8a3a799acfe948c8baf971
SHA1: b693ca672f6c5b2b86c71243d905a3f583e3e8fe
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax-websocket-client-impl
central	groupid	org.eclipse.jetty.websocket
central	version	9.3.0.v20150612
file	name	9.3.0.v20150612
file	name	javax-websocket-client-impl-9.3.0.v20150612
jar	package name	eclipse
jar	package name	jetty
jar	package name	websocket
Manifest	Bundle-Version	9.3.0.v20150612
Manifest	Implementation-Version	9.3.0.v20150612
pom	artifactid	javax-websocket-client-impl
pom	groupid	eclipse.jetty.websocket
pom	groupid	org.eclipse.jetty.websocket
pom	version	9.3.0.v20150612

Related Dependencies

Identifiers

cpe: cpe:/a:jetty:jetty:9.3.0.v20150612 Confidence:LOW
maven: org.eclipse.jetty.websocket:javax-websocket-client-impl:9.3.0.v20150612 Confidence:HIGHEST

websocket-api-9.3.0.v20150612.jar

Description: Jetty module for Jetty :: Websocket :: API

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php

File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\websocket\websocket-api\9.3.0.v20150612\websocket-api-9.3.0.v20150612.jar
MD5: 39600569d3ea428440cda296c01cccaf
SHA1: d3a4607cbf60d1109a073f995d08fb20c389b22d
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	websocket-api
central	groupid	org.eclipse.jetty.websocket
central	version	9.3.0.v20150612
file	name	9.3.0.v20150612
file	name	websocket-api-9.3.0.v20150612
jar	package name	api
jar	package name	eclipse
jar	package name	jetty
jar	package name	websocket
Manifest	Bundle-Version	9.3.0.v20150612
Manifest	Implementation-Version	9.3.0.v20150612
pom	artifactid	websocket-api
pom	groupid	eclipse.jetty.websocket
pom	groupid	org.eclipse.jetty.websocket
pom	version	9.3.0.v20150612

Related Dependencies

websocket-client-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\websocket\websocket-client\9.3.0.v20150612\websocket-client-9.3.0.v20150612.jar
- SHA1: 2d6f70ae6697e1fbf10ed1c7ce2c62e37f89c6a6
- MD5: c2cd60f73670801bb58a4b2c1a8ec5ff
- maven: org.eclipse.jetty.websocket:websocket-client:9.3.0.v20150612
websocket-common-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\websocket\websocket-common\9.3.0.v20150612\websocket-common-9.3.0.v20150612.jar
- SHA1: 68370030017a4d94c88283063afaf11ea447daa0
- MD5: ed8fb409ba36047925e0609874da161b
- maven: org.eclipse.jetty.websocket:websocket-common:9.3.0.v20150612
websocket-server-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\websocket\websocket-server\9.3.0.v20150612\websocket-server-9.3.0.v20150612.jar
- SHA1: 6976c1813ca9e64eb4d719000d6cc78d1a42614a
- MD5: dd4d319aa7018a0dfd3622bc51e3063b
- maven: org.eclipse.jetty.websocket:websocket-server:9.3.0.v20150612
websocket-servlet-9.3.0.v20150612.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\websocket\websocket-servlet\9.3.0.v20150612\websocket-servlet-9.3.0.v20150612.jar
- SHA1: 6116b44c58e33306a94b73f832c486056e71ceca
- MD5: 9323b24a750490bc83e0bc8c838b2893
- maven: org.eclipse.jetty.websocket:websocket-servlet:9.3.0.v20150612

Identifiers

cpe: cpe:/a:jetty:jetty:9.3.0.v20150612 Confidence:LOW
maven: org.eclipse.jetty.websocket:websocket-api:9.3.0.v20150612 Confidence:HIGHEST

javax.el-3.0.1-b08.jar

Description: Expression Language 3.0 API and Implementation

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\javax.el\3.0.1-b08\javax.el-3.0.1-b08.jar
MD5: 08a27292a55062a60ccd558f780a61e2
SHA1: 8fa39d3901fc6ec8c0fff4ad4e48c26c4911c422
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.el
central	groupid	org.glassfish
file	name	javax.el-3.0.1-b08
jar	package name	el
jar	package name	expression
jar	package name	javax
jar	package name	lang
jar	package name	sun
jar (hint)	package name	oracle
manifest	Bundle-Description	Expression Language 3.0 API and Implementation
Manifest	bundle-docurl	http://glassfish.org
Manifest	Bundle-Name	Expression Language 3.0
Manifest	bundle-symbolicname	com.sun.el.javax.el
Manifest	Bundle-Vendor	GlassFish Community
Manifest	extension-name	javax.el
Manifest	Implementation-Vendor	Oracle Corporation
Manifest	specification-vendor	Oracle Corporation
pom	artifactid	javax.el
pom	groupid	glassfish
pom	groupid	org.glassfish
pom	name	Expression Language 3.0
pom	organization name	http://glassfish.org
pom	parent-artifactid	jvnet-parent
pom	parent-groupid	net.java

