Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Severity:
Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)
XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apache Batik 1.x before 1.8 allows remote attackers to read arbitrary files or cause a denial of service via a crafted SVG file.
Description:
Cewolf is a tag library for JfreeChart.
JFreeChart is a class library, written in Java, for generating charts.
Utilising the Java2D APIs, it currently supports bar charts, pie charts,
line charts, XY-plots and time series plots.
License:
GNU Lesser General Public License version 2.1 (LGPLv2.1): http://www.gnu.org/licenses/lgpl-2.1.txt
File Path: C:\Users\Dad\.m2\repository\cewolf\cewolf\1.2.4-java7\cewolf-1.2.4-java7.jar MD5: 52336ab381cc46d082b893873707e011 SHA1: ceec652622da825768aa19f960021548fa6d0768
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
cewolf
central
groupid
cewolf
central
version
1.2.4-java7
file
name
cewolf
file
version
1.2.4
jar
package name
cewolf
jar
package name
de
jar
package name
laures
pom
artifactid
cewolf
pom
description
Cewolf is a tag library for JfreeChart. JFreeChart is a class library, written in Java, for generating charts. Utilising the Java2D APIs, it currently supports bar charts, pie charts, line charts, XY-plots and time series plots.
Description:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
File Path: C:\Users\Dad\.m2\repository\commons-codec\commons-codec\1.10\commons-codec-1.10.jar MD5: 353cf6a2bdba09595ccfa073b78c7fcb SHA1: 4b95f4897fa13f2cd904aee711aeafc0c5295cd8
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
commons-codec
central
groupid
commons-codec
central
version
1.10
file
name
commons-codec
file
version
1.10
manifest
Bundle-Description
The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.
The Apache Commons Codec package contains simple encoder and decoders for various formats such as Base64 and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.
Description:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
File Path: C:\Users\Dad\.m2\repository\commons-lang\commons-lang\2.6\commons-lang-2.6.jar MD5: 4d5c1693079575b362edf41500630bbd SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
commons-lang
central
groupid
commons-lang
central
version
2.6
file
name
commons-lang
file
version
2.6
manifest
Bundle-Description
Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.
Manifest
bundle-docurl
http://commons.apache.org/lang/
Manifest
Bundle-Name
Commons Lang
Manifest
bundle-symbolicname
org.apache.commons.lang
Manifest
Implementation-Title
Commons Lang
Manifest
Implementation-Vendor
The Apache Software Foundation
Manifest
Implementation-Vendor-Id
org.apache
Manifest
Implementation-Version
2.6
Manifest
specification-title
Commons Lang
Manifest
specification-vendor
The Apache Software Foundation
pom
artifactid
commons-lang
pom
description
Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.
Description:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Dad\.m2\repository\org\apache\commons\commons-lang3\3.5\commons-lang3-3.5.jar MD5: 780b5a8b72eebe6d0dbff1c11b5658fa SHA1: 6c6c702c89bfff3cd9e80b04d668c5e190d588c6
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
commons-lang3
central
groupid
org.apache.commons
central
version
3.5
file
name
commons-lang3
file
version
3.5
manifest
Bundle-Description
Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.
Apache Commons Lang, a package of Java utility classes for the classes that are in java.lang's hierarchy, or are considered to be so standard as to justify existence in java.lang.
Severity:
Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-287 Improper Authentication
Apache WSS4J before 1.6.17 and 2.x before 2.0.2, as used in Apache CXF 2.7.x before 2.7.13 and 3.0.x before 3.0.2, when using TransportBinding, does not properly enforce the SAML SubjectConfirmation method security semantics, which allows remote attackers to conduct spoofing attacks via unspecified vectors.
The wsdl_first_https sample code in distribution/src/main/release/samples/wsdl_first_https/src/main/ in Apache CXF, possibly 2.6.0, does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
Apache Geronimo 2.2.1 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters. NOTE: this might overlap CVE-2011-4461.
Severity:
Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')
The init script for Apache Geronimo on SUSE Linux follows symlinks when performing a chown operation, which might allow local users to obtain access to unspecified files or directories.
