Started by GitHub push by andreapoli
Running as SYSTEM
Building in workspace /var/lib/jenkins/workspace/GovWay
[WS-CLEANUP] Clean-up disabled, skipping workspace deletion.
The recommended git tool is: NONE
No credentials specified
> /usr/bin/git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/GovWay/.git # timeout=10
Fetching changes from the remote Git repository
> /usr/bin/git config remote.origin.url https://github.com/link-it/govway.git # timeout=10
Fetching upstream changes from https://github.com/link-it/govway.git
> /usr/bin/git --version # timeout=10
> git --version # 'git version 2.23.1'
> /usr/bin/git fetch --tags --force --progress -- https://github.com/link-it/govway.git +refs/heads/*:refs/remotes/origin/* # timeout=10
> /usr/bin/git rev-parse origin/master^{commit} # timeout=10
Checking out Revision 46dace05608a4b49fa481edb04b2fc812b5bdb29 (origin/master)
> /usr/bin/git config core.sparsecheckout # timeout=10
> /usr/bin/git checkout -f 46dace05608a4b49fa481edb04b2fc812b5bdb29 # timeout=10
Commit message: "[GovWayCore] In presenza di messaggi SOAPWithAttachments, tramite una trasformazione è adesso possibile forzare la generazione del parametro 'start' nel Content-Type."
> /usr/bin/git rev-list --no-walk ceb85a1067dd0dc043efc4913fde47dd86058a51 # timeout=10
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
Run condition [Boolean condition] enabling prebuild for step [BuilderChain]
[GovWay] $ /bin/bash /tmp/jenkins6117489975198920419.sh
=============================
General Info
Workspace: /var/lib/jenkins/workspace/GovWay
Build: true
Deploy: true
Test: true
Test Integrazione: true
=============================
=============================
Environment Info
HOME: /var/lib/jenkins
ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC
MAVEN_OPTS:
SOFTHSM2_CONF: /home/ec2-user/lib/softhsm/softhsm2.conf
SONAR_SCANNER_OPTS:
=============================
=============================
Java
openjdk version "11.0.12" 2021-07-20
OpenJDK Runtime Environment 18.9 (build 11.0.12+7)
OpenJDK 64-Bit Server VM 18.9 (build 11.0.12+7, mixed mode)
=============================
=============================
Git Info
Url: https://github.com/link-it/govway.git
branch: origin/master
commit: 46dace05608a4b49fa481edb04b2fc812b5bdb29
previuos commit: ceb85a1067dd0dc043efc4913fde47dd86058a51
previuos successful commit: ceb85a1067dd0dc043efc4913fde47dd86058a51
commit message: [GovWayCore]
In presenza di messaggi SOAPWithAttachments, tramite una trasformazione è adesso possibile forzare la generazione del parametro 'start' nel Content-Type.
=============================
=============================
NODEjs Info
v18.17.1
{
npm: '9.6.7',
node: '18.17.1',
acorn: '8.8.2',
ada: '2.5.0',
ares: '1.19.1',
brotli: '1.0.9',
cldr: '43.0',
icu: '73.1',
llhttp: '6.0.11',
modules: '108',
napi: '9',
nghttp2: '1.52.0',
nghttp3: '0.7.0',
ngtcp2: '0.8.1',
openssl: '3.0.10+quic',
simdutf: '3.2.12',
tz: '2023c',
undici: '5.22.1',
unicode: '15.0',
uv: '1.44.2',
uvwasi: '0.0.18',
v8: '10.2.154.26-node.26',
zlib: '1.2.13.1-motley'
}
=============================
=============================
OWASP ZAP Info 'ZAP_2.15.0'
Associo diritti di esecuzione agli script zap ...
Associati diritti di esecuzione agli script zap
Update ...
Execute: /opt/openjdk-11.0.12_7//bin/java -classpath /opt/zaproxy/ZAP_2.15.0/*:/opt/zaproxy/ZAP_2.15.0/lib/* org.zaproxy.zap.ZAP -cmd -addonupdate -port 8280 -host 127.0.0.1
Defaulting ZAP install dir to /opt/zaproxy/ZAP_2.15.0
Add-on update check complete
Update effettuato
=============================
Fermo application server ...
�[00;31mTomcat is not running�[00m
Fermo application server effettuato
Ripulisco log application server ...
Ripulisco log application server effettuato
Predispongo dir testsuite ...
Predispongo dir testsuite ok
Ripulisco output jacoco ...
Ripulisco output jacoco effettuato
Fermo sonarqube ...
Gracefully stopping SonarQube...
Stopped SonarQube.
Fermo sonarqube effettuato
Verifico che il workspace non esista ...
Non e' stata rilevata una corretta re-inizializzazione del Workspace
[Boolean condition] checking [true] against [^(1|y|yes|t|true|on|run)$] (origin token: ${GOVWAY_BUILD})
Run condition [Boolean condition] enabling perform for step [BuilderChain]
[GovWay] $ /bin/sh -xe /tmp/jenkins2170438986142977985.sh
+ perl -pi -e s/log4bash.appender=ColorConsoleAppender/log4bash.appender=ConsoleAppender/g /var/lib/jenkins/workspace/GovWay/distrib/log4bash.properties
+ sed -i -e 's#swagger-codegen##g' /var/lib/jenkins/workspace/GovWay/mvn/dependencies/pom.xml
+ sed -i -e s#UPDATE_DOC=true#UPDATE_DOC=false#g /var/lib/jenkins/workspace/GovWay/distrib/distrib.sh
+ sed -i -e s#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver,db2#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver#g /var/lib/jenkins/workspace/GovWay/ant/setup/prepare-build.properties
[GovWay] $ /opt/apache-maven-3.6.3/bin/mvn initialize
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] govway [pom]
[INFO] dependencies [pom]
[INFO] dependencies.ant [pom]
[INFO] dependencies.antinstaller [pom]
[INFO] dependencies.axiom [pom]
[INFO] dependencies.bean-validation [pom]
[INFO] dependencies.cxf [pom]
[INFO] dependencies.commons [pom]
[INFO] dependencies.faces [pom]
[INFO] dependencies.git [pom]
[INFO] dependencies.httpcore [pom]
[INFO] dependencies.jackson [pom]
[INFO] dependencies.javax [pom]
[INFO] dependencies.jax [pom]
[INFO] dependencies.jetty [pom]
[INFO] dependencies.jminix [pom]
[INFO] dependencies.json [pom]
[INFO] dependencies.log [pom]
[INFO] dependencies.lucene [pom]
[INFO] dependencies.swagger [pom]
[INFO] dependencies.opensaml [pom]
[INFO] dependencies.pdf [pom]
[INFO] dependencies.redis [pom]
[INFO] dependencies.reports [pom]
[INFO] dependencies.saaj [pom]
[INFO] dependencies.security [pom]
[INFO] dependencies.shared [pom]
[INFO] dependencies.soapbox [pom]
[INFO] dependencies.spring [pom]
[INFO] dependencies.spring-ldap [pom]
[INFO] dependencies.spring-security [pom]
[INFO] dependencies.swagger [pom]
[INFO] dependencies.wadl [pom]
[INFO] dependencies.wss4j [pom]
[INFO] dependencies.testsuite [pom]
[INFO] dependencies.testsuite.axis14 [pom]
[INFO] dependencies.testsuite.as [pom]
[INFO] dependencies.testsuite.as.wildfly8 [pom]
[INFO] dependencies.testsuite.as.wildfly9 [pom]
[INFO] dependencies.testsuite.as.wildfly10 [pom]
[INFO] dependencies.testsuite.as.wildfly11 [pom]
[INFO] dependencies.testsuite.as.wildfly12 [pom]
[INFO] dependencies.testsuite.as.wildfly13 [pom]
[INFO] dependencies.testsuite.as.wildfly14 [pom]
[INFO] dependencies.testsuite.as.wildfly15 [pom]
[INFO] dependencies.testsuite.as.wildfly16 [pom]
[INFO] dependencies.testsuite.as.wildfly17 [pom]
[INFO] dependencies.testsuite.as.wildfly18 [pom]
[INFO] dependencies.testsuite.as.wildfly19 [pom]
[INFO] dependencies.testsuite.as.wildfly20 [pom]
[INFO] dependencies.testsuite.as.wildfly21 [pom]
[INFO] dependencies.testsuite.as.wildfly22 [pom]
[INFO] dependencies.testsuite.as.wildfly23 [pom]
[INFO] dependencies.testsuite.as.wildfly24 [pom]
[INFO] dependencies.testsuite.as.wildfly25 [pom]
[INFO] dependencies.testsuite.as.wildfly26 [pom]
[INFO] dependencies.testsuite.as.tomcat9 [pom]
[INFO] dependencies.testsuite.test [pom]
[INFO] dependencies.testsuite.staticAnalysis [pom]
[INFO] dependencies.testsuite.dynamicAnalysis [pom]
[INFO] dependencies.testsuite.coverage [pom]
[INFO] compile [pom]
[INFO] package [pom]
[INFO] testsuite.utils [pom]
[INFO] testsuite.utils.sql [pom]
[INFO] testsuite.pdd.core [pom]
[INFO] testsuite.pdd.core.sql [pom]
[INFO] static_analysis.spotbugs [pom]
[INFO] static_analysis.sonarqube [pom]
[INFO] dynamic_analysis.zap [pom]
[INFO] coverage.jacoco [pom]
[INFO]
[INFO] ------------------< org.openspcoop2:org.openspcoop2 >-------------------
[INFO] Building govway 1.0 [1/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------
[INFO] Building dependencies 1.0 [2/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >-----------------
[INFO] Building dependencies.ant 1.0 [3/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.ant ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant ---
[INFO] Copying ant-contrib-1.0b3.jar to /var/lib/jenkins/workspace/GovWay/lib/ant/ant-contrib-1.0b3.jar
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------
[INFO] Building dependencies.antinstaller 1.0 [4/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.antinstaller ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller ---
[INFO] Copying ant-installer-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-installer-0.8b.jar
[INFO] Copying xml-apis_antinstaller-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/xml-apis_antinstaller-0.8b.jar
[INFO] Copying ai-icons-eclipse_antinstaller-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ai-icons-eclipse_antinstaller-0.8b.jar
[INFO] Copying jgoodies-edited-1.2.2-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/jgoodies-edited-1.2.2-gov4j-1.jar
[INFO] Copying ant-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-1.10.11.jar
[INFO] Copying ant-apache-regexp-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-apache-regexp-1.10.11.jar
[INFO] Copying ant-launcher-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-launcher-1.10.11.jar
[INFO] Copying jakarta-regexp-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/jakarta-regexp-1.5.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >----------------
[INFO] Building dependencies.axiom 1.0 [5/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.axiom ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom ---
[INFO] Copying axiom-api-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13-gov4j-2.jar
[INFO] Copying axiom-dom-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13-gov4j-2.jar
[INFO] Copying axiom-impl-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13-gov4j-2.jar
[INFO] Copying axiom-common-impl-1.2.13.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-common-impl-1.2.13.jar
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >-----------
[INFO] Building dependencies.bean-validation 1.0 [6/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.bean-validation ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation ---
[INFO] Copying hibernate-validator-6.2.5.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/hibernate-validator-6.2.5.Final.jar
[INFO] Copying hibernate-validator-cdi-6.2.5.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/hibernate-validator-cdi-6.2.5.Final.jar
[INFO] Copying classmate-1.5.1.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/classmate-1.5.1.jar
[INFO] Copying jboss-logging-3.4.3.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/jboss-logging-3.4.3.Final.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >-----------------
[INFO] Building dependencies.cxf 1.0 [7/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.cxf ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf ---
[INFO] Copying cxf-core-3.6.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4-gov4j-1.jar
[INFO] Copying cxf-rt-rs-security-jose-3.6.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4-gov4j-1.jar
[INFO] Copying cxf-rt-bindings-soap-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-bindings-soap-3.6.4.jar
[INFO] Copying cxf-rt-databinding-jaxb-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-databinding-jaxb-3.6.4.jar
[INFO] Copying cxf-rt-features-logging-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-features-logging-3.6.4.jar
[INFO] Copying cxf-rt-frontend-jaxrs-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-jaxrs-3.6.4.jar
[INFO] Copying cxf-rt-frontend-jaxws-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-jaxws-3.6.4.jar
[INFO] Copying cxf-rt-frontend-simple-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-simple-3.6.4.jar
[INFO] Copying cxf-rt-rs-json-basic-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-json-basic-3.6.4.jar
[INFO] Copying cxf-rt-rs-security-jose-jaxrs-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-jaxrs-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-openapi-v3-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-openapi-v3-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-swagger-ui-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-swagger-ui-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-common-openapi-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-common-openapi-3.6.4.jar
[INFO] Copying cxf-rt-rs-client-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-client-3.6.4.jar
[INFO] Copying cxf-rt-security-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-security-3.6.4.jar
[INFO] Copying cxf-rt-security-saml-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-security-saml-3.6.4.jar
[INFO] Copying cxf-rt-transports-http-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-transports-http-3.6.4.jar
[INFO] Copying cxf-rt-transports-http-jetty-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-transports-http-jetty-3.6.4.jar
[INFO] Copying cxf-rt-wsdl-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-wsdl-3.6.4.jar
[INFO] Copying cxf-rt-ws-policy-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-ws-policy-3.6.4.jar
[INFO] Copying cxf-rt-ws-security-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-ws-security-3.6.4.jar
[INFO] Copying cxf-tools-common-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-common-3.6.4.jar
[INFO] Copying cxf-tools-validator-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-validator-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-core-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-core-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-databinding-jaxb-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-databinding-jaxb-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-frontend-jaxws-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-frontend-jaxws-3.6.4.jar
[INFO] Copying jakarta.ws.rs-api-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/jakarta.ws.rs-api-2.1.6.jar
[INFO] Copying stax2-api-4.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/stax2-api-4.2.2.jar
[INFO] Copying woodstox-core-6.6.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/woodstox-core-6.6.2.jar
[INFO] Copying xml-resolver-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/xml-resolver-1.2.jar
[INFO] Copying xmlschema-core-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/xmlschema-core-2.3.1.jar
[INFO] Copying asm-9.7.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/asm-9.7.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.commons >---------------
[INFO] Building dependencies.commons 1.0 [8/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.commons ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons ---
[INFO] Copying commons-beanutils-1.9.4.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-beanutils-1.9.4.jar
[INFO] Copying commons-chain-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-chain-1.2.jar
[INFO] Copying commons-cli-1.5.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-cli-1.5.0.jar
[INFO] Copying commons-codec-1.15.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-codec-1.15.jar
[INFO] Copying commons-collections-3.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-collections-3.2.2.jar
[INFO] Copying commons-collections4-4.4.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-collections4-4.4.jar
[INFO] Copying commons-compress-1.26.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-compress-1.26.0.jar
[INFO] Copying commons-csv-1.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-csv-1.9.0.jar
[INFO] Copying commons-dbcp2-2.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-dbcp2-2.9.0.jar
[INFO] Copying commons-digester-2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-digester-2.1.jar
[INFO] Copying commons-discovery-0.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-discovery-0.5.jar
[INFO] Copying commons-email-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-email-1.5.jar
[INFO] Copying commons-fileupload-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-fileupload-1.5.jar
[INFO] Copying commons-io-2.15.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-io-2.15.1.jar
[INFO] Copying commons-lang-2.6.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-lang-2.6.jar
[INFO] Copying commons-lang3-3.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-lang3-3.12.0.jar
[INFO] Copying commons-logging-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-logging-1.2.jar
[INFO] Copying commons-math3-3.6.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-math3-3.6.1.jar
[INFO] Copying commons-net-3.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-net-3.9.0.jar
[INFO] Copying commons-pool2-2.11.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-pool2-2.11.1.jar
[INFO] Copying commons-validator-1.7.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-validator-1.7.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >----------------
[INFO] Building dependencies.faces 1.0 [9/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.faces ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces ---
[INFO] Copying facelets-taglib-jsf12-spring-4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/facelets-taglib-jsf12-spring-4-gov4j-1.jar
[INFO] Copying facelets-taglib-jsf20-spring-4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/facelets-taglib-jsf20-spring-4-gov4j-1.jar
[INFO] Copying aopalliance-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/aopalliance-1.0.jar
[INFO] Copying cglib-nodep-2.2.3.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/cglib-nodep-2.2.3.jar
[INFO] Copying el-impl-2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/el-impl-2.2.jar
[INFO] Copying javax.faces-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.faces-2.4.0.jar
[INFO] Copying javax.servlet.jsp.jstl-1.2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.servlet.jsp.jstl-1.2.1.jar
[INFO] Copying javax.servlet.jsp.jstl-api-1.2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.servlet.jsp.jstl-api-1.2.1.jar
[INFO] Copying jsf-api-1.2_15-06.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-api-1.2_15-06.jar
[INFO] Copying jsf-impl-1.2_15-06.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-impl-1.2_15-06.jar
[INFO] Copying jsf-facelets-1.1.15.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-facelets-1.1.15.jar
[INFO] Copying jsr311-api-1.1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsr311-api-1.1.1.jar
[INFO] Copying richfaces-api-3.3.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-api-3.3.4.Final.jar
[INFO] Copying richfaces-impl-3.3.4.Final-gov4j-4.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-impl-3.3.4.Final-gov4j-4.jar
[INFO] Copying richfaces-impl-jsf2-3.3.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-impl-jsf2-3.3.4.Final.jar
[INFO] Copying richfaces-ui-3.3.4.Final-gov4j-4.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-ui-3.3.4.Final-gov4j-4.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.git >-----------------
[INFO] Building dependencies.git 1.0 [10/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.git ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git ---
[INFO] Copying openspcoop2_git-task-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/git/openspcoop2_git-task-1.0.jar
[INFO] Copying org.eclipse.jgit-6.7.0.202309050840-r.jar to /var/lib/jenkins/workspace/GovWay/lib/git/org.eclipse.jgit-6.7.0.202309050840-r.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >--------------
[INFO] Building dependencies.httpcore 1.0 [11/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.httpcore ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore ---
[INFO] Copying httpcore-4.4.15.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-4.4.15.jar
[INFO] Copying httpcore-nio-4.4.15.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-nio-4.4.15.jar
[INFO] Copying httpcore-ab-4.4.15-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15-gov4j-2.jar
[INFO] Copying apache-mime4j-core-0.8.10.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/apache-mime4j-core-0.8.10.jar
[INFO] Copying apache-mime4j-dom-0.8.10.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/apache-mime4j-dom-0.8.10.jar
[INFO] Copying fluent-hc-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/fluent-hc-4.5.13.jar
[INFO] Copying httpclient-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-4.5.13.jar
[INFO] Copying httpclient-cache-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-cache-4.5.13.jar
[INFO] Copying httpclient-win-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-win-4.5.13.jar
[INFO] Copying httpmime-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpmime-4.5.13.jar
[INFO] Copying httpasyncclient-4.1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpasyncclient-4.1.5.jar
[INFO] Copying httpasyncclient-cache-4.1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpasyncclient-cache-4.1.5.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >---------------
[INFO] Building dependencies.jackson 1.0 [12/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jackson ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson ---
[INFO] Copying jackson-annotations-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-annotations-2.14.2.jar
[INFO] Copying jackson-core-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-core-2.14.2.jar
[INFO] Copying jackson-databind-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-databind-2.14.2.jar
[INFO] Copying jackson-dataformat-xml-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-dataformat-xml-2.14.2.jar
[INFO] Copying jackson-dataformat-yaml-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-dataformat-yaml-2.14.2.jar
[INFO] Copying jackson-jaxrs-base-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-base-2.14.2.jar
[INFO] Copying jackson-jaxrs-json-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-json-provider-2.14.2.jar
[INFO] Copying jackson-jaxrs-xml-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-xml-provider-2.14.2.jar
[INFO] Copying jackson-jaxrs-yaml-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-yaml-provider-2.14.2.jar
[INFO] Copying jackson-module-jaxb-annotations-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-module-jaxb-annotations-2.14.2.jar
[INFO] Copying jackson-module-jsonSchema-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-module-jsonSchema-2.14.2.jar
[INFO] Copying jackson-datatype-joda-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-datatype-joda-2.14.2.jar
[INFO] Copying jackson-datatype-jsr310-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-datatype-jsr310-2.14.2.jar
[INFO] Copying jackson-coreutils-1.8.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-coreutils-1.8.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >----------------
[INFO] Building dependencies.javax 1.0 [13/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.javax ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax ---
[INFO] Copying javax.management-1.0-gov4j.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.management-1.0-gov4j.jar
[INFO] Copying javax.xml.registry-api-1.0.8.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.xml.registry-api-1.0.8.jar
[INFO] Copying jta-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/jta-1.1.jar
[INFO] Copying javax.servlet-api-4.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.servlet-api-4.0.1.jar
[INFO] Copying javax.security.jacc-api-1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.security.jacc-api-1.6.jar
[INFO] Copying javax.resource-api-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.resource-api-1.7.1.jar
[INFO] Copying persistence-api-1.0.2.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/persistence-api-1.0.2.jar