Identifiers

maven: org.glassfish:javax.el:3.0.1-b08 Confidence:HIGHEST

javax.servlet.jsp.jstl-1.2.4.jar

Description: Java.net - The Source for Java Technology Collaboration

License:

CDDL + GPLv2 with classpath exception: http://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\web\javax.servlet.jsp.jstl\1.2.4\javax.servlet.jsp.jstl-1.2.4.jar
MD5: 48317e0c4995b8cc81a0d932f3156cf2
SHA1: b2a7ae6962d3164f85196b1b3f4535c83e98dce5
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.servlet.jsp.jstl
central	groupid	org.glassfish.web
central	version	1.2.4
file	name	1.2.4
file	name	javax.servlet.jsp.jstl-1.2.4
jar	package name	tag
manifest	Bundle-Description	Java.net - The Source for Java Technology Collaboration
Manifest	bundle-docurl	http://glassfish.org
Manifest	Bundle-Name	JavaServer Pages (TM) TagLib Implementation
Manifest	bundle-symbolicname	org.glassfish.web.javax.servlet.jsp.jstl
Manifest	Bundle-Vendor	GlassFish Community
Manifest	Bundle-Version	1.2.4
Manifest	extension-name	javax.servlet.jsp.jstl
Manifest	Implementation-Vendor	Oracle Corporation
Manifest	Implementation-Version	1.2.4
Manifest	specification-vendor	Oracle Corporation
Manifest	specification-version	1.2
pom	artifactid	javax.servlet.jsp.jstl
pom	groupid	glassfish.web
pom	groupid	org.glassfish.web
pom	name	JavaServer Pages (TM) TagLib Implementation
pom	organization name	http://glassfish.org
pom	parent-artifactid	jvnet-parent
pom	parent-groupid	net.java
pom	parent-version	1.2.4
pom	version	1.2.4

Identifiers

cpe: cpe:/a:oracle:glassfish:1.2.4 Confidence:LOW
cpe: cpe:/a:oracle:glassfish_server:1.2.4 Confidence:LOW
maven: org.glassfish.web:javax.servlet.jsp.jstl:1.2.4 Confidence:HIGHEST

Published Vulnerabilities

CVE-2015-2808

Severity: Medium
CVSS Score: 4.3
CWE: CWE-310 Cryptographic Issues

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

AIXAPAR - IV71888
AIXAPAR - IV71892
CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21883640
HP - SSRT102102
MISC - https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf

Vulnerable Software & Versions: (show all)

CVE-2013-2566

Severity: Medium
CVSS Score: 4.3
CWE: CWE-310 Cryptographic Issues

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

CONFIRM - http://my.opera.com/securitygroup/blog/2013/03/20/on-the-precariousness-of-rc4
CONFIRM - http://www.mozilla.org/security/announce/2013/mfsa2013-103.html
CONFIRM - http://www.opera.com/docs/changelogs/unified/1215/
CONFIRM - http://www.opera.com/security/advisory/1046
GENTOO - GLSA-201406-19
HP - SSRT102035
MISC - http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html
MISC - http://cr.yp.to/talks/2013.03.12/slides.pdf
MISC - http://www.isg.rhul.ac.uk/tls/
UBUNTU - USN-2031-1
UBUNTU - USN-2032-1

Vulnerable Software & Versions: (show all)

CVE-2011-5035

Severity: Medium
CVSS Score: 5.0
CWE: CWE-20 Improper Input Validation

Oracle Glassfish 2.1.1, 3.0.1, and 3.1.1, as used in Communications Server 2.0, Sun Java System Application Server 8.1 and 8.2, and possibly other products, computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters, aka Oracle security ticket S0104869.

BUGTRAQ - 20111228 n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table
CERT-VN - VU#903934
CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html
DEBIAN - DSA-2420
GENTOO - GLSA-201406-32
HP - HPSBST02955
MANDRIVA - MDVSA-2013:150
MISC - http://www.nruns.com/_downloads/advisory28122011.pdf
MISC - http://www.ocert.org/advisories/ocert-2011-003.html
MISC - https://github.com/FireFart/HashCollision-DOS-POC/blob/master/HashtablePOC.py
REDHAT - RHSA-2013:1455

Vulnerable Software & Versions: (show all)

cpe:/a:oracle:glassfish_server:3.1.1 and all previous versions
...
cpe:/a:oracle:glassfish_server:2.1.1
cpe:/a:oracle:glassfish_server:3.0.1
cpe:/a:oracle:glassfish_server:3.1.1 and all previous versions

javax.servlet.jsp-2.3.3-b02.jar

Description: Java.net - The Source for Java Technology Collaboration

License:

CDDL + GPLv2 with classpath exception: http://glassfish.dev.java.net/nonav/public/CDDL+GPL.html

File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\web\javax.servlet.jsp\2.3.3-b02\javax.servlet.jsp-2.3.3-b02.jar
MD5: 50a0d058ef823766a0955eada9293c46
SHA1: 6c48c79f702c0934b450c206445a2126bb2e4def
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	javax.servlet.jsp
central	groupid	org.glassfish.web
central	version	2.3.3-b02
file	name	2.3.3.b02
file	name	javax.servlet.jsp-2.3.3-b02
jar	package name	glassfish
jar	package name	jsp
jar	package name	servlet
Manifest	Bundle-Vendor	GlassFish Community
Manifest	Bundle-Version	2.3.3.b02
Manifest	Implementation-Vendor	Oracle Corporation
Manifest	Implementation-Version	2.3.3-b02
Manifest	specification-version	2.3
pom	artifactid	javax.servlet.jsp
pom	groupid	glassfish.web
pom	groupid	org.glassfish.web
pom	name	JSP implementation
pom	organization name	http://glassfish.org
pom	parent-version	2.3.3-b02
pom	version	2.3.3-b02

Identifiers

cpe: cpe:/a:oracle:jsp:2.3.3.b02 Confidence:LOW
maven: org.glassfish.web:javax.servlet.jsp:2.3.3-b02 Confidence:HIGHEST

asm-commons-5.0.1.jar

File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm-commons\5.0.1\asm-commons-5.0.1.jar
MD5: 6b6ec238db815d6041bd1cea62eacc06
SHA1: 7b7147a390a93a14d2edfdcf3f7b0e87a0939c3e
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	asm-commons
central	groupid	org.ow2.asm
file	name	asm-commons-5.0.1
jar	package name	asm
jar	package name	commons
jar	package name	objectweb
Manifest	bundle-docurl	http://asm.objectweb.org
Manifest	Bundle-Name	ASM commons classes
Manifest	bundle-requiredexecutionenvironment	J2SE-1.3
Manifest	bundle-symbolicname	org.objectweb.asm.commons
Manifest	Bundle-Vendor	France Telecom R&D
Manifest	Implementation-Title	ASM commons classes
Manifest	Implementation-Vendor	France Telecom R&D
pom	artifactid	asm-commons
pom	groupid	org.ow2.asm
pom	groupid	ow2.asm
pom	name	ASM Commons
pom	parent-artifactid	asm-parent
pom	parent-groupid	org.ow2.asm

Identifiers

maven: org.ow2.asm:asm-commons:5.0.1 Confidence:HIGHEST

asm-tree-5.0.1.jar

File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm-tree\5.0.1\asm-tree-5.0.1.jar
MD5: 5924c798a4e14d0192f1a6f33f726c2c
SHA1: 1b1e6e9d869acd704056d0a4223071a511c619e6
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	asm-tree
central	groupid	org.ow2.asm
file	name	asm-tree-5.0.1
jar	package name	asm
jar	package name	objectweb
jar	package name	tree
Manifest	bundle-docurl	http://asm.objectweb.org
Manifest	Bundle-Name	ASM Tree class visitor
Manifest	bundle-requiredexecutionenvironment	J2SE-1.3
Manifest	bundle-symbolicname	org.objectweb.asm.tree
Manifest	Bundle-Vendor	France Telecom R&D
Manifest	Implementation-Title	ASM Tree class visitor
Manifest	Implementation-Vendor	France Telecom R&D
pom	artifactid	asm-tree
pom	groupid	org.ow2.asm
pom	groupid	ow2.asm
pom	name	ASM Tree
pom	parent-artifactid	asm-parent
pom	parent-groupid	org.ow2.asm

Identifiers

maven: org.ow2.asm:asm-tree:5.0.1 Confidence:HIGHEST

asm-5.0.1.jar

File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm\5.0.1\asm-5.0.1.jar
MD5: d6fa9169eb883ac82effd333eaffd4fc
SHA1: 2fd56467a018aafe6ec6a73ccba520be4a7e1565
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	asm
central	groupid	org.ow2.asm
file	name	asm-5.0.1
jar	package name	asm
jar	package name	objectweb
Manifest	bundle-docurl	http://asm.objectweb.org
Manifest	Bundle-Name	ASM
Manifest	bundle-requiredexecutionenvironment	J2SE-1.3
Manifest	bundle-symbolicname	org.objectweb.asm
Manifest	Bundle-Vendor	France Telecom R&D
Manifest	Implementation-Title	ASM
Manifest	Implementation-Vendor	France Telecom R&D
pom	artifactid	asm
pom	groupid	org.ow2.asm
pom	groupid	ow2.asm
pom	name	ASM Core
pom	parent-artifactid	asm-parent
pom	parent-groupid	org.ow2.asm