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.
Severity:
Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
Description: jUDDI (pronounced "Judy") is an open source Java implementation of the Universal Description, Discovery, and Integration (UDDI) specification for Web Services.
File Path: C:\Users\Dad\.m2\repository\org\apache\juddi\juddi-client\3.3.3\juddi-client-3.3.3.jar MD5: 97c5bdf27e8b2b177d0621f8476942fd SHA1: 02956c0e30405af75c9866ccf1dba30697d19781
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
juddi-client
central
groupid
org.apache.juddi
central
version
3.3.3
file
name
juddi-client
file
version
3.3.3
manifest
Bundle-Description
jUDDI (pronounced "Judy") is an open source Java implementation of the Universal Description, Discovery, and Integration (UDDI) specification for Web Services.
Description: jUDDI (pronounced "Judy") is an open source Java implementation of the Universal Description, Discovery, and Integration (UDDI) specification for Web Services.
File Path: C:\Users\Dad\.m2\repository\org\apache\juddi\uddi-ws\3.3.3\uddi-ws-3.3.3.jar MD5: bb20c0b7902db12bc44154a7883ba79a SHA1: ba7abcb195c7fe6048e734925fd29622b1959447
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
uddi-ws
central
groupid
org.apache.juddi
central
version
3.3.3
file
name
uddi-ws
file
version
3.3.3
manifest
Bundle-Description
jUDDI (pronounced "Judy") is an open source Java implementation of the Universal Description, Discovery, and Integration (UDDI) specification for Web Services.
Manifest
bundle-docurl
http://www.apache.org/
Manifest
Bundle-Name
UDDIv2 and v3 WS Stubs and Schema Bindings Generated from WSDL
Manifest
bundle-symbolicname
org.apache.juddi.uddi-ws
pom
artifactid
uddi-ws
pom
groupid
apache.juddi
pom
groupid
org.apache.juddi
pom
name
UDDIv2 and v3 WS Stubs and Schema Bindings Generated from WSDL
Description: Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Dad\.m2\repository\org\apache\neethi\neethi\3.0.3\neethi-3.0.3.jar MD5: 8a81813a03e2899ccd31f0e92f6cc691 SHA1: ee37a38bbf9f355ee88ba554a85c9220b75ba500
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
neethi
central
groupid
org.apache.neethi
central
version
3.0.3
file
name
neethi
file
version
3.0.3
manifest
Bundle-Description
Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.
Manifest
bundle-docurl
http://www.apache.org/
Manifest
Bundle-Name
Apache Neethi
Manifest
bundle-symbolicname
org.apache.neethi
Manifest
Implementation-Title
Apache Neethi
Manifest
Implementation-Vendor
The Apache Software Foundation
Manifest
Implementation-Vendor-Id
org.apache
Manifest
Implementation-Version
3.0.3
Manifest
specification-title
Apache Neethi
Manifest
specification-vendor
The Apache Software Foundation
pom
artifactid
neethi
pom
description
Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.
Description: tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
License:
The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: C:\Users\Dad\.m2\repository\org\codehaus\woodstox\stax2-api\3.1.4\stax2-api-3.1.4.jar MD5: c08e89de601b0a78f941b2c29db565c3 SHA1: ac19014b1e6a7c08aad07fe114af792676b685b7
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
stax2-api
central
groupid
org.codehaus.woodstox
central
version
3.1.4
file
name
stax2-api
file
version
3.1.4
manifest
Bundle-Description
tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
Manifest
bundle-docurl
http://fasterxml.com
Manifest
Bundle-Name
Stax2 API
Manifest
bundle-symbolicname
stax2-api
pom
artifactid
stax2-api
pom
description
tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
Description:
JCommon is a free general purpose Java class library that is used in
several projects at www.jfree.org, including JFreeChart and
JFreeReport.
