Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: ESAPI

org.owasp.esapi:esapi:2.5.4.0

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
antisamy-1.7.5.jarcpe:2.3:a:antisamy_project:antisamy:1.7.5:*:*:*:*:*:*:*pkg:maven/org.owasp.antisamy/antisamy@1.7.5 0Highest46
batik-css-1.17.jarcpe:2.3:a:apache:batik:1.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:xml_graphics_batik:1.17:*:*:*:*:*:*:*		pkg:maven/org.apache.xmlgraphics/batik-css@1.17 0Highest27
batik-i18n-1.17.jarcpe:2.3:a:apache:xml_graphics_batik:1.17:*:*:*:*:*:*:*pkg:maven/org.apache.xmlgraphics/batik-i18n@1.17 0Highest24
bsh-2.0b6.jarcpe:2.3:a:beanshell:beanshell:2.0:b6:*:*:*:*:*:*pkg:maven/org.apache-extras.beanshell/bsh@2.0b6 0Highest55
commons-beanutils-1.9.4.jarcpe:2.3:a:apache:commons_beanutils:1.9.4:*:*:*:*:*:*:*pkg:maven/commons-beanutils/commons-beanutils@1.9.4 0Highest168
commons-collections-3.2.2.jarcpe:2.3:a:apache:commons_collections:3.2.2:*:*:*:*:*:*:*pkg:maven/commons-collections/commons-collections@3.2.2 0Highest84
commons-collections4-4.5.0-M1.jarcpe:2.3:a:apache:commons_collections:4.5.0:m1:*:*:*:*:*:*pkg:maven/org.apache.commons/commons-collections4@4.5.0-M1 0Highest111
commons-configuration-1.10.jarcpe:2.3:a:apache:commons_configuration:1.10:*:*:*:*:*:*:*pkg:maven/commons-configuration/commons-configuration@1.10MEDIUM2Highest121
commons-fileupload-1.5.jarcpe:2.3:a:apache:commons_fileupload:1.5:*:*:*:*:*:*:*pkg:maven/commons-fileupload/commons-fileupload@1.5 0Highest115
commons-io-2.15.1.jarcpe:2.3:a:apache:commons_io:2.15.1:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.15.1 0Highest125
commons-lang-2.6.jarpkg:maven/commons-lang/commons-lang@2.6 0122
commons-logging-1.2.jarpkg:maven/commons-logging/commons-logging@1.2 0117
httpclient5-5.3.1.jarcpe:2.3:a:apache:httpclient:5.3.1:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents.client5/httpclient5@5.3.1 0Highest30
httpcore5-5.2.4.jarpkg:maven/org.apache.httpcomponents.core5/httpcore5@5.2.4 030
httpcore5-h2-5.2.4.jarpkg:maven/org.apache.httpcomponents.core5/httpcore5-h2@5.2.4 030
javax.servlet-api-3.1.0.jarcpe:2.3:a:oracle:java_se:3.1.0:*:*:*:*:*:*:*pkg:maven/javax.servlet/javax.servlet-api@3.1.0 0Medium49
javax.servlet.jsp-api-2.3.3.jarcpe:2.3:a:oracle:java_se:2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jsp:2.3.3:*:*:*:*:*:*:*		pkg:maven/javax.servlet.jsp/javax.servlet.jsp-api@2.3.3 0High46
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
neko-htmlunit-3.11.1.jarcpe:2.3:a:htmlunit:htmlunit:3.11.1:*:*:*:*:*:*:*pkg:maven/org.htmlunit/neko-htmlunit@3.11.1 0Highest50
slf4j-api-2.0.13.jarpkg:maven/org.slf4j/slf4j-api@2.0.13 029
spotbugs-annotations-4.8.5.jarpkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.5 053
xercesImpl-2.12.2.jarpkg:maven/xerces/xercesImpl@2.12.2 084
xml-apis-1.4.01.jarpkg:maven/xml-apis/xml-apis@1.4.01 087
xml-apis-ext-1.3.04.jarpkg:maven/xml-apis/xml-apis-ext@1.3.04 035
xmlgraphics-commons-2.9.jarcpe:2.3:a:apache:xmlgraphics_commons:2.9:*:*:*:*:*:*:*pkg:maven/org.apache.xmlgraphics/xmlgraphics-commons@2.9 0Highest29
xom-1.3.9.jarpkg:maven/xom/xom@1.3.9 058