Identifiers

maven: org.ow2.asm:asm:5.0.1 Confidence:HIGHEST

jcl-over-slf4j-1.7.12.jar

Description: JCL 1.1.1 implemented over SLF4J

File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\jcl-over-slf4j\1.7.12\jcl-over-slf4j-1.7.12.jar
MD5: 5989c932ad8fff557a90f6f9032e57f9
SHA1: adef7a9e1263298255fdb5cb107ff171d07c82f3
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	jcl-over-slf4j
central	groupid	org.slf4j
file	name	jcl-over-slf4j-1.7.12
jar	package name	impl
manifest	Bundle-Description	JCL 1.1.1 implemented over SLF4J
Manifest	Bundle-Name	jcl-over-slf4j
Manifest	bundle-requiredexecutionenvironment	J2SE-1.5
Manifest	bundle-symbolicname	jcl.over.slf4j
Manifest	Bundle-Vendor	SLF4J.ORG
Manifest	Implementation-Title	jcl-over-slf4j
pom	artifactid	jcl-over-slf4j
pom	description	JCL 1.1.1 implemented over SLF4J
pom	groupid	org.slf4j
pom	groupid	slf4j
pom	name	JCL 1.1.1 implemented over SLF4J
pom	parent-artifactid	slf4j-parent
pom	parent-groupid	org.slf4j

Identifiers

maven: org.slf4j:jcl-over-slf4j:1.7.12 Confidence:HIGHEST

slf4j-api-1.7.12.jar

Description: The slf4j API

File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\slf4j-api\1.7.12\slf4j-api-1.7.12.jar
MD5: 68910bf95dbcf90ce5859128f0f75d1e
SHA1: 8e20852d05222dc286bf1c71d78d0531e177c317
Referenced In Project: waffle-jetty

Evidence

Source	Name	Value
central	artifactid	slf4j-api
central	groupid	org.slf4j
file	name	slf4j-api-1.7.12
jar	package name	slf4j
manifest	Bundle-Description	The slf4j API
Manifest	Bundle-Name	slf4j-api
Manifest	bundle-requiredexecutionenvironment	J2SE-1.5
Manifest	bundle-symbolicname	slf4j.api
Manifest	Bundle-Vendor	SLF4J.ORG
Manifest	Implementation-Title	slf4j-api
pom	artifactid	slf4j-api
pom	description	The slf4j API
pom	groupid	org.slf4j
pom	groupid	slf4j
pom	name	SLF4J API Module
pom	parent-artifactid	slf4j-parent
pom	parent-groupid	org.slf4j

Identifiers

maven: org.slf4j:slf4j-api:1.7.12 Confidence:HIGHEST

Project: waffle-jetty

Dependencies

guava-18.0.jar

Evidence

Identifiers

javax.annotation-api-1.2.jar

Evidence

Related Dependencies

Identifiers

javax.el-api-3.0.1-b04.jar

Evidence

Identifiers

javax.servlet-api-3.1.0.jar

Evidence

Related Dependencies

Identifiers

javax.servlet.jsp-api-2.3.2-b01.jar

Evidence

Identifiers

jstl-api-1.2.jar

Evidence

Identifiers

javax.transaction-api-1.2.jar

Evidence

Identifiers

javax.websocket-api-1.0.jar

Evidence

Related Dependencies

Identifiers

jna-platform-4.1.0.jar

Evidence

Identifiers

jna-4.1.0.jar

Evidence

Identifiers

jna-4.1.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-4.1.0.jar: jnidispatch.dll

Evidence

Identifiers

jna-4.1.0.jar: jnidispatch.dll

Evidence

Identifiers

ecj-4.4.2.jar

Evidence

Identifiers

http2-hpack-9.3.0.v20150612.jar

Evidence

Related Dependencies

Identifiers

http2-server-9.3.0.v20150612.jar

Evidence

Identifiers

jetty-io-9.3.0.v20150612.jar

Evidence

Related Dependencies

Identifiers

javax.activation-1.1.0.v201105071233.jar

Evidence

Identifiers

javax.mail.glassfish-1.4.1.v201005082020.jar

Evidence

Identifiers

javax.security.auth.message-1.0.0.v201108011116.jar

Evidence

Identifiers

javax-websocket-client-impl-9.3.0.v20150612.jar

Evidence

Related Dependencies

Identifiers

websocket-api-9.3.0.v20150612.jar

Evidence

Related Dependencies

Identifiers

javax.el-3.0.1-b08.jar

Evidence

Identifiers

javax.servlet.jsp.jstl-1.2.4.jar

Evidence