[INFO] Copying javax.jms-api-2.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.jms-api-2.0.1.jar
[INFO] Copying deployment-api-1.2-rev-1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/deployment-api-1.2-rev-1.jar
[INFO] Copying ejb-api-3.0.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/ejb-api-3.0.jar
[INFO] Copying el-api-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/el-api-1.0.jar
[INFO] Copying javax.annotation-api-1.3.2.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.annotation-api-1.3.2.jar
[INFO] Copying validation-api-2.0.1.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/validation-api-2.0.1.Final.jar
[INFO] Copying openjdk-orb-8.1.9.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/openjdk-orb-8.1.9.Final.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >-----------------
[INFO] Building dependencies.jax 1.0 [14/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jax ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax ---
[INFO] Copying jaxp-ri-1.4.5-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxp-ri-1.4.5-gov4j-1.jar
[INFO] Copying jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar
[INFO] Copying jaxws-api-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-api-2.3.1.jar
[INFO] Copying jaxb-api-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-api-2.3.1.jar
[INFO] Copying jaxb-core-2.3.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-core-2.3.0.1.jar
[INFO] Copying jaxb-impl-2.3.7.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-impl-2.3.7.jar
[INFO] Copying jaxb-xjc-2.3.7.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-xjc-2.3.7.jar
[INFO]
[INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax ---
[INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >----------------
[INFO] Building dependencies.jetty 1.0 [15/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jetty ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty ---
[INFO] Copying jetty-http-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-http-10.0.24.jar
[INFO] Copying jetty-io-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-io-10.0.24.jar
[INFO] Copying jetty-security-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-security-10.0.24.jar
[INFO] Copying jetty-server-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-server-10.0.24.jar
[INFO] Copying jetty-util-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-util-10.0.24.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >---------------
[INFO] Building dependencies.jminix 1.0 [16/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jminix ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix ---
[INFO] Copying jminix-standalone-1.2.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-standalone-1.2.0-gov4j-1.jar
[INFO] Copying jminix-1.2.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0-gov4j-1.jar
[INFO] Copying org.restlet-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet-2.4.0.jar
[INFO] Copying org.restlet.ext.servlet-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet.ext.servlet-2.4.0.jar
[INFO] Copying org.restlet.ext.velocity-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet.ext.velocity-2.4.0.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.json >----------------
[INFO] Building dependencies.json 1.0 [17/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.json ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json ---
[INFO] Copying org.everit.json.schema-1.14.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/org.everit.json.schema-1.14.1.jar
[INFO] Copying uri-template-0.9.jar to /var/lib/jenkins/workspace/GovWay/lib/json/uri-template-0.9.jar
[INFO] Copying json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar
[INFO] Copying itu-1.7.0.jar to /var/lib/jenkins/workspace/GovWay/lib/json/itu-1.7.0.jar
[INFO] Copying msg-simple-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/msg-simple-1.1.jar
[INFO] Copying libphonenumber-8.12.57.jar to /var/lib/jenkins/workspace/GovWay/lib/json/libphonenumber-8.12.57.jar
[INFO] Copying failureaccess-1.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/failureaccess-1.0.1.jar
[INFO] Copying json-smart-2.4.10.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-smart-2.4.10.jar
[INFO] Copying json-schema-core-1.2.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-core-1.2.8.jar
[INFO] Copying json-path-2.9.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0-gov4j-1.jar
[INFO] Copying json-lib-2.4-jdk15.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-lib-2.4-jdk15.jar
[INFO] Copying json-20231013.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-20231013.jar
[INFO] Copying jettison-1.5.4.jar to /var/lib/jenkins/workspace/GovWay/lib/json/jettison-1.5.4.jar
[INFO] Copying handy-uri-templates-2.1.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/handy-uri-templates-2.1.8.jar
[INFO] Copying json-schema-validator-2.2.10.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-2.2.10.jar
[INFO] Copying btf-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/json/btf-1.2.jar
[INFO] Copying accessors-smart-2.4.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/accessors-smart-2.4.8.jar
[INFO]
[INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json ---
[INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.log >-----------------
[INFO] Building dependencies.log 1.0 [18/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.log ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log ---
[INFO] Copying slf4j-api-2.0.3-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.3-gov4j-1.jar
[INFO] Copying log4j-1.2-api-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-1.2-api-2.19.0.jar
[INFO] Copying log4j-api-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-api-2.19.0.jar
[INFO] Copying log4j-core-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-core-2.19.0.jar
[INFO] Copying log4j-jcl-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-jcl-2.19.0.jar
[INFO] Copying log4j-slf4j2-impl-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-slf4j2-impl-2.19.0.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >---------------
[INFO] Building dependencies.lucene 1.0 [19/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.lucene ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene ---
[INFO] Copying lucene-codecs-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-codecs-9.12.0.jar
[INFO] Copying lucene-core-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-core-9.12.0.jar
[INFO] Copying lucene-misc-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-misc-9.12.0.jar
[INFO] Copying lucene-queries-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-queries-9.12.0.jar
[INFO] Copying lucene-suggest-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-suggest-9.12.0.jar
[INFO]
[INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >--------------
[INFO] Building dependencies.swagger 1.0 [20/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.openapi4j ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j ---
[INFO] Copying openapi-core-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7-gov4j-7.jar
[INFO] Copying openapi-parser-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7-gov4j-7.jar
[INFO] Copying openapi-schema-validator-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7-gov4j-7.jar
[INFO] Copying openapi-operation-validator-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7-gov4j-7.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >--------------
[INFO] Building dependencies.opensaml 1.0 [21/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.opensaml ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml ---
[INFO] Copying opensaml-core-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-core-3.4.6.jar
[INFO] Copying opensaml-messaging-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-messaging-api-3.4.6.jar
[INFO] Copying opensaml-messaging-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-messaging-impl-3.4.6.jar
[INFO] Copying opensaml-profile-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-profile-api-3.4.6.jar
[INFO] Copying opensaml-profile-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-profile-impl-3.4.6.jar
[INFO] Copying opensaml-saml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-saml-api-3.4.6.jar
[INFO] Copying opensaml-saml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-saml-impl-3.4.6.jar
[INFO] Copying opensaml-security-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-security-api-3.4.6.jar
[INFO] Copying opensaml-security-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-security-impl-3.4.6.jar
[INFO] Copying opensaml-soap-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-soap-api-3.4.6.jar
[INFO] Copying opensaml-soap-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-soap-impl-3.4.6.jar
[INFO] Copying opensaml-storage-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-storage-api-3.4.6.jar
[INFO] Copying opensaml-storage-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-storage-impl-3.4.6.jar
[INFO] Copying opensaml-xacml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-api-3.4.6.jar
[INFO] Copying opensaml-xacml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-impl-3.4.6.jar
[INFO] Copying opensaml-xacml-saml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-saml-api-3.4.6.jar
[INFO] Copying opensaml-xacml-saml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-saml-impl-3.4.6.jar
[INFO] Copying opensaml-xmlsec-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xmlsec-api-3.4.6.jar
[INFO] Copying opensaml-xmlsec-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xmlsec-impl-3.4.6.jar
[INFO] Copying java-support-7.5.2.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/java-support-7.5.2.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >-----------------
[INFO] Building dependencies.pdf 1.0 [22/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.pdf ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf ---
[INFO] Copying pdfbox-2.0.27.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/pdfbox-2.0.27.jar
[INFO] Copying fontbox-2.0.27.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/fontbox-2.0.27.jar
[INFO] Copying boxable-1.7.0.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/boxable-1.7.0.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >----------------
[INFO] Building dependencies.redis 1.0 [23/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.redis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis ---
[INFO] Copying redisson-3.23.5.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/redisson-3.23.5.jar
[INFO] Copying netty-resolver-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-resolver-4.1.115.Final.jar
[INFO] Copying netty-resolver-dns-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-resolver-dns-4.1.115.Final.jar
[INFO] Copying netty-common-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-common-4.1.115.Final.jar
[INFO] Copying netty-buffer-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-buffer-4.1.115.Final.jar
[INFO] Copying netty-transport-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-transport-4.1.115.Final.jar
[INFO] Copying netty-codec-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-codec-4.1.115.Final.jar
[INFO] Copying netty-codec-dns-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-codec-dns-4.1.115.Final.jar
[INFO] Copying jboss-marshalling-2.1.3.SP1.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/jboss-marshalling-2.1.3.SP1.jar
[INFO] Copying jboss-marshalling-river-2.1.3.SP1.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/jboss-marshalling-river-2.1.3.SP1.jar
[INFO] Copying objenesis-3.3.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/objenesis-3.3.jar
[INFO] Copying kryo-5.5.0.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/kryo-5.5.0.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.reports >---------------
[INFO] Building dependencies.reports 1.0 [24/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.reports ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports ---
[INFO] Copying net.tascalate.javaflow.api-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/net.tascalate.javaflow.api-2.7.3.jar
[INFO] Copying SparseBitSet-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/SparseBitSet-1.2.jar
[INFO] Copying jfreechart-1.5.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jfreechart-1.5.3.jar
[INFO] Copying poi-5.2.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/poi-5.2.3.jar
[INFO] Copying jcommon-1.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jcommon-1.0.24.jar
[INFO] Copying jasperreports-6.20.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jasperreports-6.20.0.jar
[INFO] Copying jasperreports-metadata-6.20.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jasperreports-metadata-6.20.0.jar
[INFO] Copying ecj-3.31.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/ecj-3.31.0.jar
[INFO] Copying dynamicreports-core-6.12.1.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/dynamicreports-core-6.12.1.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >----------------
[INFO] Building dependencies.saaj 1.0 [25/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.saaj ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj ---
[INFO] Copying mimepull-1.9.14.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/mimepull-1.9.14.jar
[INFO] Copying javax.xml.soap-api-1.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/javax.xml.soap-api-1.4.0.jar
[INFO] Copying saaj-impl-1.5.3-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3-gov4j-1.jar
[INFO] Copying stax-ex-1.8.3.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/stax-ex-1.8.3.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.security >--------------
[INFO] Building dependencies.security 1.0 [26/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.security ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security ---
[INFO] Copying bcpkix-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcpkix-jdk18on-1.78.1.jar
[INFO] Copying bcprov-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcprov-jdk18on-1.78.1.jar
[INFO] Copying bcutil-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcutil-jdk18on-1.78.1.jar
[INFO] Copying cryptacular-1.2.5.jar to /var/lib/jenkins/workspace/GovWay/lib/security/cryptacular-1.2.5.jar
[INFO] Copying herasaf-xacml-core-2.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/security/herasaf-xacml-core-2.0.4.jar
[INFO] Copying jasypt-1.9.3.jar to /var/lib/jenkins/workspace/GovWay/lib/security/jasypt-1.9.3.jar
[INFO] Copying neethi-3.2.0.jar to /var/lib/jenkins/workspace/GovWay/lib/security/neethi-3.2.0.jar
[INFO] Copying xmlsec-2.3.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4-gov4j-1.jar
[INFO] Copying xml-security-impl-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/security/xml-security-impl-1.0.jar
[INFO] Copying nimbus-jose-jwt-9.37.3.jar to /var/lib/jenkins/workspace/GovWay/lib/security/nimbus-jose-jwt-9.37.3.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >---------------
[INFO] Building dependencies.shared 1.0 [27/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.shared ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared ---
[INFO] Copying xmldb-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmldb-1.0.jar
[INFO] Copying reflections-0.10.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/reflections-0.10.2.jar
[INFO] Copying reactive-streams-1.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/reactive-streams-1.0.4.jar
[INFO] Copying javassist-3.29.2-GA.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/javassist-3.29.2-GA.jar
[INFO] Copying commons-jcs3-core-3.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1-gov4j-2.jar
[INFO] Copying urlrewritefilter-4.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/urlrewritefilter-4.0.4.jar
[INFO] Copying velocity-engine-core-2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-engine-core-2.4.jar
[INFO] Copying velocity-tools-generic-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-generic-3.1.jar
[INFO] Copying velocity-tools-view-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-view-3.1.jar
[INFO] Copying velocity-tools-view-jsp-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-view-jsp-3.1.jar
[INFO] Copying wsdl4j-1.6.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/wsdl4j-1.6.3.jar
[INFO] Copying xalan-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xalan-2.7.3.jar
[INFO] Copying serializer-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/serializer-2.7.3.jar
[INFO] Copying xercesImpl-2.12.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xercesImpl-2.12.2.jar
[INFO] Copying xml-apis-1.4.01.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xml-apis-1.4.01.jar
[INFO] Copying xmlunit-legacy-2.10.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlunit-legacy-2.10.0.jar
[INFO] Copying xmlunit-core-2.10.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlunit-core-2.10.0.jar
[INFO] Copying xom-1.2.11.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xom-1.2.11.jar
[INFO] Copying uddi4j-2.0.5.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/uddi4j-2.0.5.jar
[INFO] Copying mailapi-1.6.7.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/mailapi-1.6.7.jar
[INFO] Copying smtp-1.6.7.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/smtp-1.6.7.jar
[INFO] Copying Saxon-HE-11.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4-gov4j-1.jar
[INFO] Copying xmlresolver-4.4.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlresolver-4.4.3.jar
[INFO] Copying snakeyaml-1.33-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33-gov4j-1.jar
[INFO] Copying struts-core-1.3.10.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/struts-core-1.3.10.jar
[INFO] Copying com.springsource.edu.oswego.cs.dl.util.concurrent-1.3.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/com.springsource.edu.oswego.cs.dl.util.concurrent-1.3.4.jar
[INFO] Copying ezmorph-1.0.6.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/ezmorph-1.0.6.jar
[INFO] Copying freemarker-2.3.31.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/freemarker-2.3.31.jar
[INFO] Copying guava-32.1.1-jre.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/guava-32.1.1-jre.jar
[INFO] Copying java-uuid-generator-4.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/java-uuid-generator-4.0.1.jar
[INFO] Copying joda-time-2.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/joda-time-2.12.0.jar
[INFO] Copying aspectjrt-1.9.9.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/aspectjrt-1.9.9.1.jar
[INFO] Copying aspectjweaver-1.9.9.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/aspectjweaver-1.9.9.1.jar
[INFO] Copying jakarta.activation-1.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/jakarta.activation-1.2.2.jar
[INFO] Copying ehcache-3.10.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/ehcache-3.10.2.jar
[INFO] Copying rhino-1.7.14.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/rhino-1.7.14.jar
[INFO] Copying hazelcast-5.3.5.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/hazelcast-5.3.5.jar
[INFO] Copying hibernate-core-6.1.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/hibernate-core-6.1.4.Final.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >---------------
[INFO] Building dependencies.soapbox 1.0 [28/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.soapbox ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox ---
[INFO] Copying metro-webservices_xwss_com_sun_xml-2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/metro-webservices_xwss_com_sun_xml-2.2.jar
[INFO] Copying ultraesb-api-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/ultraesb-api-1.7.1.jar
[INFO] Copying ultraesb-core-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/ultraesb-core-1.7.1.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >---------------
[INFO] Building dependencies.spring 1.0 [29/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring ---
[INFO] Copying spring-aop-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-aop-5.3.39.jar
[INFO] Copying spring-aspects-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-aspects-5.3.39.jar
[INFO] Copying spring-beans-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39-gov4j-1.jar
[INFO] Copying spring-context-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39-gov4j-1.jar
[INFO] Copying spring-context-support-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39-gov4j-1.jar
[INFO] Copying spring-core-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39-gov4j-1.jar
[INFO] Copying spring-expression-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39-gov4j-1.jar
[INFO] Copying spring-orm-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-orm-5.3.39.jar
[INFO] Copying spring-tx-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-tx-5.3.39.jar
[INFO] Copying spring-web-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39-gov4j-1.jar
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >-------------
[INFO] Building dependencies.spring-ldap 1.0 [30/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring-ldap ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap ---
[INFO] Copying spring-ldap-core-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-ldap/spring-ldap-core-2.4.2.jar
[INFO] Copying spring-ldap-ldif-core-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-ldap/spring-ldap-ldif-core-2.4.2.jar
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >-----------
[INFO] Building dependencies.spring-security 1.0 [31/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring-security ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security ---
[INFO] Copying spring-security-config-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-config-5.8.15.jar
[INFO] Copying spring-security-core-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-core-5.8.15.jar
[INFO] Copying spring-security-web-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-web-5.8.15.jar
[INFO] Copying spring-security-crypto-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.15.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >---------------
[INFO] Building dependencies.swagger 1.0 [32/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.swagger ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger ---
[INFO] Copying swagger-ui-4.19.1.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-ui-4.19.1.jar
[INFO] Copying classgraph-4.8.149.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/classgraph-4.8.149.jar
[INFO] Copying swagger-annotations-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-annotations-2.2.4.jar
[INFO] Copying swagger-core-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-core-2.2.4.jar
[INFO] Copying swagger-jaxrs2-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-jaxrs2-2.2.4.jar
[INFO] Copying swagger-models-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-models-2.2.4.jar
[INFO] Copying swagger-integration-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-integration-2.2.4.jar
[INFO] Copying swagger-parser-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-2.1.6.jar
[INFO] Copying swagger-parser-core-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-core-2.1.6.jar
[INFO] Copying swagger-parser-v2-converter-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v2-converter-2.1.6.jar
[INFO] Copying swagger-parser-v3-2.1.6-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6-gov4j-1.jar
[INFO] Copying swagger-core-1.6.8.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-core-1.6.8.jar