License:
GNU Lesser General Public Licence: http://www.gnu.org/licenses/lgpl.txt
File Path: C:\Users\Dad\.m2\repository\org\jfree\jcommon\1.0.23\jcommon-1.0.23.jar MD5: 1b059adc60fef2da40b7130f9a67f977 SHA1: a316f336ca996e0c6bec4e4fbd49be8f5e1c3968
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
jcommon
central
groupid
org.jfree
central
version
1.0.23
file
name
jcommon
file
version
1.0.23
jar
package name
jfree
jar
package name
ui
pom
artifactid
jcommon
pom
description
JCommon is a free general purpose Java class library that is used in several projects at www.jfree.org, including JFreeChart and JFreeReport.
Description:
JFreeChart is a class library, written in Java, for generating charts.
Utilising the Java2D APIs, it currently supports bar charts, pie charts,
line charts, XY-plots and time series plots.
License:
GNU Lesser General Public Licence: http://www.gnu.org/licenses/lgpl.txt
File Path: C:\Users\Dad\.m2\repository\org\jfree\jfreechart\1.0.19\jfreechart-1.0.19.jar MD5: 4ff3762bd04a7239cfb98de542134bec SHA1: ba9ee7dbb2e4c57a6901c79f614ed2dea9cc0e20
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
jfreechart
central
groupid
org.jfree
central
version
1.0.19
file
name
jfreechart
file
version
1.0.19
jar
package name
chart
jar
package name
jfree
pom
artifactid
jfreechart
pom
description
JFreeChart is a class library, written in Java, for generating charts. Utilising the Java2D APIs, it currently supports bar charts, pie charts, line charts, XY-plots and time series plots.
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks.
Severity:
Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
Pivotal Spring Framework before 3.2.14 and 4.x before 4.1.7 do not properly process inline DTD declarations when DTD is not entirely disabled, which allows remote attackers to cause a denial of service (memory consumption and out-of-memory errors) via a crafted XML file.
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling.
Severity:
Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in Pivotal Spring Framework 3.x before 3.2.9 and 4.0 before 4.0.5 allows remote attackers to read arbitrary files via a crafted URL.
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
Description:
Xalan-Java is an XSLT processor for transforming XML documents into HTML,
text, or other XML document types. It implements XSL Transformations (XSLT)
Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from
the command line, in an applet or a servlet, or as a module in other program.
File Path: C:\Users\Dad\.m2\repository\xalan\xalan\2.7.1\xalan-2.7.1.jar MD5: d43aad24f2c143b675292ccfef487f9c SHA1: 75f1d83ce27bab5f29fff034fc74aa9f7266f22a
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
xalan
central
groupid
xalan
central
version
2.7.1
file
name
xalan
file
version
2.7.1
manifest: java_cup/runtime/
Implementation-Title
runtime
manifest: java_cup/runtime/
Implementation-Vendor
Princeton University
manifest: java_cup/runtime/
Specification-Title
Runtime component of JCup
manifest: org/apache/bcel/
Implementation-Title
org.apache.bcel
manifest: org/apache/bcel/
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/bcel/
Specification-Title
Byte Code Engineering Library
manifest: org/apache/regexp/
Implementation-Title
org.apache.regexp
manifest: org/apache/regexp/
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/regexp/
Specification-Title
Java Regular Expression package
manifest: org/apache/xalan/
Implementation-Title
org.apache.xalan
manifest: org/apache/xalan/
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/xalan/
Specification-Title
Java API for XML Processing
manifest: org/apache/xalan/xsltc/
Implementation-Title
org.apache.xalan.xsltc
manifest: org/apache/xalan/xsltc/
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/xalan/xsltc/
Specification-Title
Java API for XML Processing
manifest: org/apache/xml/
Implementation-Title
org.apache.xml
manifest: org/apache/xml/
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/xpath/
Implementation-Title
org.apache.xpath
manifest: org/apache/xpath/
Implementation-Vendor
Apache Software Foundation
pom
artifactid
xalan
pom
description
Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It implements XSL Transformations (XSLT) Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from the command line, in an applet or a servlet, or as a module in other program.
Severity:
High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
Description:
Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.
The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.
Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page.
Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.
Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Dad\.m2\repository\xerces\xercesImpl\2.11.0\xercesImpl-2.11.0.jar MD5: 43584adc1f895628055bad0aa98a1007 SHA1: 9bb329db1cfc4e22462c9d6b43a8432f5850e92c
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):provided
Evidence
Source
Name
Value
central
artifactid
xercesImpl
central
groupid
xerces
central
version
2.11.0
file
name
xercesImpl
file
version
2.11.0
manifest: javax/xml/datatype/
Implementation-Title
javax.xml.datatype
manifest: javax/xml/datatype/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/datatype/
Specification-Title
Java API for XML Processing
manifest: javax/xml/namespace/
Implementation-Title
javax.xml.namespace
manifest: javax/xml/namespace/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/namespace/
Specification-Title
Java API for XML Processing
manifest: javax/xml/parsers/
Implementation-Title
javax.xml.parsers
manifest: javax/xml/parsers/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/parsers/
Specification-Title
Java API for XML Processing
manifest: javax/xml/stream/
Implementation-Title
javax.xml.stream
manifest: javax/xml/stream/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/stream/
Specification-Title
Streaming API for XML
manifest: javax/xml/transform/
Implementation-Title
javax.xml.transform
manifest: javax/xml/transform/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/transform/
Specification-Title
Java API for XML Processing
manifest: javax/xml/validation/
Implementation-Title
javax.xml.validation
manifest: javax/xml/validation/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/validation/
Specification-Title
Java API for XML Processing
manifest: javax/xml/xpath/
Implementation-Title
javax.xml.xpath
manifest: javax/xml/xpath/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/xpath/
Specification-Title
Java API for XML Processing
manifest: org/apache/xerces/impl/Version.class
Implementation-Title
org.apache.xerces.impl.Version
manifest: org/apache/xerces/impl/Version.class
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/xerces/xni/
Implementation-Title
org.apache.xerces.xni
manifest: org/apache/xerces/xni/
Implementation-Vendor
Apache Software Foundation
manifest: org/apache/xerces/xni/
Specification-Title
Xerces Native Interface
manifest: org/w3c/dom/
Implementation-Title
org.w3c.dom
manifest: org/w3c/dom/
Implementation-Vendor
World Wide Web Consortium
manifest: org/w3c/dom/
Specification-Title
Document Object Model, Level 3 Core
manifest: org/w3c/dom/ls/
Implementation-Title
org.w3c.dom.ls
manifest: org/w3c/dom/ls/
Implementation-Vendor
World Wide Web Consortium
manifest: org/w3c/dom/ls/
Specification-Title
Document Object Model, Level 3 Load and Save
manifest: org/xml/sax/
Implementation-Title
org.xml.sax
manifest: org/xml/sax/
Implementation-Vendor
David Megginson
manifest: org/xml/sax/
Specification-Title
Simple API for XML
pom
artifactid
xercesImpl
pom
description
Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program. The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual. Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page. Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1. Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.