Dependencies (vulnerable)

antisamy-1.7.5.jar

Description:

A library for performing fast, configurable cleansing of HTML coming from untrusted sources.

License:

BSD 3: https://opensource.org/licenses/BSD-3-Clause
File Path: /home/wallk/.m2/repository/org/owasp/antisamy/antisamy/1.7.5/antisamy-1.7.5.jar
MD5: 3b1ba1e6b1cef2083aac38a989df5e76
SHA1: 5fc1f19ca28f11e1e561e02d5f6e1a3709cd3e08
SHA256:6f61693537e626c6f4baa02dcccd300977f190e7eab82ce7cc3ec639667e3b6b
Referenced In Project/Scope: ESAPI:compile
antisamy-1.7.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

batik-css-1.17.jar

Description:

Batik CSS engine

File Path: /home/wallk/.m2/repository/org/apache/xmlgraphics/batik-css/1.17/batik-css-1.17.jar
MD5: b1b046ef30c8b779093a5f53ccea593e
SHA1: d5ff4e0463af8a0ea5ab8d782c5418bab2f45c4d
SHA256:dcf9a902bd0c4b1a84ac0561d7b66052bc93381c4923a5bc5602290c1c82b779
Referenced In Project/Scope: ESAPI:compile
batik-css-1.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

batik-i18n-1.17.jar

Description:

Batik i18n library

File Path: /home/wallk/.m2/repository/org/apache/xmlgraphics/batik-i18n/1.17/batik-i18n-1.17.jar
MD5: 10ba9936f23cfab12698ae80618660a9
SHA1: 39b233a71430ffa9d0282d47789a58fa8bf4f861
SHA256:d5a64680363e7b36b3f28c34a3a536d76e847f77cec0740aab7c799a67b52d8b
Referenced In Project/Scope: ESAPI:compile
batik-i18n-1.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

bsh-2.0b6.jar

Description:

BeanShell is a small, free, embeddable Java source interpreter
    with object scripting language features, written in Java. BeanShell
    dynamically executes standard Java syntax and extends it with common
    scripting conveniences such as loose types, commands, and method closures
    like those in Perl and JavaScript.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/org/apache-extras/beanshell/bsh/2.0b6/bsh-2.0b6.jar
MD5: 0f27117d5b4cfeea1d0634125313fac0
SHA1: fb418f9b33a0b951e9a2978b4b6ee93b2707e72f
SHA256:a17955976070c0573235ee662f2794a78082758b61accffce8d3f8aedcd91047
Referenced In Project/Scope: ESAPI:compile
bsh-2.0b6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

commons-beanutils-1.9.4.jar

Description:

Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256:7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: ESAPI:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

commons-collections-3.2.2.jar

Description:

Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: ESAPI:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-beanutils/commons-beanutils@1.9.4

Identifiers

commons-collections4-4.5.0-M1.jar

Description:

The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/org/apache/commons/commons-collections4/4.5.0-M1/commons-collections4-4.5.0-M1.jar
MD5: 3b5cbd52f7cddc643ccb97e75804bf24
SHA1: d849d893f3aaf9f3a9d3d1db0471a3aa7ebcc0f0
SHA256:7a9ca6846168243268f2fed5786550c349511e92b8a6957d577210b0d1b8d303
Referenced In Project/Scope: ESAPI:compile
commons-collections4-4.5.0-M1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

commons-configuration-1.10.jar

Description:

Tools to assist in the reading of configuration/preferences files in various formats.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-configuration/commons-configuration/1.10/commons-configuration-1.10.jar
MD5: b16511ce540fefd53981245f5f21c5f8
SHA1: 2b36e4adfb66d966c5aef2d73deb6be716389dc9
SHA256:95d4e6711e88ce78992c82c25bc03c8df9ecf5a357f0de0bec72a26db3399374
Referenced In Project/Scope: ESAPI:compile
commons-configuration-1.10.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

CVE-2024-29131 (OSSINDEX)  

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.

Users are recommended to upgrade to version 2.10.1, which fixes the issue.



Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29131 for details
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (6.5)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:commons-configuration:commons-configuration:1.10:*:*:*:*:*:*:*

CVE-2024-29133 (OSSINDEX)  

Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1.

Users are recommended to upgrade to version 2.10.1, which fixes the issue.



Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2024-29133 for details
CWE-787 Out-of-bounds Write

CVSSv3:
  • Base Score: MEDIUM (4.400000095367432)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

References:

Vulnerable Software & Versions (OSSINDEX):

  • cpe:2.3:a:commons-configuration:commons-configuration:1.10:*:*:*:*:*:*:*

commons-fileupload-1.5.jar

Description:

    The Apache Commons FileUpload component provides a simple yet flexible means of adding support for multipart
    file upload functionality to servlets and web applications.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-fileupload/commons-fileupload/1.5/commons-fileupload-1.5.jar
MD5: e57ac8a1a6412886a133a2fa08b89735
SHA1: ad4ad2ab2961b4e1891472bd1a33fabefb0385f3
SHA256:51f7b3dcb4e50c7662994da2f47231519ff99707a5c7fb7b05f4c4d3a1728c14
Referenced In Project/Scope: ESAPI:compile
commons-fileupload-1.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

commons-io-2.15.1.jar

Description:

The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-io/commons-io/2.15.1/commons-io-2.15.1.jar
MD5: 84351f7991a0e6722f00e96a4ccc376f
SHA1: f11560da189ab563a5c8e351941415430e9304ea
SHA256:a58af12ee1b68cfd2ebb0c27caef164f084381a00ec81a48cc275fd7ea54e154
Referenced In Project/Scope: ESAPI:compile
commons-io-2.15.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

commons-lang-2.6.jar

Description:

        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256:50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Project/Scope: ESAPI:compile
commons-lang-2.6.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

commons-logging-1.2.jar

Description:

Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Project/Scope: ESAPI:compile
commons-logging-1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/commons-beanutils/commons-beanutils@1.9.4

Identifiers

httpclient5-5.3.1.jar

Description:

Apache HttpComponents Client

File Path: /home/wallk/.m2/repository/org/apache/httpcomponents/client5/httpclient5/5.3.1/httpclient5-5.3.1.jar
MD5: de1810a606b27192cbf5bbad9c25a648
SHA1: 56b53c8f4bcdaada801d311cf2ff8a24d6d96883
SHA256:08346a757c617f6ecc66af9f099260adde1f3a1351fa81cb22fc17482b31f823
Referenced In Project/Scope: ESAPI:compile
httpclient5-5.3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

httpcore5-5.2.4.jar

Description:

Apache HttpComponents HTTP/1.1 core components

File Path: /home/wallk/.m2/repository/org/apache/httpcomponents/core5/httpcore5/5.2.4/httpcore5-5.2.4.jar
MD5: 5a3d417ea4e65e0f74194263dc5c6c43
SHA1: 34d8332b975f9e9a8298efe4c883ec43d45b7059
SHA256:a7f62496113f66f9e27c26b84c44f5ce4555c6270083cdf2d45f255336cd52af
Referenced In Project/Scope: ESAPI:compile
httpcore5-5.2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

httpcore5-h2-5.2.4.jar

Description:

Apache HttpComponents HTTP/2 Core Components

File Path: /home/wallk/.m2/repository/org/apache/httpcomponents/core5/httpcore5-h2/5.2.4/httpcore5-h2-5.2.4.jar
MD5: d407b8144029db656ac5ba3d54ef801f
SHA1: 2872764df7b4857549e2880dd32a6f9009166289
SHA256:dc1a95e73eb04db93451533d390ce02c53b301a10dc343d08c862f2934b3d30e
Referenced In Project/Scope: ESAPI:compile
httpcore5-h2-5.2.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

javax.servlet-api-3.1.0.jar

Description:

Java(TM) Servlet 3.1 API Design Specification

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /home/wallk/.m2/repository/javax/servlet/javax.servlet-api/3.1.0/javax.servlet-api-3.1.0.jar
MD5: 79de69e9f5ed8c7fcb8342585732bbf7
SHA1: 3cd63d075497751784b2fa84be59432f4905bf7c
SHA256:af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482
Referenced In Project/Scope: ESAPI:provided
javax.servlet-api-3.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

javax.servlet.jsp-api-2.3.3.jar

Description:

Java.net - The Source for Java Technology Collaboration

License:

CDDL + GPLv2 with classpath exception: ://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /home/wallk/.m2/repository/javax/servlet/jsp/javax.servlet.jsp-api/2.3.3/javax.servlet.jsp-api-2.3.3.jar
MD5: f6676a5961328c41c5e722da5e48d047
SHA1: 81191ab80e342912dc9cea735c30ff4eddc64de3
SHA256:409a534d275ef0958a2c1692472da30e3706bfe6933d56c039376f53f13689b7
Referenced In Project/Scope: ESAPI:provided
javax.servlet.jsp-api-2.3.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: ESAPI:compile
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.5

Identifiers

neko-htmlunit-3.11.1.jar

Description:

        NekoHtml is the Html parser used by HtmlUnit.

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/org/htmlunit/neko-htmlunit/3.11.1/neko-htmlunit-3.11.1.jar
MD5: 0522bf9642978992accc112311f56d1c
SHA1: 5950a41eb9ea0a176755f75a5031bb0b9aa42ae9
SHA256:980fada2d8e4abc92c806355792163df46019a8e23c2ac776ba5cfd6eaa5752d
Referenced In Project/Scope: ESAPI:compile
neko-htmlunit-3.11.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

slf4j-api-2.0.13.jar

Description:

The slf4j API

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /home/wallk/.m2/repository/org/slf4j/slf4j-api/2.0.13/slf4j-api-2.0.13.jar
MD5: 7f4028aa04f75427327f3f30cd62ba4e
SHA1: 80229737f704b121a318bba5d5deacbcf395bc77
SHA256:e7c2a48e8515ba1f49fa637d57b4e2f590b3f5bd97407ac699c3aa5efb1204a9
Referenced In Project/Scope: ESAPI:compile
slf4j-api-2.0.13.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

spotbugs-annotations-4.8.5.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /home/wallk/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.8.5/spotbugs-annotations-4.8.5.jar
MD5: e952af1f90eadb3502cff551518fcbc9
SHA1: 17ab39acf7cf6f7a330ee3be08a4bb2740082b4c
SHA256:6e63acb693f156e4fb79151b88f9eebe731b4da65fe12843503613e0d6e6f68d
Referenced In Project/Scope: ESAPI:compile
spotbugs-annotations-4.8.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

xercesImpl-2.12.2.jar

Description:

      Xerces2 provides high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces continues to build upon the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

      The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

      Xerces2 provides fully conforming XML Schema 1.0 and 1.1 processors. An experimental implementation of the "XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010)" is also provided for evaluation. For more information, refer to the XML Schema page.

      Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

      Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/xerces/xercesImpl/2.12.2/xercesImpl-2.12.2.jar
MD5: 40e4f2d5aacfbf51a9a1572d77a0e5e9
SHA1: f051f988aa2c9b4d25d05f95742ab0cc3ed789e2
SHA256:6fc991829af1708d15aea50c66f0beadcd2cfeb6968e0b2f55c1b0909883fe16
Referenced In Project/Scope: ESAPI:compile
xercesImpl-2.12.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

xml-apis-1.4.01.jar

Description:

xml-commons provides an Apache-hosted set of DOM, SAX, and 
    JAXP interfaces for use in other xml-based projects. Our hope is that we 
    can standardize on both a common version and packaging scheme for these 
    critical XML standards interfaces to make the lives of both our developers 
    and users easier. The External Components portion of xml-commons contains 
    interfaces that are defined by external standards organizations. For DOM, 
    that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for 
    JAXP it's Sun.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
The SAX License: http://www.saxproject.org/copying.html
The W3C License: http://www.w3.org/TR/2004/REC-DOM-Level-3-Core-20040407/java-binding.zip
File Path: /home/wallk/.m2/repository/xml-apis/xml-apis/1.4.01/xml-apis-1.4.01.jar
MD5: 7eaad6fea5925cca6c36ee8b3e02ac9d
SHA1: 3789d9fada2d3d458c4ba2de349d48780f381ee3
SHA256:a840968176645684bb01aed376e067ab39614885f9eee44abe35a5f20ebe7fad
Referenced In Project/Scope: ESAPI:compile
xml-apis-1.4.01.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers

xml-apis-ext-1.3.04.jar

Description:

xml-commons provides an Apache-hosted set of DOM, SAX, and 
    JAXP interfaces for use in other xml-based projects. Our hope is that we 
    can standardize on both a common version and packaging scheme for these 
    critical XML standards interfaces to make the lives of both our developers 
    and users easier. The External Components portion of xml-commons contains 
    interfaces that are defined by external standards organizations. For DOM, 
    that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for 
    JAXP it's Sun.

File Path: /home/wallk/.m2/repository/xml-apis/xml-apis-ext/1.3.04/xml-apis-ext-1.3.04.jar
MD5: bcb07d3b8d2397db7a3013b6465d347b
SHA1: 41a8b86b358e87f3f13cf46069721719105aff66
SHA256:d0b4887dc34d57de49074a58affad439a013d0baffa1a8034f8ef2a5ea191646
Referenced In Project/Scope: ESAPI:compile
xml-apis-ext-1.3.04.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

xmlgraphics-commons-2.9.jar

Description:

    Apache XML Graphics Commons is a library that consists of several reusable 
    components used by Apache Batik and Apache FOP. Many of these components 
    can easily be used separately outside the domains of SVG and XSL-FO.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/wallk/.m2/repository/org/apache/xmlgraphics/xmlgraphics-commons/2.9/xmlgraphics-commons-2.9.jar
MD5: f398edbe3eb048508d88158378b55c48
SHA1: de2d1bd8d40474bbe876bb269410c750489f08e5
SHA256:2ebd333ab2a624514793c336e3af086608673286fe37ba1e639e0ac3e1b58be2
Referenced In Project/Scope: ESAPI:compile
xmlgraphics-commons-2.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.antisamy/antisamy@1.7.5

Identifiers

xom-1.3.9.jar

Description:

The XOM Dual Streaming/Tree API for Processing XML

License:

The GNU Lesser General Public License, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /home/wallk/.m2/repository/xom/xom/1.3.9/xom-1.3.9.jar
MD5: 8a3b209bd01eb7a0f10058ff9b35cbd8
SHA1: c1012b95027799beabd123a3f651aea19d13edc5
SHA256:2b45f6d5b882ec3c13de86cf23512d01377c1943e8f8ad767298f67e03e561c5
Referenced In Project/Scope: ESAPI:compile
xom-1.3.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.owasp.esapi/esapi@2.5.4.0

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.