[INFO] Copying swagger-models-1.6.8.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-models-1.6.8.jar
[INFO] Copying swagger-parser-1.0.63.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-1.0.63.jar
[INFO] Copying swagger-request-validator-core-2.30.0-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0-gov4j-2.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >----------------
[INFO] Building dependencies.wadl 1.0 [33/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.wadl ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl ---
[INFO] Copying localizer-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/localizer-1.0.jar
[INFO] Copying wadl-core-1.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/wadl-core-1.1.6.jar
[INFO] Copying wadl-xslt-1.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/wadl-xslt-1.1.6.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >----------------
[INFO] Building dependencies.wss4j 1.0 [34/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.wss4j ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j ---
[INFO] Copying wss4j-bindings-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-bindings-2.4.1.jar
[INFO] Copying wss4j-integration-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-integration-2.4.1.jar
[INFO] Copying wss4j-policy-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-policy-2.4.1.jar
[INFO] Copying wss4j-ws-security-common-2.4.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1-gov4j-2.jar
[INFO] Copying wss4j-ws-security-dom-2.4.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1-gov4j-2.jar
[INFO] Copying wss4j-ws-security-policy-stax-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-policy-stax-2.4.1.jar
[INFO] Copying wss4j-ws-security-stax-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-stax-2.4.1.jar
[INFO]
[INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >--------------
[INFO] Building dependencies.testsuite 1.0 [35/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >----------
[INFO] Building dependencies.testsuite.axis14 1.0 [36/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.axis14 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Copying axis-1.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4-gov4j-1.jar
[INFO] Copying axis-jaxrpc-1.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4-gov4j-1.jar
[INFO] Copying axis-ant-1.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-ant-1.4.jar
[INFO] Copying axis-saaj-1.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-saaj-1.4.jar
[INFO] Copying mailapi-1.5.6.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/mailapi-1.5.6.jar
[INFO] Copying neethi-2.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/neethi-2.0.4.jar
[INFO] Copying opensaml-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/opensaml-1.1.jar
[INFO] Copying wss4j-1.5.11.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/wss4j-1.5.11.jar
[INFO] Copying xmlsec-1.4.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/xmlsec-1.4.4.jar
[INFO] Copying addressing-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/addressing-1.1.jar
[INFO]
[INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >-----
[INFO] Building dependencies.testsuite.as 1.0 [37/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly8 >--
[INFO] Building dependencies.testsuite.as.wildfly8 1.0 [38/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO] Copying jboss-client-wf8.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly8/jboss-client-wf8.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >--
[INFO] Building dependencies.testsuite.as.wildfly9 1.0 [39/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO] Copying jboss-client-wf9.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly9/jboss-client-wf9.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >--
[INFO] Building dependencies.testsuite.as.wildfly10 1.0 [40/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO] Copying jboss-client-wf10.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly10/jboss-client-wf10.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >--
[INFO] Building dependencies.testsuite.as.wildfly11 1.0 [41/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO] Copying jboss-client-wf11.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly11/jboss-client-wf11.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >--
[INFO] Building dependencies.testsuite.as.wildfly12 1.0 [42/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO] Copying jboss-client-wf12.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly12/jboss-client-wf12.jar
[INFO] Copying javax.json-api-1.1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly12/javax.json-api-1.1.2.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >--
[INFO] Building dependencies.testsuite.as.wildfly13 1.0 [43/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO] Copying jboss-client-wf13.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly13/jboss-client-wf13.jar
[INFO] Copying javax.json-api-1.1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly13/javax.json-api-1.1.2.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >--
[INFO] Building dependencies.testsuite.as.wildfly14 1.0 [44/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO] Copying jboss-client-wf14.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly14/jboss-client-wf14.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >--
[INFO] Building dependencies.testsuite.as.wildfly15 1.0 [45/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO] Copying jboss-client-wf15.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly15/jboss-client-wf15.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >--
[INFO] Building dependencies.testsuite.as.wildfly16 1.0 [46/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO] Copying jboss-client-wf16.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly16/jboss-client-wf16.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >--
[INFO] Building dependencies.testsuite.as.wildfly17 1.0 [47/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO] Copying jboss-client-wf17.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly17/jboss-client-wf17.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >--
[INFO] Building dependencies.testsuite.as.wildfly18 1.0 [48/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO] Copying jboss-client-wf18.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly18/jboss-client-wf18.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >--
[INFO] Building dependencies.testsuite.as.wildfly19 1.0 [49/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO] Copying jboss-client-wf19.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly19/jboss-client-wf19.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >--
[INFO] Building dependencies.testsuite.as.wildfly20 1.0 [50/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO] Copying jboss-client-wf20.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly20/jboss-client-wf20.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >--
[INFO] Building dependencies.testsuite.as.wildfly21 1.0 [51/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO] Copying jboss-client-wf21.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly21/jboss-client-wf21.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >--
[INFO] Building dependencies.testsuite.as.wildfly22 1.0 [52/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO] Copying jboss-client-wf22.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly22/jboss-client-wf22.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >--
[INFO] Building dependencies.testsuite.as.wildfly23 1.0 [53/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO] Copying jboss-client-wf23.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly23/jboss-client-wf23.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >--
[INFO] Building dependencies.testsuite.as.wildfly24 1.0 [54/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO] Copying jboss-client-wf24.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly24/jboss-client-wf24.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >--
[INFO] Building dependencies.testsuite.as.wildfly25 1.0 [55/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO] Copying jboss-client-wf25.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly25/jboss-client-wf25.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >--
[INFO] Building dependencies.testsuite.as.wildfly26 1.0 [56/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO] Copying jboss-client-wf26.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/wildfly26/jboss-client-wf26.jar
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >--
[INFO] Building dependencies.testsuite.as.tomcat9 1.0 [57/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO] Copying tomcat-catalina-9.0.83.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9/tomcat-catalina-9.0.83.jar
[INFO] Copying tomcat-juli-9.0.83.jar to /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9/tomcat-juli-9.0.83.jar
[INFO]
[INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >-----------
[INFO] Building dependencies.testsuite.test 1.0 [58/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.test ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test ---
[INFO] Copying jcommander-1.82.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/jcommander-1.82.jar
[INFO] Copying guice-5.1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/guice-5.1.0.jar
[INFO] Copying jquery-3.6.1.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/jquery-3.6.1.jar
[INFO] Copying testng-7.8.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/testng-7.8.0.jar
[INFO] Copying junit-4.13.2.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/junit-4.13.2.jar
[INFO] Copying karate-apache-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-apache-0.9.6.jar
[INFO] Copying karate-core-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-core-0.9.6.jar
[INFO] Copying karate-junit4-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-junit4-0.9.6.jar
[INFO] Copying hamcrest-core-1.3.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/hamcrest-core-1.3.jar
[INFO] Copying picocli-4.2.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/picocli-4.2.0.jar
[INFO] Copying logback-classic-1.4.14.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/logback-classic-1.4.14.jar
[INFO] Copying logback-core-1.4.14.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/logback-core-1.4.14.jar
[INFO] Copying spring-jdbc-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/spring-jdbc-5.3.39.jar
[INFO] Copying spring-ldap-test-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/spring-ldap-test-2.4.2.jar
[INFO] Copying apacheds-all-2.0.0.AM27-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27-gov4j-1.jar
[INFO] Copying slf4j-testng-2.0.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/slf4j-testng-2.0.0.jar
[INFO]
[INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------
[INFO] Building dependencies.testsuite.staticAnalysis 1.0 [59/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Copying spotbugs-ant-4.8.6.jar to /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis/spotbugs-ant-4.8.6.jar
[INFO] Copying sonarqube-ant-task-2.7.1.1951.jar to /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis/sonarqube-ant-task-2.7.1.1951.jar
[INFO]
[INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------
[INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [60/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Copying zap-clientapi-1.11.0.jar to /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis/zap-clientapi-1.11.0.jar
[INFO]
[INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >---------
[INFO] Building dependencies.testsuite.coverage 1.0 [61/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.coverage ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage ---
[INFO] Copying org.jacoco.agent-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.agent-0.8.8.jar
[INFO] Copying org.jacoco.ant-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.ant-0.8.8.jar
[INFO] Copying org.jacoco.core-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.core-0.8.8.jar
[INFO] Copying org.jacoco.report-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.report-0.8.8.jar
[INFO] Copying asm-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-9.5.jar
[INFO] Copying asm-commons-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-commons-9.5.jar
[INFO] Copying asm-tree-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-tree-9.5.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.compile >---------------
[INFO] Building compile 1.0 [62/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.package >---------------
[INFO] Building package 1.0 [63/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >-----------
[INFO] Building testsuite.utils 1.0 [64/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >---------
[INFO] Building testsuite.utils.sql 1.0 [65/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >---------
[INFO] Building testsuite.pdd.core 1.0 [66/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >-------
[INFO] Building testsuite.pdd.core.sql 1.0 [67/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------
[INFO] Building static_analysis.spotbugs 1.0 [68/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------
[INFO] Building static_analysis.sonarqube 1.0 [69/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >--------
[INFO] Building dynamic_analysis.zap 1.0 [70/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >-----------
[INFO] Building coverage.jacoco 1.0 [71/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for govway 1.0:
[INFO]
[INFO] govway ............................................. SUCCESS [ 0.003 s]
[INFO] dependencies ....................................... SUCCESS [ 0.000 s]
[INFO] dependencies.ant ................................... SUCCESS [ 1.907 s]
[INFO] dependencies.antinstaller .......................... SUCCESS [ 0.093 s]
[INFO] dependencies.axiom ................................. SUCCESS [ 0.043 s]
[INFO] dependencies.bean-validation ....................... SUCCESS [ 0.104 s]
[INFO] dependencies.cxf ................................... SUCCESS [ 0.533 s]
[INFO] dependencies.commons ............................... SUCCESS [ 0.497 s]
[INFO] dependencies.faces ................................. SUCCESS [ 0.489 s]
[INFO] dependencies.git ................................... SUCCESS [ 0.050 s]
[INFO] dependencies.httpcore .............................. SUCCESS [ 0.195 s]
[INFO] dependencies.jackson ............................... SUCCESS [ 0.202 s]
[INFO] dependencies.javax ................................. SUCCESS [ 0.151 s]
[INFO] dependencies.jax ................................... SUCCESS [ 0.477 s]
[INFO] dependencies.jetty ................................. SUCCESS [ 0.170 s]
[INFO] dependencies.jminix ................................ SUCCESS [ 0.041 s]
[INFO] dependencies.json .................................. SUCCESS [ 0.224 s]
[INFO] dependencies.log ................................... SUCCESS [ 0.084 s]
[INFO] dependencies.lucene ................................ SUCCESS [ 0.093 s]
[INFO] dependencies.swagger ............................... SUCCESS [ 0.050 s]
[INFO] dependencies.opensaml .............................. SUCCESS [ 0.192 s]
[INFO] dependencies.pdf ................................... SUCCESS [ 0.137 s]
[INFO] dependencies.redis ................................. SUCCESS [ 0.276 s]
[INFO] dependencies.reports ............................... SUCCESS [ 0.168 s]
[INFO] dependencies.saaj .................................. SUCCESS [ 0.064 s]
[INFO] dependencies.security .............................. SUCCESS [ 0.190 s]
[INFO] dependencies.shared ................................ SUCCESS [ 0.813 s]
[INFO] dependencies.soapbox ............................... SUCCESS [ 0.076 s]
[INFO] dependencies.spring ................................ SUCCESS [ 0.104 s]
[INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.015 s]
[INFO] dependencies.spring-security ....................... SUCCESS [ 0.037 s]
[INFO] dependencies.swagger ............................... SUCCESS [ 0.213 s]
[INFO] dependencies.wadl .................................. SUCCESS [ 0.030 s]
[INFO] dependencies.wss4j ................................. SUCCESS [ 0.087 s]
[INFO] dependencies.testsuite ............................. SUCCESS [ 0.000 s]
[INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.082 s]
[INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s]
[INFO] dependencies.testsuite.as.wildfly8 ................. SUCCESS [ 0.051 s]
[INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.104 s]
[INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.101 s]
[INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.267 s]
[INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.160 s]
[INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.225 s]
[INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.294 s]
[INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.158 s]
[INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.215 s]
[INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.252 s]
[INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.191 s]
[INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.184 s]
[INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.130 s]
[INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.133 s]
[INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.170 s]
[INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.204 s]
[INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.137 s]
[INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.240 s]
[INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.242 s]
[INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.035 s]
[INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.255 s]
[INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.028 s]
[INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.016 s]
[INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.065 s]
[INFO] compile ............................................ SUCCESS [ 0.001 s]
[INFO] package ............................................ SUCCESS [ 0.000 s]
[INFO] testsuite.utils .................................... SUCCESS [ 0.001 s]
[INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s]
[INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s]
[INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s]
[INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s]
[INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s]
[INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s]
[INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 12.327 s
[INFO] Finished at: 2024-11-15T19:01:00+01:00
[INFO] ------------------------------------------------------------------------
[GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=none -Dowasp=verify -Dtestsuite=none -DnvdApiKey=f8281fbf-3d81-4e4a-9f03-ab68856b336d -Dowasp.plugin.failBuildOnAnyVulnerability=false verify
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] govway [pom]
[INFO] dependencies [pom]
[INFO] dependencies.ant [pom]
[INFO] dependencies.antinstaller [pom]
[INFO] dependencies.axiom [pom]
[INFO] dependencies.bean-validation [pom]
[INFO] dependencies.cxf [pom]
[INFO] dependencies.commons [pom]
[INFO] dependencies.faces [pom]
[INFO] dependencies.git [pom]
[INFO] dependencies.httpcore [pom]
[INFO] dependencies.jackson [pom]
[INFO] dependencies.javax [pom]
[INFO] dependencies.jax [pom]
[INFO] dependencies.jetty [pom]
[INFO] dependencies.jminix [pom]
[INFO] dependencies.json [pom]
[INFO] dependencies.log [pom]
[INFO] dependencies.lucene [pom]
[INFO] dependencies.swagger [pom]
[INFO] dependencies.opensaml [pom]
[INFO] dependencies.pdf [pom]
[INFO] dependencies.redis [pom]
[INFO] dependencies.reports [pom]
[INFO] dependencies.saaj [pom]
[INFO] dependencies.security [pom]
[INFO] dependencies.shared [pom]
[INFO] dependencies.soapbox [pom]
[INFO] dependencies.spring [pom]
[INFO] dependencies.spring-ldap [pom]
[INFO] dependencies.spring-security [pom]
[INFO] dependencies.swagger [pom]
[INFO] dependencies.wadl [pom]
[INFO] dependencies.wss4j [pom]
[INFO] dependencies.testsuite [pom]
[INFO] dependencies.testsuite.axis14 [pom]
[INFO] dependencies.testsuite.as [pom]
[INFO] dependencies.testsuite.as.wildfly8 [pom]
[INFO] dependencies.testsuite.as.wildfly9 [pom]
[INFO] dependencies.testsuite.as.wildfly10 [pom]
[INFO] dependencies.testsuite.as.wildfly11 [pom]
[INFO] dependencies.testsuite.as.wildfly12 [pom]
[INFO] dependencies.testsuite.as.wildfly13 [pom]
[INFO] dependencies.testsuite.as.wildfly14 [pom]
[INFO] dependencies.testsuite.as.wildfly15 [pom]
[INFO] dependencies.testsuite.as.wildfly16 [pom]
[INFO] dependencies.testsuite.as.wildfly17 [pom]
[INFO] dependencies.testsuite.as.wildfly18 [pom]
[INFO] dependencies.testsuite.as.wildfly19 [pom]
[INFO] dependencies.testsuite.as.wildfly20 [pom]
[INFO] dependencies.testsuite.as.wildfly21 [pom]
[INFO] dependencies.testsuite.as.wildfly22 [pom]
[INFO] dependencies.testsuite.as.wildfly23 [pom]
[INFO] dependencies.testsuite.as.wildfly24 [pom]
[INFO] dependencies.testsuite.as.wildfly25 [pom]
[INFO] dependencies.testsuite.as.wildfly26 [pom]
[INFO] dependencies.testsuite.as.tomcat9 [pom]
[INFO] dependencies.testsuite.test [pom]
[INFO] dependencies.testsuite.staticAnalysis [pom]
[INFO] dependencies.testsuite.dynamicAnalysis [pom]
[INFO] dependencies.testsuite.coverage [pom]
[INFO] compile [pom]
[INFO] package [pom]
[INFO] testsuite.utils [pom]
[INFO] testsuite.utils.sql [pom]
[INFO] testsuite.pdd.core [pom]
[INFO] testsuite.pdd.core.sql [pom]
[INFO] static_analysis.spotbugs [pom]
[INFO] static_analysis.sonarqube [pom]
[INFO] dynamic_analysis.zap [pom]
[INFO] coverage.jacoco [pom]
[INFO]
[INFO] ------------------< org.openspcoop2:org.openspcoop2 >-------------------
[INFO] Building govway 1.0 [1/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------
[INFO] Building dependencies 1.0 [2/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.dependencies ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.dependencies ---
[INFO] Checking for updates
[WARNING] NVD API request failures are occurring; retrying request for the 1 time
[INFO] NVD API has 1,219 records in this update
[INFO] Downloaded 1,219/1,219 (100%)
[INFO] Completed processing batch 1/1 (100%) in 3,033ms
[INFO] Updating CISA Known Exploited Vulnerability list: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
[INFO] Begin database defrag
[INFO] End database defrag (9947 ms)
[INFO] Check for updates complete (18755 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (3 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (3 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (3 seconds)
[INFO] Finished CPE Analyzer (10 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (15 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (3 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (38 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >-----------------
[INFO] Building dependencies.ant 1.0 [3/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.ant ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant ---
[INFO] Copying ant-contrib-1.0b3.jar to /var/lib/jenkins/workspace/GovWay/lib/ant/ant-contrib-1.0b3.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.ant ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.ant ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (73 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------
[INFO] Building dependencies.antinstaller 1.0 [4/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.antinstaller ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller ---