Description: xml-commons provides an Apache-hosted set of DOM, SAX, and
JAXP interfaces for use in other xml-based projects. Our hope is that we
can standardize on both a common version and packaging scheme for these
critical XML standards interfaces to make the lives of both our developers
and users easier. The External Components portion of xml-commons contains
interfaces that are defined by external standards organizations. For DOM,
that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for
JAXP it's Sun.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
The SAX License: http://www.saxproject.org/copying.html
The W3C License: http://www.w3.org/TR/2004/REC-DOM-Level-3-Core-20040407/java-binding.zip
File Path: C:\Users\Dad\.m2\repository\xml-apis\xml-apis\1.4.01\xml-apis-1.4.01.jar MD5: 7eaad6fea5925cca6c36ee8b3e02ac9d SHA1: 3789d9fada2d3d458c4ba2de349d48780f381ee3
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
xml-apis
central
groupid
xml-apis
central
version
1.4.01
file
name
xml-apis
file
version
1.4.01
manifest: javax/xml/datatype/
Implementation-Title
javax.xml.datatype
manifest: javax/xml/datatype/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/datatype/
Specification-Title
Java API for XML Processing (JAXP) 1.4
manifest: javax/xml/namespace/
Implementation-Title
javax.xml.namespace
manifest: javax/xml/namespace/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/namespace/
Specification-Title
Java API for XML Processing (JAXP) 1.4
manifest: javax/xml/parsers/
Implementation-Title
javax.xml.parsers
manifest: javax/xml/parsers/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/parsers/
Specification-Title
Java API for XML Processing (JAXP) 1.4
manifest: javax/xml/stream/
Implementation-Title
javax.xml.stream
manifest: javax/xml/stream/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/stream/
Specification-Title
Streaming API for XML (StAX) 1.0
manifest: javax/xml/transform/
Implementation-Title
javax.xml.transform
manifest: javax/xml/transform/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/transform/
Specification-Title
Java API for XML Processing (JAXP) 1.4
manifest: javax/xml/validation/
Implementation-Title
javax.xml.validation
manifest: javax/xml/validation/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/validation/
Specification-Title
Java API for XML Processing (JAXP) 1.4
manifest: javax/xml/xpath/
Implementation-Title
javax.xml.xpath
manifest: javax/xml/xpath/
Implementation-Vendor
Apache Software Foundation
manifest: javax/xml/xpath/
Specification-Title
Java API for XML Processing (JAXP) 1.4
manifest: org/apache/xmlcommons/Version
Implementation-Title
org.apache.xmlcommons.Version
manifest: org/apache/xmlcommons/Version
Implementation-Vendor
Apache Software Foundation
manifest: org/w3c/dom/
Implementation-Title
org.w3c.dom
manifest: org/w3c/dom/
Implementation-Vendor
World Wide Web Consortium
manifest: org/w3c/dom/
Specification-Title
Document Object Model (DOM) Level 3 Core
manifest: org/w3c/dom/ls/
Implementation-Title
org.w3c.dom.ls
manifest: org/w3c/dom/ls/
Implementation-Vendor
World Wide Web Consortium
manifest: org/w3c/dom/ls/
Specification-Title
Document Object Model (DOM) Level 3 Load and Save
manifest: org/xml/sax/
Implementation-Title
org.xml.sax
manifest: org/xml/sax/
Implementation-Vendor
David Megginson
manifest: org/xml/sax/
Specification-Title
Simple API for XML
pom
artifactid
xml-apis
pom
description
xml-commons provides an Apache-hosted set of DOM, SAX, and JAXP interfaces for use in other xml-based projects. Our hope is that we can standardize on both a common version and packaging scheme for these critical XML standards interfaces to make the lives of both our developers and users easier. The External Components portion of xml-commons contains interfaces that are defined by external standards organizations. For DOM, that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for JAXP it's Sun.
Description: xml-commons provides an Apache-hosted set of DOM, SAX, and
JAXP interfaces for use in other xml-based projects. Our hope is that we
can standardize on both a common version and packaging scheme for these
critical XML standards interfaces to make the lives of both our developers
and users easier.
File Path: C:\Users\Dad\.m2\repository\xml-resolver\xml-resolver\1.2\xml-resolver-1.2.jar MD5: 706c533146c1f4ee46b66659ea14583a SHA1: 3d0f97750b3a03e0971831566067754ba4bfd68c
Referenced In Project/Scope:
fgsms User Interface (Bootstrap):compile
Evidence
Source
Name
Value
central
artifactid
xml-resolver
central
groupid
xml-resolver
central
version
1.2
file
name
xml-resolver
file
version
1.2
manifest: org/apache/xml/resolver
Implementation-Title
org.apache.xml.resolver.Catalog
manifest: org/apache/xml/resolver
Implementation-Vendor
Apache Software Foundation
pom
artifactid
xml-resolver
pom
description
xml-commons provides an Apache-hosted set of DOM, SAX, and JAXP interfaces for use in other xml-based projects. Our hope is that we can standardize on both a common version and packaging scheme for these critical XML standards interfaces to make the lives of both our developers and users easier.