[INFO] Copying ant-installer-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-installer-0.8b.jar
[INFO] Copying xml-apis_antinstaller-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/xml-apis_antinstaller-0.8b.jar
[INFO] Copying ai-icons-eclipse_antinstaller-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ai-icons-eclipse_antinstaller-0.8b.jar
[INFO] Copying jgoodies-edited-1.2.2-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/jgoodies-edited-1.2.2-gov4j-1.jar
[INFO] Copying ant-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-1.10.11.jar
[INFO] Copying ant-apache-regexp-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-apache-regexp-1.10.11.jar
[INFO] Copying ant-launcher-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-launcher-1.10.11.jar
[INFO] Copying jakarta-regexp-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/jakarta-regexp-1.5.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.antinstaller ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.antinstaller ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (99 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (2 seconds)
[INFO] Finished CPE Analyzer (3 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (3 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >----------------
[INFO] Building dependencies.axiom 1.0 [5/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.axiom ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom ---
[INFO] Copying axiom-api-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13-gov4j-2.jar
[INFO] Copying axiom-dom-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13-gov4j-2.jar
[INFO] Copying axiom-impl-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13-gov4j-2.jar
[INFO] Copying axiom-common-impl-1.2.13.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-common-impl-1.2.13.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.axiom ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.axiom ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (111 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >-----------
[INFO] Building dependencies.bean-validation 1.0 [6/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.bean-validation ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation ---
[INFO] Copying hibernate-validator-6.2.5.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/hibernate-validator-6.2.5.Final.jar
[INFO] Copying hibernate-validator-cdi-6.2.5.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/hibernate-validator-cdi-6.2.5.Final.jar
[INFO] Copying classmate-1.5.1.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/classmate-1.5.1.jar
[INFO] Copying jboss-logging-3.4.3.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/jboss-logging-3.4.3.Final.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.bean-validation ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.bean-validation ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (69 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >-----------------
[INFO] Building dependencies.cxf 1.0 [7/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.cxf ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf ---
[INFO] Copying cxf-core-3.6.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4-gov4j-1.jar
[INFO] Copying cxf-rt-rs-security-jose-3.6.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4-gov4j-1.jar
[INFO] Copying cxf-rt-bindings-soap-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-bindings-soap-3.6.4.jar
[INFO] Copying cxf-rt-databinding-jaxb-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-databinding-jaxb-3.6.4.jar
[INFO] Copying cxf-rt-features-logging-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-features-logging-3.6.4.jar
[INFO] Copying cxf-rt-frontend-jaxrs-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-jaxrs-3.6.4.jar
[INFO] Copying cxf-rt-frontend-jaxws-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-jaxws-3.6.4.jar
[INFO] Copying cxf-rt-frontend-simple-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-simple-3.6.4.jar
[INFO] Copying cxf-rt-rs-json-basic-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-json-basic-3.6.4.jar
[INFO] Copying cxf-rt-rs-security-jose-jaxrs-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-jaxrs-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-openapi-v3-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-openapi-v3-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-swagger-ui-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-swagger-ui-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-common-openapi-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-common-openapi-3.6.4.jar
[INFO] Copying cxf-rt-rs-client-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-client-3.6.4.jar
[INFO] Copying cxf-rt-security-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-security-3.6.4.jar
[INFO] Copying cxf-rt-security-saml-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-security-saml-3.6.4.jar
[INFO] Copying cxf-rt-transports-http-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-transports-http-3.6.4.jar
[INFO] Copying cxf-rt-transports-http-jetty-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-transports-http-jetty-3.6.4.jar
[INFO] Copying cxf-rt-wsdl-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-wsdl-3.6.4.jar
[INFO] Copying cxf-rt-ws-policy-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-ws-policy-3.6.4.jar
[INFO] Copying cxf-rt-ws-security-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-ws-security-3.6.4.jar
[INFO] Copying cxf-tools-common-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-common-3.6.4.jar
[INFO] Copying cxf-tools-validator-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-validator-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-core-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-core-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-databinding-jaxb-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-databinding-jaxb-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-frontend-jaxws-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-frontend-jaxws-3.6.4.jar
[INFO] Copying jakarta.ws.rs-api-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/jakarta.ws.rs-api-2.1.6.jar
[INFO] Copying stax2-api-4.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/stax2-api-4.2.2.jar
[INFO] Copying woodstox-core-6.6.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/woodstox-core-6.6.2.jar
[INFO] Copying xml-resolver-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/xml-resolver-1.2.jar
[INFO] Copying xmlschema-core-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/xmlschema-core-2.3.1.jar
[INFO] Copying asm-9.7.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/asm-9.7.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.cxf ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.cxf ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (67 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (2 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.commons >---------------
[INFO] Building dependencies.commons 1.0 [8/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.commons ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons ---
[INFO] Copying commons-beanutils-1.9.4.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-beanutils-1.9.4.jar
[INFO] Copying commons-chain-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-chain-1.2.jar
[INFO] Copying commons-cli-1.5.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-cli-1.5.0.jar
[INFO] Copying commons-codec-1.15.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-codec-1.15.jar
[INFO] Copying commons-collections-3.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-collections-3.2.2.jar
[INFO] Copying commons-collections4-4.4.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-collections4-4.4.jar
[INFO] Copying commons-compress-1.26.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-compress-1.26.0.jar
[INFO] Copying commons-csv-1.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-csv-1.9.0.jar
[INFO] Copying commons-dbcp2-2.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-dbcp2-2.9.0.jar
[INFO] Copying commons-digester-2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-digester-2.1.jar
[INFO] Copying commons-discovery-0.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-discovery-0.5.jar
[INFO] Copying commons-email-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-email-1.5.jar
[INFO] Copying commons-fileupload-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-fileupload-1.5.jar
[INFO] Copying commons-io-2.15.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-io-2.15.1.jar
[INFO] Copying commons-lang-2.6.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-lang-2.6.jar
[INFO] Copying commons-lang3-3.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-lang3-3.12.0.jar
[INFO] Copying commons-logging-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-logging-1.2.jar
[INFO] Copying commons-math3-3.6.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-math3-3.6.1.jar
[INFO] Copying commons-net-3.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-net-3.9.0.jar
[INFO] Copying commons-pool2-2.11.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-pool2-2.11.1.jar
[INFO] Copying commons-validator-1.7.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-validator-1.7.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.commons ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.commons ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (188 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (2 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >----------------
[INFO] Building dependencies.faces 1.0 [9/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.faces ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces ---
[INFO] Copying facelets-taglib-jsf12-spring-4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/facelets-taglib-jsf12-spring-4-gov4j-1.jar
[INFO] Copying facelets-taglib-jsf20-spring-4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/facelets-taglib-jsf20-spring-4-gov4j-1.jar
[INFO] Copying aopalliance-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/aopalliance-1.0.jar
[INFO] Copying cglib-nodep-2.2.3.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/cglib-nodep-2.2.3.jar
[INFO] Copying el-impl-2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/el-impl-2.2.jar
[INFO] Copying javax.faces-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.faces-2.4.0.jar
[INFO] Copying javax.servlet.jsp.jstl-1.2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.servlet.jsp.jstl-1.2.1.jar
[INFO] Copying javax.servlet.jsp.jstl-api-1.2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.servlet.jsp.jstl-api-1.2.1.jar
[INFO] Copying jsf-api-1.2_15-06.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-api-1.2_15-06.jar
[INFO] Copying jsf-impl-1.2_15-06.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-impl-1.2_15-06.jar
[INFO] Copying jsf-facelets-1.1.15.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-facelets-1.1.15.jar
[INFO] Copying jsr311-api-1.1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsr311-api-1.1.1.jar
[INFO] Copying richfaces-api-3.3.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-api-3.3.4.Final.jar
[INFO] Copying richfaces-impl-3.3.4.Final-gov4j-4.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-impl-3.3.4.Final-gov4j-4.jar
[INFO] Copying richfaces-impl-jsf2-3.3.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-impl-jsf2-3.3.4.Final.jar
[INFO] Copying richfaces-ui-3.3.4.Final-gov4j-4.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-ui-3.3.4.Final-gov4j-4.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.faces ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.faces ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (89 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (7 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (10 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.git >-----------------
[INFO] Building dependencies.git 1.0 [10/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.git ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git ---
[INFO] Copying openspcoop2_git-task-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/git/openspcoop2_git-task-1.0.jar
[INFO] Copying org.eclipse.jgit-6.7.0.202309050840-r.jar to /var/lib/jenkins/workspace/GovWay/lib/git/org.eclipse.jgit-6.7.0.202309050840-r.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.git ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.git ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (74 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (0 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >--------------
[INFO] Building dependencies.httpcore 1.0 [11/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.httpcore ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore ---
[INFO] Copying httpcore-4.4.15.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-4.4.15.jar
[INFO] Copying httpcore-nio-4.4.15.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-nio-4.4.15.jar
[INFO] Copying httpcore-ab-4.4.15-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15-gov4j-2.jar
[INFO] Copying apache-mime4j-core-0.8.10.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/apache-mime4j-core-0.8.10.jar
[INFO] Copying apache-mime4j-dom-0.8.10.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/apache-mime4j-dom-0.8.10.jar
[INFO] Copying fluent-hc-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/fluent-hc-4.5.13.jar
[INFO] Copying httpclient-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-4.5.13.jar
[INFO] Copying httpclient-cache-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-cache-4.5.13.jar
[INFO] Copying httpclient-win-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-win-4.5.13.jar
[INFO] Copying httpmime-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpmime-4.5.13.jar
[INFO] Copying httpasyncclient-4.1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpasyncclient-4.1.5.jar
[INFO] Copying httpasyncclient-cache-4.1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpasyncclient-cache-4.1.5.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.httpcore ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.httpcore ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (74 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >---------------
[INFO] Building dependencies.jackson 1.0 [12/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jackson ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson ---
[INFO] Copying jackson-annotations-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-annotations-2.14.2.jar
[INFO] Copying jackson-core-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-core-2.14.2.jar
[INFO] Copying jackson-databind-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-databind-2.14.2.jar
[INFO] Copying jackson-dataformat-xml-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-dataformat-xml-2.14.2.jar
[INFO] Copying jackson-dataformat-yaml-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-dataformat-yaml-2.14.2.jar
[INFO] Copying jackson-jaxrs-base-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-base-2.14.2.jar
[INFO] Copying jackson-jaxrs-json-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-json-provider-2.14.2.jar
[INFO] Copying jackson-jaxrs-xml-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-xml-provider-2.14.2.jar
[INFO] Copying jackson-jaxrs-yaml-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-yaml-provider-2.14.2.jar
[INFO] Copying jackson-module-jaxb-annotations-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-module-jaxb-annotations-2.14.2.jar
[INFO] Copying jackson-module-jsonSchema-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-module-jsonSchema-2.14.2.jar
[INFO] Copying jackson-datatype-joda-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-datatype-joda-2.14.2.jar
[INFO] Copying jackson-datatype-jsr310-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-datatype-jsr310-2.14.2.jar
[INFO] Copying jackson-coreutils-1.8.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-coreutils-1.8.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.jackson ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.jackson ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (71 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >----------------
[INFO] Building dependencies.javax 1.0 [13/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.javax ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax ---
[INFO] Copying javax.management-1.0-gov4j.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.management-1.0-gov4j.jar
[INFO] Copying javax.xml.registry-api-1.0.8.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.xml.registry-api-1.0.8.jar
[INFO] Copying jta-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/jta-1.1.jar
[INFO] Copying javax.servlet-api-4.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.servlet-api-4.0.1.jar
[INFO] Copying javax.security.jacc-api-1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.security.jacc-api-1.6.jar
[INFO] Copying javax.resource-api-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.resource-api-1.7.1.jar
[INFO] Copying persistence-api-1.0.2.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/persistence-api-1.0.2.jar
[INFO] Copying javax.jms-api-2.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.jms-api-2.0.1.jar
[INFO] Copying deployment-api-1.2-rev-1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/deployment-api-1.2-rev-1.jar
[INFO] Copying ejb-api-3.0.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/ejb-api-3.0.jar
[INFO] Copying el-api-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/el-api-1.0.jar
[INFO] Copying javax.annotation-api-1.3.2.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.annotation-api-1.3.2.jar
[INFO] Copying validation-api-2.0.1.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/validation-api-2.0.1.Final.jar
[INFO] Copying openjdk-orb-8.1.9.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/openjdk-orb-8.1.9.Final.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.javax ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.javax ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (72 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >-----------------
[INFO] Building dependencies.jax 1.0 [14/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jax ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax ---
[INFO] Copying jaxp-ri-1.4.5-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxp-ri-1.4.5-gov4j-1.jar
[INFO] Copying jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar
[INFO] Copying jaxws-api-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-api-2.3.1.jar
[INFO] Copying jaxb-api-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-api-2.3.1.jar
[INFO] Copying jaxb-core-2.3.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-core-2.3.0.1.jar
[INFO] Copying jaxb-impl-2.3.7.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-impl-2.3.7.jar
[INFO] Copying jaxb-xjc-2.3.7.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-xjc-2.3.7.jar
[INFO]
[INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax ---
[INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.jax ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.jax ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (73 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >----------------
[INFO] Building dependencies.jetty 1.0 [15/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jetty ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty ---
[INFO] Copying jetty-http-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-http-10.0.24.jar
[INFO] Copying jetty-io-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-io-10.0.24.jar
[INFO] Copying jetty-security-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-security-10.0.24.jar
[INFO] Copying jetty-server-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-server-10.0.24.jar
[INFO] Copying jetty-util-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-util-10.0.24.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.jetty ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.jetty ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (74 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >---------------
[INFO] Building dependencies.jminix 1.0 [16/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jminix ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix ---
[INFO] Copying jminix-standalone-1.2.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-standalone-1.2.0-gov4j-1.jar
[INFO] Copying jminix-1.2.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0-gov4j-1.jar
[INFO] Copying org.restlet-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet-2.4.0.jar
[INFO] Copying org.restlet.ext.servlet-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet.ext.servlet-2.4.0.jar
[INFO] Copying org.restlet.ext.velocity-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet.ext.velocity-2.4.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.jminix ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.jminix ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (68 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (1 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (2 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.json >----------------
[INFO] Building dependencies.json 1.0 [17/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.json ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json ---
[INFO] Copying org.everit.json.schema-1.14.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/org.everit.json.schema-1.14.1.jar
[INFO] Copying uri-template-0.9.jar to /var/lib/jenkins/workspace/GovWay/lib/json/uri-template-0.9.jar
[INFO] Copying json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar
[INFO] Copying itu-1.7.0.jar to /var/lib/jenkins/workspace/GovWay/lib/json/itu-1.7.0.jar
[INFO] Copying msg-simple-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/msg-simple-1.1.jar
[INFO] Copying libphonenumber-8.12.57.jar to /var/lib/jenkins/workspace/GovWay/lib/json/libphonenumber-8.12.57.jar
[INFO] Copying failureaccess-1.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/failureaccess-1.0.1.jar
[INFO] Copying json-smart-2.4.10.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-smart-2.4.10.jar
[INFO] Copying json-schema-core-1.2.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-core-1.2.8.jar
[INFO] Copying json-path-2.9.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0-gov4j-1.jar
[INFO] Copying json-lib-2.4-jdk15.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-lib-2.4-jdk15.jar
[INFO] Copying json-20231013.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-20231013.jar
[INFO] Copying jettison-1.5.4.jar to /var/lib/jenkins/workspace/GovWay/lib/json/jettison-1.5.4.jar
[INFO] Copying handy-uri-templates-2.1.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/handy-uri-templates-2.1.8.jar
[INFO] Copying json-schema-validator-2.2.10.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-2.2.10.jar
[INFO] Copying btf-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/json/btf-1.2.jar
[INFO] Copying accessors-smart-2.4.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/accessors-smart-2.4.8.jar
[INFO]
[INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json ---
[INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.json ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.json ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (79 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.log >-----------------
[INFO] Building dependencies.log 1.0 [18/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.log ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log ---
[INFO] Copying slf4j-api-2.0.3-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.3-gov4j-1.jar
[INFO] Copying log4j-1.2-api-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-1.2-api-2.19.0.jar
[INFO] Copying log4j-api-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-api-2.19.0.jar
[INFO] Copying log4j-core-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-core-2.19.0.jar
[INFO] Copying log4j-jcl-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-jcl-2.19.0.jar
[INFO] Copying log4j-slf4j2-impl-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-slf4j2-impl-2.19.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.log ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.log ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (72 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >---------------
[INFO] Building dependencies.lucene 1.0 [19/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.lucene ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene ---
[INFO] Copying lucene-codecs-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-codecs-9.12.0.jar
[INFO] Copying lucene-core-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-core-9.12.0.jar
[INFO] Copying lucene-misc-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-misc-9.12.0.jar
[INFO] Copying lucene-queries-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-queries-9.12.0.jar
[INFO] Copying lucene-suggest-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-suggest-9.12.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.lucene ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.lucene ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (88 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >--------------
[INFO] Building dependencies.swagger 1.0 [20/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.openapi4j ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j ---
[INFO] Copying openapi-core-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7-gov4j-7.jar
[INFO] Copying openapi-parser-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7-gov4j-7.jar
[INFO] Copying openapi-schema-validator-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7-gov4j-7.jar
[INFO] Copying openapi-operation-validator-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7-gov4j-7.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.openapi4j ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.openapi4j ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (85 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >--------------
[INFO] Building dependencies.opensaml 1.0 [21/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.opensaml ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml ---
[INFO] Copying opensaml-core-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-core-3.4.6.jar
[INFO] Copying opensaml-messaging-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-messaging-api-3.4.6.jar
[INFO] Copying opensaml-messaging-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-messaging-impl-3.4.6.jar
[INFO] Copying opensaml-profile-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-profile-api-3.4.6.jar
[INFO] Copying opensaml-profile-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-profile-impl-3.4.6.jar
[INFO] Copying opensaml-saml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-saml-api-3.4.6.jar
[INFO] Copying opensaml-saml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-saml-impl-3.4.6.jar
[INFO] Copying opensaml-security-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-security-api-3.4.6.jar
[INFO] Copying opensaml-security-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-security-impl-3.4.6.jar
[INFO] Copying opensaml-soap-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-soap-api-3.4.6.jar
[INFO] Copying opensaml-soap-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-soap-impl-3.4.6.jar
[INFO] Copying opensaml-storage-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-storage-api-3.4.6.jar
[INFO] Copying opensaml-storage-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-storage-impl-3.4.6.jar
[INFO] Copying opensaml-xacml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-api-3.4.6.jar
[INFO] Copying opensaml-xacml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-impl-3.4.6.jar
[INFO] Copying opensaml-xacml-saml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-saml-api-3.4.6.jar
[INFO] Copying opensaml-xacml-saml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-saml-impl-3.4.6.jar
[INFO] Copying opensaml-xmlsec-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xmlsec-api-3.4.6.jar
[INFO] Copying opensaml-xmlsec-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xmlsec-impl-3.4.6.jar
[INFO] Copying java-support-7.5.2.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/java-support-7.5.2.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.opensaml ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.opensaml ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (108 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >-----------------
[INFO] Building dependencies.pdf 1.0 [22/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.pdf ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf ---
[INFO] Copying pdfbox-2.0.27.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/pdfbox-2.0.27.jar
[INFO] Copying fontbox-2.0.27.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/fontbox-2.0.27.jar
[INFO] Copying boxable-1.7.0.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/boxable-1.7.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.pdf ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.pdf ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (73 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >----------------
[INFO] Building dependencies.redis 1.0 [23/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.redis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis ---
[INFO] Copying redisson-3.23.5.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/redisson-3.23.5.jar
[INFO] Copying netty-resolver-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-resolver-4.1.115.Final.jar
[INFO] Copying netty-resolver-dns-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-resolver-dns-4.1.115.Final.jar
[INFO] Copying netty-common-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-common-4.1.115.Final.jar
[INFO] Copying netty-buffer-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-buffer-4.1.115.Final.jar
[INFO] Copying netty-transport-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-transport-4.1.115.Final.jar
[INFO] Copying netty-codec-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-codec-4.1.115.Final.jar
[INFO] Copying netty-codec-dns-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-codec-dns-4.1.115.Final.jar
[INFO] Copying jboss-marshalling-2.1.3.SP1.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/jboss-marshalling-2.1.3.SP1.jar
[INFO] Copying jboss-marshalling-river-2.1.3.SP1.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/jboss-marshalling-river-2.1.3.SP1.jar
[INFO] Copying objenesis-3.3.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/objenesis-3.3.jar
[INFO] Copying kryo-5.5.0.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/kryo-5.5.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.redis ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.redis ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (68 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.reports >---------------
[INFO] Building dependencies.reports 1.0 [24/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.reports ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports ---
[INFO] Copying net.tascalate.javaflow.api-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/net.tascalate.javaflow.api-2.7.3.jar
[INFO] Copying SparseBitSet-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/SparseBitSet-1.2.jar
[INFO] Copying jfreechart-1.5.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jfreechart-1.5.3.jar
[INFO] Copying poi-5.2.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/poi-5.2.3.jar
[INFO] Copying jcommon-1.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jcommon-1.0.24.jar
[INFO] Copying jasperreports-6.20.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jasperreports-6.20.0.jar
[INFO] Copying jasperreports-metadata-6.20.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jasperreports-metadata-6.20.0.jar
[INFO] Copying ecj-3.31.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/ecj-3.31.0.jar
[INFO] Copying dynamicreports-core-6.12.1.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/dynamicreports-core-6.12.1.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.reports ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.reports ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (67 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (2 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >----------------
[INFO] Building dependencies.saaj 1.0 [25/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.saaj ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj ---
[INFO] Copying mimepull-1.9.14.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/mimepull-1.9.14.jar
[INFO] Copying javax.xml.soap-api-1.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/javax.xml.soap-api-1.4.0.jar
[INFO] Copying saaj-impl-1.5.3-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3-gov4j-1.jar
[INFO] Copying stax-ex-1.8.3.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/stax-ex-1.8.3.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.saaj ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.saaj ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (71 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.security >--------------
[INFO] Building dependencies.security 1.0 [26/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.security ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security ---
[INFO] Copying bcpkix-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcpkix-jdk18on-1.78.1.jar
[INFO] Copying bcprov-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcprov-jdk18on-1.78.1.jar
[INFO] Copying bcutil-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcutil-jdk18on-1.78.1.jar
[INFO] Copying cryptacular-1.2.5.jar to /var/lib/jenkins/workspace/GovWay/lib/security/cryptacular-1.2.5.jar
[INFO] Copying herasaf-xacml-core-2.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/security/herasaf-xacml-core-2.0.4.jar
[INFO] Copying jasypt-1.9.3.jar to /var/lib/jenkins/workspace/GovWay/lib/security/jasypt-1.9.3.jar
[INFO] Copying neethi-3.2.0.jar to /var/lib/jenkins/workspace/GovWay/lib/security/neethi-3.2.0.jar
[INFO] Copying xmlsec-2.3.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4-gov4j-1.jar
[INFO] Copying xml-security-impl-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/security/xml-security-impl-1.0.jar
[INFO] Copying nimbus-jose-jwt-9.37.3.jar to /var/lib/jenkins/workspace/GovWay/lib/security/nimbus-jose-jwt-9.37.3.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.security ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.security ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (68 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >---------------
[INFO] Building dependencies.shared 1.0 [27/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.shared ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared ---
[INFO] Copying xmldb-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmldb-1.0.jar
[INFO] Copying reflections-0.10.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/reflections-0.10.2.jar
[INFO] Copying reactive-streams-1.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/reactive-streams-1.0.4.jar
[INFO] Copying javassist-3.29.2-GA.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/javassist-3.29.2-GA.jar
[INFO] Copying commons-jcs3-core-3.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1-gov4j-2.jar
[INFO] Copying urlrewritefilter-4.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/urlrewritefilter-4.0.4.jar
[INFO] Copying velocity-engine-core-2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-engine-core-2.4.jar
[INFO] Copying velocity-tools-generic-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-generic-3.1.jar
[INFO] Copying velocity-tools-view-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-view-3.1.jar
[INFO] Copying velocity-tools-view-jsp-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-view-jsp-3.1.jar
[INFO] Copying wsdl4j-1.6.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/wsdl4j-1.6.3.jar
[INFO] Copying xalan-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xalan-2.7.3.jar
[INFO] Copying serializer-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/serializer-2.7.3.jar
[INFO] Copying xercesImpl-2.12.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xercesImpl-2.12.2.jar
[INFO] Copying xml-apis-1.4.01.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xml-apis-1.4.01.jar
[INFO] Copying xmlunit-legacy-2.10.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlunit-legacy-2.10.0.jar
[INFO] Copying xmlunit-core-2.10.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlunit-core-2.10.0.jar
[INFO] Copying xom-1.2.11.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xom-1.2.11.jar
[INFO] Copying uddi4j-2.0.5.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/uddi4j-2.0.5.jar
[INFO] Copying mailapi-1.6.7.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/mailapi-1.6.7.jar
[INFO] Copying smtp-1.6.7.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/smtp-1.6.7.jar
[INFO] Copying Saxon-HE-11.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4-gov4j-1.jar
[INFO] Copying xmlresolver-4.4.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlresolver-4.4.3.jar
[INFO] Copying snakeyaml-1.33-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33-gov4j-1.jar
[INFO] Copying struts-core-1.3.10.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/struts-core-1.3.10.jar
[INFO] Copying com.springsource.edu.oswego.cs.dl.util.concurrent-1.3.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/com.springsource.edu.oswego.cs.dl.util.concurrent-1.3.4.jar
[INFO] Copying ezmorph-1.0.6.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/ezmorph-1.0.6.jar
[INFO] Copying freemarker-2.3.31.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/freemarker-2.3.31.jar
[INFO] Copying guava-32.1.1-jre.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/guava-32.1.1-jre.jar
[INFO] Copying java-uuid-generator-4.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/java-uuid-generator-4.0.1.jar
[INFO] Copying joda-time-2.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/joda-time-2.12.0.jar
[INFO] Copying aspectjrt-1.9.9.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/aspectjrt-1.9.9.1.jar
[INFO] Copying aspectjweaver-1.9.9.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/aspectjweaver-1.9.9.1.jar
[INFO] Copying jakarta.activation-1.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/jakarta.activation-1.2.2.jar
[INFO] Copying ehcache-3.10.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/ehcache-3.10.2.jar
[INFO] Copying rhino-1.7.14.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/rhino-1.7.14.jar
[INFO] Copying hazelcast-5.3.5.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/hazelcast-5.3.5.jar
[INFO] Copying hibernate-core-6.1.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/hibernate-core-6.1.4.Final.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.shared ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.shared ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (73 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (0 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (3 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >---------------
[INFO] Building dependencies.soapbox 1.0 [28/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.soapbox ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox ---
[INFO] Copying metro-webservices_xwss_com_sun_xml-2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/metro-webservices_xwss_com_sun_xml-2.2.jar
[INFO] Copying ultraesb-api-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/ultraesb-api-1.7.1.jar
[INFO] Copying ultraesb-core-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/ultraesb-core-1.7.1.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.soapbox ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.soapbox ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (74 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >---------------
[INFO] Building dependencies.spring 1.0 [29/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring ---
[INFO] Copying spring-aop-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-aop-5.3.39.jar
[INFO] Copying spring-aspects-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-aspects-5.3.39.jar
[INFO] Copying spring-beans-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39-gov4j-1.jar
[INFO] Copying spring-context-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39-gov4j-1.jar
[INFO] Copying spring-context-support-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39-gov4j-1.jar
[INFO] Copying spring-core-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39-gov4j-1.jar
[INFO] Copying spring-expression-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39-gov4j-1.jar
[INFO] Copying spring-orm-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-orm-5.3.39.jar
[INFO] Copying spring-tx-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-tx-5.3.39.jar
[INFO] Copying spring-web-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39-gov4j-1.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.spring ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.spring ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (70 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >-------------
[INFO] Building dependencies.spring-ldap 1.0 [30/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring-ldap ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap ---
[INFO] Copying spring-ldap-core-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-ldap/spring-ldap-core-2.4.2.jar
[INFO] Copying spring-ldap-ldif-core-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-ldap/spring-ldap-ldif-core-2.4.2.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.spring-ldap ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.spring-ldap ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (80 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >-----------
[INFO] Building dependencies.spring-security 1.0 [31/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring-security ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security ---
[INFO] Copying spring-security-config-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-config-5.8.15.jar
[INFO] Copying spring-security-core-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-core-5.8.15.jar
[INFO] Copying spring-security-web-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-web-5.8.15.jar
[INFO] Copying spring-security-crypto-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.15.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.spring-security ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.spring-security ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (71 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >---------------
[INFO] Building dependencies.swagger 1.0 [32/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.swagger ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger ---
[INFO] Copying swagger-ui-4.19.1.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-ui-4.19.1.jar
[INFO] Copying classgraph-4.8.149.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/classgraph-4.8.149.jar
[INFO] Copying swagger-annotations-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-annotations-2.2.4.jar
[INFO] Copying swagger-core-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-core-2.2.4.jar
[INFO] Copying swagger-jaxrs2-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-jaxrs2-2.2.4.jar
[INFO] Copying swagger-models-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-models-2.2.4.jar
[INFO] Copying swagger-integration-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-integration-2.2.4.jar
[INFO] Copying swagger-parser-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-2.1.6.jar
[INFO] Copying swagger-parser-core-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-core-2.1.6.jar
[INFO] Copying swagger-parser-v2-converter-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v2-converter-2.1.6.jar
[INFO] Copying swagger-parser-v3-2.1.6-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6-gov4j-1.jar
[INFO] Copying swagger-core-1.6.8.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-core-1.6.8.jar
[INFO] Copying swagger-models-1.6.8.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-models-1.6.8.jar
[INFO] Copying swagger-parser-1.0.63.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-1.0.63.jar
[INFO] Copying swagger-request-validator-core-2.30.0-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0-gov4j-2.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.swagger ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.swagger ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (73 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished RetireJS Analyzer (8 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (10 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >----------------
[INFO] Building dependencies.wadl 1.0 [33/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.wadl ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl ---
[INFO] Copying localizer-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/localizer-1.0.jar
[INFO] Copying wadl-core-1.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/wadl-core-1.1.6.jar
[INFO] Copying wadl-xslt-1.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/wadl-xslt-1.1.6.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.wadl ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.wadl ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (75 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >----------------
[INFO] Building dependencies.wss4j 1.0 [34/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.wss4j ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j ---
[INFO] Copying wss4j-bindings-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-bindings-2.4.1.jar
[INFO] Copying wss4j-integration-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-integration-2.4.1.jar
[INFO] Copying wss4j-policy-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-policy-2.4.1.jar
[INFO] Copying wss4j-ws-security-common-2.4.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1-gov4j-2.jar
[INFO] Copying wss4j-ws-security-dom-2.4.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1-gov4j-2.jar
[INFO] Copying wss4j-ws-security-policy-stax-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-policy-stax-2.4.1.jar
[INFO] Copying wss4j-ws-security-stax-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-stax-2.4.1.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.wss4j ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.wss4j ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (69 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished Archive Analyzer (0 seconds)
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Jar Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service.
## Recommendation
Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting).
The following template can be used to demonstrate the vulnerability:
```{{#with "constructor"}}
{{#with split as |a|}}
{{pop (push "alert('Vulnerable Handlebars JS');")}}
{{#with (concat (lookup join (slice 0 1)))}}
{{#each (slice 2 3)}}
{{#with (apply 0 a)}}
{{.}}
{{/with}}
{{/each}}
{{/with}}
{{/with}}
{{/with}}```
## Recommendation
Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-35116, regex=false, caseSensitive=false},}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}}
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >--------------
[INFO] Building dependencies.testsuite 1.0 [35/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (77 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >----------
[INFO] Building dependencies.testsuite.axis14 1.0 [36/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Copying axis-1.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4-gov4j-1.jar
[INFO] Copying axis-jaxrpc-1.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4-gov4j-1.jar
[INFO] Copying axis-ant-1.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-ant-1.4.jar
[INFO] Copying axis-saaj-1.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-saaj-1.4.jar
[INFO] Copying mailapi-1.5.6.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/mailapi-1.5.6.jar
[INFO] Copying neethi-2.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/neethi-2.0.4.jar
[INFO] Copying opensaml-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/opensaml-1.1.jar
[INFO] Copying wss4j-1.5.11.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/wss4j-1.5.11.jar
[INFO] Copying xmlsec-1.4.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/xmlsec-1.4.4.jar
[INFO] Copying addressing-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/addressing-1.1.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (77 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >-----
[INFO] Building dependencies.testsuite.as 1.0 [37/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (67 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly8 >--
[INFO] Building dependencies.testsuite.as.wildfly8 1.0 [38/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO] org.wildfly:jboss-client:jar:wf8 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (71 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >--
[INFO] Building dependencies.testsuite.as.wildfly9 1.0 [39/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO] org.wildfly:jboss-client:jar:wf9 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (180 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >--
[INFO] Building dependencies.testsuite.as.wildfly10 1.0 [40/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO] org.wildfly:jboss-client:jar:wf10 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (82 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >--
[INFO] Building dependencies.testsuite.as.wildfly11 1.0 [41/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO] org.wildfly:jboss-client:jar:wf11 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (70 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >--
[INFO] Building dependencies.testsuite.as.wildfly12 1.0 [42/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO] org.wildfly:jboss-client:jar:wf12 already exists in destination.
[INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (68 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >--
[INFO] Building dependencies.testsuite.as.wildfly13 1.0 [43/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO] org.wildfly:jboss-client:jar:wf13 already exists in destination.
[INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (68 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >--
[INFO] Building dependencies.testsuite.as.wildfly14 1.0 [44/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO] org.wildfly:jboss-client:jar:wf14 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (71 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >--
[INFO] Building dependencies.testsuite.as.wildfly15 1.0 [45/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO] org.wildfly:jboss-client:jar:wf15 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (73 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >--
[INFO] Building dependencies.testsuite.as.wildfly16 1.0 [46/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO] org.wildfly:jboss-client:jar:wf16 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (71 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >--
[INFO] Building dependencies.testsuite.as.wildfly17 1.0 [47/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO] org.wildfly:jboss-client:jar:wf17 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (68 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (0 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >--
[INFO] Building dependencies.testsuite.as.wildfly18 1.0 [48/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO] org.wildfly:jboss-client:jar:wf18 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (145 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >--
[INFO] Building dependencies.testsuite.as.wildfly19 1.0 [49/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO] org.wildfly:jboss-client:jar:wf19 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (67 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >--
[INFO] Building dependencies.testsuite.as.wildfly20 1.0 [50/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO] org.wildfly:jboss-client:jar:wf20 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (67 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >--
[INFO] Building dependencies.testsuite.as.wildfly21 1.0 [51/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO] org.wildfly:jboss-client:jar:wf21 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (84 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >--
[INFO] Building dependencies.testsuite.as.wildfly22 1.0 [52/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO] org.wildfly:jboss-client:jar:wf22 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (65 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (0 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >--
[INFO] Building dependencies.testsuite.as.wildfly23 1.0 [53/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO] org.wildfly:jboss-client:jar:wf23 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (77 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >--
[INFO] Building dependencies.testsuite.as.wildfly24 1.0 [54/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO] org.wildfly:jboss-client:jar:wf24 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (80 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >--
[INFO] Building dependencies.testsuite.as.wildfly25 1.0 [55/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO] org.wildfly:jboss-client:jar:wf25 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (69 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >--
[INFO] Building dependencies.testsuite.as.wildfly26 1.0 [56/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO] org.wildfly:jboss-client:jar:wf26 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (65 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >--
[INFO] Building dependencies.testsuite.as.tomcat9 1.0 [57/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO] org.apache.tomcat:tomcat-catalina:jar:9.0.83 already exists in destination.
[INFO] org.apache.tomcat:tomcat-juli:jar:9.0.83 already exists in destination.
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (76 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >-----------
[INFO] Building dependencies.testsuite.test 1.0 [58/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.test ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test ---
[INFO] Copying jcommander-1.82.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/jcommander-1.82.jar
[INFO] Copying guice-5.1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/guice-5.1.0.jar
[INFO] Copying jquery-3.6.1.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/jquery-3.6.1.jar
[INFO] Copying testng-7.8.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/testng-7.8.0.jar
[INFO] Copying junit-4.13.2.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/junit-4.13.2.jar
[INFO] Copying karate-apache-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-apache-0.9.6.jar
[INFO] Copying karate-core-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-core-0.9.6.jar
[INFO] Copying karate-junit4-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-junit4-0.9.6.jar
[INFO] Copying hamcrest-core-1.3.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/hamcrest-core-1.3.jar
[INFO] Copying picocli-4.2.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/picocli-4.2.0.jar
[INFO] Copying logback-classic-1.4.14.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/logback-classic-1.4.14.jar
[INFO] Copying logback-core-1.4.14.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/logback-core-1.4.14.jar
[INFO] Copying spring-jdbc-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/spring-jdbc-5.3.39.jar
[INFO] Copying spring-ldap-test-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/spring-ldap-test-2.4.2.jar
[INFO] Copying apacheds-all-2.0.0.AM27-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27-gov4j-1.jar
[INFO] Copying slf4j-testng-2.0.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/slf4j-testng-2.0.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.test ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.test ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (101 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------
[INFO] Building dependencies.testsuite.staticAnalysis 1.0 [59/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Copying spotbugs-ant-4.8.6.jar to /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis/spotbugs-ant-4.8.6.jar
[INFO] Copying sonarqube-ant-task-2.7.1.1951.jar to /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis/sonarqube-ant-task-2.7.1.1951.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (64 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------
[INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [60/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Copying zap-clientapi-1.11.0.jar to /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis/zap-clientapi-1.11.0.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (82 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >---------
[INFO] Building dependencies.testsuite.coverage 1.0 [61/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.coverage ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage ---
[INFO] Copying org.jacoco.agent-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.agent-0.8.8.jar
[INFO] Copying org.jacoco.ant-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.ant-0.8.8.jar
[INFO] Copying org.jacoco.core-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.core-0.8.8.jar
[INFO] Copying org.jacoco.report-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.report-0.8.8.jar
[INFO] Copying asm-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-9.5.jar
[INFO] Copying asm-commons-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-commons-9.5.jar
[INFO] Copying asm-tree-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-tree-9.5.jar
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (sleep-for-a-while) @ org.openspcoop2.testsuite.coverage ---
[INFO] Executing tasks
main:
[INFO] Executed tasks
[INFO]
[INFO] --- dependency-check-maven:11.0.0:aggregate (check owasp) @ org.openspcoop2.testsuite.coverage ---
[INFO] Checking for updates
[INFO] Skipping the NVD API Update as it was completed within the last 240 minutes
[INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours.
[INFO] Check for updates complete (70 ms)
[INFO]
Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
About ODC: https://jeremylong.github.io/DependencyCheck/general/internals.html
False Positives: https://jeremylong.github.io/DependencyCheck/general/suppression.html
💖 Sponsor: https://github.com/sponsors/jeremylong
[INFO] Analysis Started
[INFO] Finished File Name Analyzer (0 seconds)
[INFO] Finished Dependency Merging Analyzer (0 seconds)
[INFO] Finished Hint Analyzer (0 seconds)
[INFO] Finished Version Filter Analyzer (0 seconds)
[INFO] Created CPE Index (1 seconds)
[INFO] Finished CPE Analyzer (1 seconds)
[INFO] Finished False Positive Analyzer (0 seconds)
[INFO] Finished NVD CVE Analyzer (0 seconds)
[INFO] Finished Sonatype OSS Index Analyzer (0 seconds)
[INFO] Finished Vulnerability Suppression Analyzer (0 seconds)
[INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds)
[INFO] Finished Dependency Bundling Analyzer (0 seconds)
[INFO] Finished Unused Suppression Rule Analyzer (0 seconds)
[INFO] Analysis Complete (1 seconds)
[INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml
[INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html
[INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json
[INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv
[INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif
[INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html
[INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml
[INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.compile >---------------
[INFO] Building compile 1.0 [62/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.package >---------------
[INFO] Building package 1.0 [63/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >-----------
[INFO] Building testsuite.utils 1.0 [64/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >---------
[INFO] Building testsuite.utils.sql 1.0 [65/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >---------
[INFO] Building testsuite.pdd.core 1.0 [66/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >-------
[INFO] Building testsuite.pdd.core.sql 1.0 [67/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------
[INFO] Building static_analysis.spotbugs 1.0 [68/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------
[INFO] Building static_analysis.sonarqube 1.0 [69/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >--------
[INFO] Building dynamic_analysis.zap 1.0 [70/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >-----------
[INFO] Building coverage.jacoco 1.0 [71/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for govway 1.0:
[INFO]
[INFO] govway ............................................. SUCCESS [ 0.006 s]
[INFO] dependencies ....................................... SUCCESS [01:14 min]
[INFO] dependencies.ant ................................... SUCCESS [ 8.075 s]
[INFO] dependencies.antinstaller .......................... SUCCESS [ 9.203 s]
[INFO] dependencies.axiom ................................. SUCCESS [ 7.279 s]
[INFO] dependencies.bean-validation ....................... SUCCESS [ 7.281 s]
[INFO] dependencies.cxf ................................... SUCCESS [ 7.993 s]
[INFO] dependencies.commons ............................... SUCCESS [ 8.134 s]
[INFO] dependencies.faces ................................. SUCCESS [ 16.718 s]
[INFO] dependencies.git ................................... SUCCESS [ 6.824 s]
[INFO] dependencies.httpcore .............................. SUCCESS [ 6.990 s]
[INFO] dependencies.jackson ............................... SUCCESS [ 7.234 s]
[INFO] dependencies.javax ................................. SUCCESS [ 7.439 s]
[INFO] dependencies.jax ................................... SUCCESS [ 7.476 s]
[INFO] dependencies.jetty ................................. SUCCESS [ 6.558 s]
[INFO] dependencies.jminix ................................ SUCCESS [ 7.844 s]
[INFO] dependencies.json .................................. SUCCESS [ 7.008 s]
[INFO] dependencies.log ................................... SUCCESS [ 7.216 s]
[INFO] dependencies.lucene ................................ SUCCESS [ 6.953 s]
[INFO] dependencies.swagger ............................... SUCCESS [ 7.182 s]
[INFO] dependencies.opensaml .............................. SUCCESS [ 7.337 s]
[INFO] dependencies.pdf ................................... SUCCESS [ 6.865 s]
[INFO] dependencies.redis ................................. SUCCESS [ 7.032 s]
[INFO] dependencies.reports ............................... SUCCESS [ 7.467 s]
[INFO] dependencies.saaj .................................. SUCCESS [ 6.891 s]
[INFO] dependencies.security .............................. SUCCESS [ 7.368 s]
[INFO] dependencies.shared ................................ SUCCESS [ 8.738 s]
[INFO] dependencies.soapbox ............................... SUCCESS [ 7.136 s]
[INFO] dependencies.spring ................................ SUCCESS [ 7.175 s]
[INFO] dependencies.spring-ldap ........................... SUCCESS [ 6.851 s]
[INFO] dependencies.spring-security ....................... SUCCESS [ 7.011 s]
[INFO] dependencies.swagger ............................... SUCCESS [ 15.789 s]
[INFO] dependencies.wadl .................................. SUCCESS [ 6.801 s]
[INFO] dependencies.wss4j ................................. SUCCESS [ 7.031 s]
[INFO] dependencies.testsuite ............................. SUCCESS [ 6.864 s]
[INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 6.780 s]
[INFO] dependencies.testsuite.as .......................... SUCCESS [ 6.582 s]
[INFO] dependencies.testsuite.as.wildfly8 ................. SUCCESS [ 6.906 s]
[INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 7.148 s]
[INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 7.234 s]
[INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 6.628 s]
[INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 7.059 s]
[INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 6.734 s]
[INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 6.955 s]
[INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 6.663 s]
[INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 6.462 s]
[INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 6.550 s]
[INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 6.818 s]
[INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 6.692 s]
[INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 6.828 s]
[INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 6.623 s]
[INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 6.438 s]
[INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 6.795 s]
[INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 6.732 s]
[INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 6.778 s]
[INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 6.706 s]
[INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 6.679 s]
[INFO] dependencies.testsuite.test ........................ SUCCESS [ 6.581 s]
[INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 6.486 s]
[INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 6.827 s]
[INFO] dependencies.testsuite.coverage .................... SUCCESS [ 6.513 s]
[INFO] compile ............................................ SUCCESS [ 0.000 s]
[INFO] package ............................................ SUCCESS [ 0.000 s]
[INFO] testsuite.utils .................................... SUCCESS [ 0.001 s]
[INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s]
[INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s]
[INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s]
[INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s]
[INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s]
[INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s]
[INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 08:30 min
[INFO] Finished at: 2024-11-15T19:09:32+01:00
[INFO] ------------------------------------------------------------------------
[GovWay] $ /bin/bash /tmp/jenkins15968603169448312070.sh
Pubblicazione risultati dependency check ...
cp: cannot create directory ‘/opt/apache-tomcat-9.0.91/webapps/dependency-check/result’: No such file or directory
Pubblicazione risultati dependency check effettuata
Pubblicazione installer su risultati testsuite ...
Pubblicazione installer su risultati testsuite effettuata
[GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=compile -Dowasp=none -Dtestsuite=none compile
[INFO] Scanning for projects...
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] govway [pom]
[INFO] dependencies [pom]
[INFO] dependencies.ant [pom]
[INFO] dependencies.antinstaller [pom]
[INFO] dependencies.axiom [pom]
[INFO] dependencies.bean-validation [pom]
[INFO] dependencies.cxf [pom]
[INFO] dependencies.commons [pom]
[INFO] dependencies.faces [pom]
[INFO] dependencies.git [pom]
[INFO] dependencies.httpcore [pom]
[INFO] dependencies.jackson [pom]
[INFO] dependencies.javax [pom]
[INFO] dependencies.jax [pom]
[INFO] dependencies.jetty [pom]
[INFO] dependencies.jminix [pom]
[INFO] dependencies.json [pom]
[INFO] dependencies.log [pom]
[INFO] dependencies.lucene [pom]
[INFO] dependencies.swagger [pom]
[INFO] dependencies.opensaml [pom]
[INFO] dependencies.pdf [pom]
[INFO] dependencies.redis [pom]
[INFO] dependencies.reports [pom]
[INFO] dependencies.saaj [pom]
[INFO] dependencies.security [pom]
[INFO] dependencies.shared [pom]
[INFO] dependencies.soapbox [pom]
[INFO] dependencies.spring [pom]
[INFO] dependencies.spring-ldap [pom]
[INFO] dependencies.spring-security [pom]
[INFO] dependencies.swagger [pom]
[INFO] dependencies.wadl [pom]
[INFO] dependencies.wss4j [pom]
[INFO] dependencies.testsuite [pom]
[INFO] dependencies.testsuite.axis14 [pom]
[INFO] dependencies.testsuite.as [pom]
[INFO] dependencies.testsuite.as.wildfly8 [pom]
[INFO] dependencies.testsuite.as.wildfly9 [pom]
[INFO] dependencies.testsuite.as.wildfly10 [pom]
[INFO] dependencies.testsuite.as.wildfly11 [pom]
[INFO] dependencies.testsuite.as.wildfly12 [pom]
[INFO] dependencies.testsuite.as.wildfly13 [pom]
[INFO] dependencies.testsuite.as.wildfly14 [pom]
[INFO] dependencies.testsuite.as.wildfly15 [pom]
[INFO] dependencies.testsuite.as.wildfly16 [pom]
[INFO] dependencies.testsuite.as.wildfly17 [pom]
[INFO] dependencies.testsuite.as.wildfly18 [pom]
[INFO] dependencies.testsuite.as.wildfly19 [pom]
[INFO] dependencies.testsuite.as.wildfly20 [pom]
[INFO] dependencies.testsuite.as.wildfly21 [pom]
[INFO] dependencies.testsuite.as.wildfly22 [pom]
[INFO] dependencies.testsuite.as.wildfly23 [pom]
[INFO] dependencies.testsuite.as.wildfly24 [pom]
[INFO] dependencies.testsuite.as.wildfly25 [pom]
[INFO] dependencies.testsuite.as.wildfly26 [pom]
[INFO] dependencies.testsuite.as.tomcat9 [pom]
[INFO] dependencies.testsuite.test [pom]
[INFO] dependencies.testsuite.staticAnalysis [pom]
[INFO] dependencies.testsuite.dynamicAnalysis [pom]
[INFO] dependencies.testsuite.coverage [pom]
[INFO] compile [pom]
[INFO] package [pom]
[INFO] testsuite.utils [pom]
[INFO] testsuite.utils.sql [pom]
[INFO] testsuite.pdd.core [pom]
[INFO] testsuite.pdd.core.sql [pom]
[INFO] static_analysis.spotbugs [pom]
[INFO] static_analysis.sonarqube [pom]
[INFO] dynamic_analysis.zap [pom]
[INFO] coverage.jacoco [pom]
[INFO]
[INFO] ------------------< org.openspcoop2:org.openspcoop2 >-------------------
[INFO] Building govway 1.0 [1/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------
[INFO] Building dependencies 1.0 [2/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >-----------------
[INFO] Building dependencies.ant 1.0 [3/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.ant ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant ---
[INFO] Copying ant-contrib-1.0b3.jar to /var/lib/jenkins/workspace/GovWay/lib/ant/ant-contrib-1.0b3.jar
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------
[INFO] Building dependencies.antinstaller 1.0 [4/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.antinstaller ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller ---
[INFO] Copying ant-installer-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-installer-0.8b.jar
[INFO] Copying xml-apis_antinstaller-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/xml-apis_antinstaller-0.8b.jar
[INFO] Copying ai-icons-eclipse_antinstaller-0.8b.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ai-icons-eclipse_antinstaller-0.8b.jar
[INFO] Copying jgoodies-edited-1.2.2-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/jgoodies-edited-1.2.2-gov4j-1.jar
[INFO] Copying ant-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-1.10.11.jar
[INFO] Copying ant-apache-regexp-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-apache-regexp-1.10.11.jar
[INFO] Copying ant-launcher-1.10.11.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/ant-launcher-1.10.11.jar
[INFO] Copying jakarta-regexp-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/antinstaller/jakarta-regexp-1.5.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >----------------
[INFO] Building dependencies.axiom 1.0 [5/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.axiom ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom ---
[INFO] Copying axiom-api-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13-gov4j-2.jar
[INFO] Copying axiom-dom-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13-gov4j-2.jar
[INFO] Copying axiom-impl-1.2.13-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13-gov4j-2.jar
[INFO] Copying axiom-common-impl-1.2.13.jar to /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-common-impl-1.2.13.jar
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >-----------
[INFO] Building dependencies.bean-validation 1.0 [6/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.bean-validation ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation ---
[INFO] Copying hibernate-validator-6.2.5.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/hibernate-validator-6.2.5.Final.jar
[INFO] Copying hibernate-validator-cdi-6.2.5.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/hibernate-validator-cdi-6.2.5.Final.jar
[INFO] Copying classmate-1.5.1.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/classmate-1.5.1.jar
[INFO] Copying jboss-logging-3.4.3.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/bean-validation/jboss-logging-3.4.3.Final.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >-----------------
[INFO] Building dependencies.cxf 1.0 [7/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.cxf ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf ---
[INFO] Copying cxf-core-3.6.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.4-gov4j-1.jar
[INFO] Copying cxf-rt-rs-security-jose-3.6.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.4-gov4j-1.jar
[INFO] Copying cxf-rt-bindings-soap-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-bindings-soap-3.6.4.jar
[INFO] Copying cxf-rt-databinding-jaxb-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-databinding-jaxb-3.6.4.jar
[INFO] Copying cxf-rt-features-logging-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-features-logging-3.6.4.jar
[INFO] Copying cxf-rt-frontend-jaxrs-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-jaxrs-3.6.4.jar
[INFO] Copying cxf-rt-frontend-jaxws-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-jaxws-3.6.4.jar
[INFO] Copying cxf-rt-frontend-simple-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-frontend-simple-3.6.4.jar
[INFO] Copying cxf-rt-rs-json-basic-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-json-basic-3.6.4.jar
[INFO] Copying cxf-rt-rs-security-jose-jaxrs-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-jaxrs-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-openapi-v3-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-openapi-v3-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-swagger-ui-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-swagger-ui-3.6.4.jar
[INFO] Copying cxf-rt-rs-service-description-common-openapi-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-service-description-common-openapi-3.6.4.jar
[INFO] Copying cxf-rt-rs-client-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-client-3.6.4.jar
[INFO] Copying cxf-rt-security-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-security-3.6.4.jar
[INFO] Copying cxf-rt-security-saml-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-security-saml-3.6.4.jar
[INFO] Copying cxf-rt-transports-http-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-transports-http-3.6.4.jar
[INFO] Copying cxf-rt-transports-http-jetty-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-transports-http-jetty-3.6.4.jar
[INFO] Copying cxf-rt-wsdl-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-wsdl-3.6.4.jar
[INFO] Copying cxf-rt-ws-policy-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-ws-policy-3.6.4.jar
[INFO] Copying cxf-rt-ws-security-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-ws-security-3.6.4.jar
[INFO] Copying cxf-tools-common-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-common-3.6.4.jar
[INFO] Copying cxf-tools-validator-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-validator-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-core-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-core-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-databinding-jaxb-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-databinding-jaxb-3.6.4.jar
[INFO] Copying cxf-tools-wsdlto-frontend-jaxws-3.6.4.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-tools-wsdlto-frontend-jaxws-3.6.4.jar
[INFO] Copying jakarta.ws.rs-api-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/jakarta.ws.rs-api-2.1.6.jar
[INFO] Copying stax2-api-4.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/stax2-api-4.2.2.jar
[INFO] Copying woodstox-core-6.6.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/woodstox-core-6.6.2.jar
[INFO] Copying xml-resolver-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/xml-resolver-1.2.jar
[INFO] Copying xmlschema-core-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/xmlschema-core-2.3.1.jar
[INFO] Copying asm-9.7.jar to /var/lib/jenkins/workspace/GovWay/lib/cxf/asm-9.7.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.commons >---------------
[INFO] Building dependencies.commons 1.0 [8/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.commons ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons ---
[INFO] Copying commons-beanutils-1.9.4.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-beanutils-1.9.4.jar
[INFO] Copying commons-chain-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-chain-1.2.jar
[INFO] Copying commons-cli-1.5.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-cli-1.5.0.jar
[INFO] Copying commons-codec-1.15.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-codec-1.15.jar
[INFO] Copying commons-collections-3.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-collections-3.2.2.jar
[INFO] Copying commons-collections4-4.4.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-collections4-4.4.jar
[INFO] Copying commons-compress-1.26.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-compress-1.26.0.jar
[INFO] Copying commons-csv-1.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-csv-1.9.0.jar
[INFO] Copying commons-dbcp2-2.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-dbcp2-2.9.0.jar
[INFO] Copying commons-digester-2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-digester-2.1.jar
[INFO] Copying commons-discovery-0.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-discovery-0.5.jar
[INFO] Copying commons-email-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-email-1.5.jar
[INFO] Copying commons-fileupload-1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-fileupload-1.5.jar
[INFO] Copying commons-io-2.15.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-io-2.15.1.jar
[INFO] Copying commons-lang-2.6.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-lang-2.6.jar
[INFO] Copying commons-lang3-3.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-lang3-3.12.0.jar
[INFO] Copying commons-logging-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-logging-1.2.jar
[INFO] Copying commons-math3-3.6.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-math3-3.6.1.jar
[INFO] Copying commons-net-3.9.0.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-net-3.9.0.jar
[INFO] Copying commons-pool2-2.11.1.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-pool2-2.11.1.jar
[INFO] Copying commons-validator-1.7.jar to /var/lib/jenkins/workspace/GovWay/lib/commons/commons-validator-1.7.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >----------------
[INFO] Building dependencies.faces 1.0 [9/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.faces ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces ---
[INFO] Copying facelets-taglib-jsf12-spring-4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/facelets-taglib-jsf12-spring-4-gov4j-1.jar
[INFO] Copying facelets-taglib-jsf20-spring-4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/facelets-taglib-jsf20-spring-4-gov4j-1.jar
[INFO] Copying aopalliance-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/aopalliance-1.0.jar
[INFO] Copying cglib-nodep-2.2.3.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/cglib-nodep-2.2.3.jar
[INFO] Copying el-impl-2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/el-impl-2.2.jar
[INFO] Copying javax.faces-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.faces-2.4.0.jar
[INFO] Copying javax.servlet.jsp.jstl-1.2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.servlet.jsp.jstl-1.2.1.jar
[INFO] Copying javax.servlet.jsp.jstl-api-1.2.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/javax.servlet.jsp.jstl-api-1.2.1.jar
[INFO] Copying jsf-api-1.2_15-06.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-api-1.2_15-06.jar
[INFO] Copying jsf-impl-1.2_15-06.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-impl-1.2_15-06.jar
[INFO] Copying jsf-facelets-1.1.15.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsf-facelets-1.1.15.jar
[INFO] Copying jsr311-api-1.1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/jsr311-api-1.1.1.jar
[INFO] Copying richfaces-api-3.3.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-api-3.3.4.Final.jar
[INFO] Copying richfaces-impl-3.3.4.Final-gov4j-4.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-impl-3.3.4.Final-gov4j-4.jar
[INFO] Copying richfaces-impl-jsf2-3.3.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-impl-jsf2-3.3.4.Final.jar
[INFO] Copying richfaces-ui-3.3.4.Final-gov4j-4.jar to /var/lib/jenkins/workspace/GovWay/lib/faces/richfaces-ui-3.3.4.Final-gov4j-4.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.git >-----------------
[INFO] Building dependencies.git 1.0 [10/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.git ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git ---
[INFO] Copying openspcoop2_git-task-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/git/openspcoop2_git-task-1.0.jar
[INFO] Copying org.eclipse.jgit-6.7.0.202309050840-r.jar to /var/lib/jenkins/workspace/GovWay/lib/git/org.eclipse.jgit-6.7.0.202309050840-r.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >--------------
[INFO] Building dependencies.httpcore 1.0 [11/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.httpcore ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore ---
[INFO] Copying httpcore-4.4.15.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-4.4.15.jar
[INFO] Copying httpcore-nio-4.4.15.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-nio-4.4.15.jar
[INFO] Copying httpcore-ab-4.4.15-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15-gov4j-2.jar
[INFO] Copying apache-mime4j-core-0.8.10.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/apache-mime4j-core-0.8.10.jar
[INFO] Copying apache-mime4j-dom-0.8.10.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/apache-mime4j-dom-0.8.10.jar
[INFO] Copying fluent-hc-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/fluent-hc-4.5.13.jar
[INFO] Copying httpclient-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-4.5.13.jar
[INFO] Copying httpclient-cache-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-cache-4.5.13.jar
[INFO] Copying httpclient-win-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpclient-win-4.5.13.jar
[INFO] Copying httpmime-4.5.13.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpmime-4.5.13.jar
[INFO] Copying httpasyncclient-4.1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpasyncclient-4.1.5.jar
[INFO] Copying httpasyncclient-cache-4.1.5.jar to /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpasyncclient-cache-4.1.5.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >---------------
[INFO] Building dependencies.jackson 1.0 [12/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jackson ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson ---
[INFO] Copying jackson-annotations-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-annotations-2.14.2.jar
[INFO] Copying jackson-core-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-core-2.14.2.jar
[INFO] Copying jackson-databind-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-databind-2.14.2.jar
[INFO] Copying jackson-dataformat-xml-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-dataformat-xml-2.14.2.jar
[INFO] Copying jackson-dataformat-yaml-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-dataformat-yaml-2.14.2.jar
[INFO] Copying jackson-jaxrs-base-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-base-2.14.2.jar
[INFO] Copying jackson-jaxrs-json-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-json-provider-2.14.2.jar
[INFO] Copying jackson-jaxrs-xml-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-xml-provider-2.14.2.jar
[INFO] Copying jackson-jaxrs-yaml-provider-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-jaxrs-yaml-provider-2.14.2.jar
[INFO] Copying jackson-module-jaxb-annotations-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-module-jaxb-annotations-2.14.2.jar
[INFO] Copying jackson-module-jsonSchema-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-module-jsonSchema-2.14.2.jar
[INFO] Copying jackson-datatype-joda-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-datatype-joda-2.14.2.jar
[INFO] Copying jackson-datatype-jsr310-2.14.2.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-datatype-jsr310-2.14.2.jar
[INFO] Copying jackson-coreutils-1.8.jar to /var/lib/jenkins/workspace/GovWay/lib/jackson/jackson-coreutils-1.8.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >----------------
[INFO] Building dependencies.javax 1.0 [13/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.javax ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax ---
[INFO] Copying javax.management-1.0-gov4j.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.management-1.0-gov4j.jar
[INFO] Copying javax.xml.registry-api-1.0.8.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.xml.registry-api-1.0.8.jar
[INFO] Copying jta-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/jta-1.1.jar
[INFO] Copying javax.servlet-api-4.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.servlet-api-4.0.1.jar
[INFO] Copying javax.security.jacc-api-1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.security.jacc-api-1.6.jar
[INFO] Copying javax.resource-api-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.resource-api-1.7.1.jar
[INFO] Copying persistence-api-1.0.2.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/persistence-api-1.0.2.jar
[INFO] Copying javax.jms-api-2.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.jms-api-2.0.1.jar
[INFO] Copying deployment-api-1.2-rev-1.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/deployment-api-1.2-rev-1.jar
[INFO] Copying ejb-api-3.0.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/ejb-api-3.0.jar
[INFO] Copying el-api-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/el-api-1.0.jar
[INFO] Copying javax.annotation-api-1.3.2.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/javax.annotation-api-1.3.2.jar
[INFO] Copying validation-api-2.0.1.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/validation-api-2.0.1.Final.jar
[INFO] Copying openjdk-orb-8.1.9.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/javax/openjdk-orb-8.1.9.Final.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >-----------------
[INFO] Building dependencies.jax 1.0 [14/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jax ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax ---
[INFO] Copying jaxp-ri-1.4.5-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxp-ri-1.4.5-gov4j-1.jar
[INFO] Copying jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar
[INFO] Copying jaxws-api-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-api-2.3.1.jar
[INFO] Copying jaxb-api-2.3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-api-2.3.1.jar
[INFO] Copying jaxb-core-2.3.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-core-2.3.0.1.jar
[INFO] Copying jaxb-impl-2.3.7.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-impl-2.3.7.jar
[INFO] Copying jaxb-xjc-2.3.7.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxb-xjc-2.3.7.jar
[INFO]
[INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax ---
[INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >----------------
[INFO] Building dependencies.jetty 1.0 [15/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jetty ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty ---
[INFO] Copying jetty-http-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-http-10.0.24.jar
[INFO] Copying jetty-io-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-io-10.0.24.jar
[INFO] Copying jetty-security-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-security-10.0.24.jar
[INFO] Copying jetty-server-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-server-10.0.24.jar
[INFO] Copying jetty-util-10.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/jetty/jetty-util-10.0.24.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >---------------
[INFO] Building dependencies.jminix 1.0 [16/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.jminix ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix ---
[INFO] Copying jminix-standalone-1.2.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-standalone-1.2.0-gov4j-1.jar
[INFO] Copying jminix-1.2.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0-gov4j-1.jar
[INFO] Copying org.restlet-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet-2.4.0.jar
[INFO] Copying org.restlet.ext.servlet-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet.ext.servlet-2.4.0.jar
[INFO] Copying org.restlet.ext.velocity-2.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/jminix/org.restlet.ext.velocity-2.4.0.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.json >----------------
[INFO] Building dependencies.json 1.0 [17/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.json ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json ---
[INFO] Copying org.everit.json.schema-1.14.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/org.everit.json.schema-1.14.1.jar
[INFO] Copying uri-template-0.9.jar to /var/lib/jenkins/workspace/GovWay/lib/json/uri-template-0.9.jar
[INFO] Copying json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar
[INFO] Copying itu-1.7.0.jar to /var/lib/jenkins/workspace/GovWay/lib/json/itu-1.7.0.jar
[INFO] Copying msg-simple-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/msg-simple-1.1.jar
[INFO] Copying libphonenumber-8.12.57.jar to /var/lib/jenkins/workspace/GovWay/lib/json/libphonenumber-8.12.57.jar
[INFO] Copying failureaccess-1.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/failureaccess-1.0.1.jar
[INFO] Copying json-smart-2.4.10.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-smart-2.4.10.jar
[INFO] Copying json-schema-core-1.2.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-core-1.2.8.jar
[INFO] Copying json-path-2.9.0-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0-gov4j-1.jar
[INFO] Copying json-lib-2.4-jdk15.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-lib-2.4-jdk15.jar
[INFO] Copying json-20231013.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-20231013.jar
[INFO] Copying jettison-1.5.4.jar to /var/lib/jenkins/workspace/GovWay/lib/json/jettison-1.5.4.jar
[INFO] Copying handy-uri-templates-2.1.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/handy-uri-templates-2.1.8.jar
[INFO] Copying json-schema-validator-2.2.10.jar to /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-2.2.10.jar
[INFO] Copying btf-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/json/btf-1.2.jar
[INFO] Copying accessors-smart-2.4.8.jar to /var/lib/jenkins/workspace/GovWay/lib/json/accessors-smart-2.4.8.jar
[INFO]
[INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json ---
[INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.log >-----------------
[INFO] Building dependencies.log 1.0 [18/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.log ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log ---
[INFO] Copying slf4j-api-2.0.3-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.3-gov4j-1.jar
[INFO] Copying log4j-1.2-api-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-1.2-api-2.19.0.jar
[INFO] Copying log4j-api-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-api-2.19.0.jar
[INFO] Copying log4j-core-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-core-2.19.0.jar
[INFO] Copying log4j-jcl-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-jcl-2.19.0.jar
[INFO] Copying log4j-slf4j2-impl-2.19.0.jar to /var/lib/jenkins/workspace/GovWay/lib/log/log4j-slf4j2-impl-2.19.0.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >---------------
[INFO] Building dependencies.lucene 1.0 [19/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.lucene ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene ---
[INFO] Copying lucene-codecs-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-codecs-9.12.0.jar
[INFO] Copying lucene-core-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-core-9.12.0.jar
[INFO] Copying lucene-misc-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-misc-9.12.0.jar
[INFO] Copying lucene-queries-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-queries-9.12.0.jar
[INFO] Copying lucene-suggest-9.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/lucene/lucene-suggest-9.12.0.jar
[INFO]
[INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >--------------
[INFO] Building dependencies.swagger 1.0 [20/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.openapi4j ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j ---
[INFO] Copying openapi-core-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7-gov4j-7.jar
[INFO] Copying openapi-parser-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7-gov4j-7.jar
[INFO] Copying openapi-schema-validator-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7-gov4j-7.jar
[INFO] Copying openapi-operation-validator-1.0.7-gov4j-7.jar to /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7-gov4j-7.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >--------------
[INFO] Building dependencies.opensaml 1.0 [21/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.opensaml ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml ---
[INFO] Copying opensaml-core-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-core-3.4.6.jar
[INFO] Copying opensaml-messaging-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-messaging-api-3.4.6.jar
[INFO] Copying opensaml-messaging-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-messaging-impl-3.4.6.jar
[INFO] Copying opensaml-profile-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-profile-api-3.4.6.jar
[INFO] Copying opensaml-profile-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-profile-impl-3.4.6.jar
[INFO] Copying opensaml-saml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-saml-api-3.4.6.jar
[INFO] Copying opensaml-saml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-saml-impl-3.4.6.jar
[INFO] Copying opensaml-security-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-security-api-3.4.6.jar
[INFO] Copying opensaml-security-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-security-impl-3.4.6.jar
[INFO] Copying opensaml-soap-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-soap-api-3.4.6.jar
[INFO] Copying opensaml-soap-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-soap-impl-3.4.6.jar
[INFO] Copying opensaml-storage-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-storage-api-3.4.6.jar
[INFO] Copying opensaml-storage-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-storage-impl-3.4.6.jar
[INFO] Copying opensaml-xacml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-api-3.4.6.jar
[INFO] Copying opensaml-xacml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-impl-3.4.6.jar
[INFO] Copying opensaml-xacml-saml-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-saml-api-3.4.6.jar
[INFO] Copying opensaml-xacml-saml-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xacml-saml-impl-3.4.6.jar
[INFO] Copying opensaml-xmlsec-api-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xmlsec-api-3.4.6.jar
[INFO] Copying opensaml-xmlsec-impl-3.4.6.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/opensaml-xmlsec-impl-3.4.6.jar
[INFO] Copying java-support-7.5.2.jar to /var/lib/jenkins/workspace/GovWay/lib/opensaml/java-support-7.5.2.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >-----------------
[INFO] Building dependencies.pdf 1.0 [22/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.pdf ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf ---
[INFO] Copying pdfbox-2.0.27.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/pdfbox-2.0.27.jar
[INFO] Copying fontbox-2.0.27.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/fontbox-2.0.27.jar
[INFO] Copying boxable-1.7.0.jar to /var/lib/jenkins/workspace/GovWay/lib/pdf/boxable-1.7.0.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >----------------
[INFO] Building dependencies.redis 1.0 [23/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.redis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis ---
[INFO] Copying redisson-3.23.5.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/redisson-3.23.5.jar
[INFO] Copying netty-resolver-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-resolver-4.1.115.Final.jar
[INFO] Copying netty-resolver-dns-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-resolver-dns-4.1.115.Final.jar
[INFO] Copying netty-common-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-common-4.1.115.Final.jar
[INFO] Copying netty-buffer-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-buffer-4.1.115.Final.jar
[INFO] Copying netty-transport-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-transport-4.1.115.Final.jar
[INFO] Copying netty-codec-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-codec-4.1.115.Final.jar
[INFO] Copying netty-codec-dns-4.1.115.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/netty-codec-dns-4.1.115.Final.jar
[INFO] Copying jboss-marshalling-2.1.3.SP1.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/jboss-marshalling-2.1.3.SP1.jar
[INFO] Copying jboss-marshalling-river-2.1.3.SP1.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/jboss-marshalling-river-2.1.3.SP1.jar
[INFO] Copying objenesis-3.3.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/objenesis-3.3.jar
[INFO] Copying kryo-5.5.0.jar to /var/lib/jenkins/workspace/GovWay/lib/redis/kryo-5.5.0.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.reports >---------------
[INFO] Building dependencies.reports 1.0 [24/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.reports ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports ---
[INFO] Copying net.tascalate.javaflow.api-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/net.tascalate.javaflow.api-2.7.3.jar
[INFO] Copying SparseBitSet-1.2.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/SparseBitSet-1.2.jar
[INFO] Copying jfreechart-1.5.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jfreechart-1.5.3.jar
[INFO] Copying poi-5.2.3.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/poi-5.2.3.jar
[INFO] Copying jcommon-1.0.24.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jcommon-1.0.24.jar
[INFO] Copying jasperreports-6.20.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jasperreports-6.20.0.jar
[INFO] Copying jasperreports-metadata-6.20.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/jasperreports-metadata-6.20.0.jar
[INFO] Copying ecj-3.31.0.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/ecj-3.31.0.jar
[INFO] Copying dynamicreports-core-6.12.1.jar to /var/lib/jenkins/workspace/GovWay/lib/reports/dynamicreports-core-6.12.1.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >----------------
[INFO] Building dependencies.saaj 1.0 [25/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.saaj ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj ---
[INFO] Copying mimepull-1.9.14.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/mimepull-1.9.14.jar
[INFO] Copying javax.xml.soap-api-1.4.0.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/javax.xml.soap-api-1.4.0.jar
[INFO] Copying saaj-impl-1.5.3-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3-gov4j-1.jar
[INFO] Copying stax-ex-1.8.3.jar to /var/lib/jenkins/workspace/GovWay/lib/saaj/stax-ex-1.8.3.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.security >--------------
[INFO] Building dependencies.security 1.0 [26/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.security ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security ---
[INFO] Copying bcpkix-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcpkix-jdk18on-1.78.1.jar
[INFO] Copying bcprov-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcprov-jdk18on-1.78.1.jar
[INFO] Copying bcutil-jdk18on-1.78.1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/bcutil-jdk18on-1.78.1.jar
[INFO] Copying cryptacular-1.2.5.jar to /var/lib/jenkins/workspace/GovWay/lib/security/cryptacular-1.2.5.jar
[INFO] Copying herasaf-xacml-core-2.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/security/herasaf-xacml-core-2.0.4.jar
[INFO] Copying jasypt-1.9.3.jar to /var/lib/jenkins/workspace/GovWay/lib/security/jasypt-1.9.3.jar
[INFO] Copying neethi-3.2.0.jar to /var/lib/jenkins/workspace/GovWay/lib/security/neethi-3.2.0.jar
[INFO] Copying xmlsec-2.3.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4-gov4j-1.jar
[INFO] Copying xml-security-impl-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/security/xml-security-impl-1.0.jar
[INFO] Copying nimbus-jose-jwt-9.37.3.jar to /var/lib/jenkins/workspace/GovWay/lib/security/nimbus-jose-jwt-9.37.3.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >---------------
[INFO] Building dependencies.shared 1.0 [27/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.shared ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared ---
[INFO] Copying xmldb-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmldb-1.0.jar
[INFO] Copying reflections-0.10.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/reflections-0.10.2.jar
[INFO] Copying reactive-streams-1.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/reactive-streams-1.0.4.jar
[INFO] Copying javassist-3.29.2-GA.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/javassist-3.29.2-GA.jar
[INFO] Copying commons-jcs3-core-3.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1-gov4j-2.jar
[INFO] Copying urlrewritefilter-4.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/urlrewritefilter-4.0.4.jar
[INFO] Copying velocity-engine-core-2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-engine-core-2.4.jar
[INFO] Copying velocity-tools-generic-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-generic-3.1.jar
[INFO] Copying velocity-tools-view-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-view-3.1.jar
[INFO] Copying velocity-tools-view-jsp-3.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/velocity-tools-view-jsp-3.1.jar
[INFO] Copying wsdl4j-1.6.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/wsdl4j-1.6.3.jar
[INFO] Copying xalan-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xalan-2.7.3.jar
[INFO] Copying serializer-2.7.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/serializer-2.7.3.jar
[INFO] Copying xercesImpl-2.12.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xercesImpl-2.12.2.jar
[INFO] Copying xml-apis-1.4.01.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xml-apis-1.4.01.jar
[INFO] Copying xmlunit-legacy-2.10.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlunit-legacy-2.10.0.jar
[INFO] Copying xmlunit-core-2.10.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlunit-core-2.10.0.jar
[INFO] Copying xom-1.2.11.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xom-1.2.11.jar
[INFO] Copying uddi4j-2.0.5.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/uddi4j-2.0.5.jar
[INFO] Copying mailapi-1.6.7.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/mailapi-1.6.7.jar
[INFO] Copying smtp-1.6.7.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/smtp-1.6.7.jar
[INFO] Copying Saxon-HE-11.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4-gov4j-1.jar
[INFO] Copying xmlresolver-4.4.3.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/xmlresolver-4.4.3.jar
[INFO] Copying snakeyaml-1.33-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33-gov4j-1.jar
[INFO] Copying struts-core-1.3.10.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/struts-core-1.3.10.jar
[INFO] Copying com.springsource.edu.oswego.cs.dl.util.concurrent-1.3.4.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/com.springsource.edu.oswego.cs.dl.util.concurrent-1.3.4.jar
[INFO] Copying ezmorph-1.0.6.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/ezmorph-1.0.6.jar
[INFO] Copying freemarker-2.3.31.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/freemarker-2.3.31.jar
[INFO] Copying guava-32.1.1-jre.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/guava-32.1.1-jre.jar
[INFO] Copying java-uuid-generator-4.0.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/java-uuid-generator-4.0.1.jar
[INFO] Copying joda-time-2.12.0.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/joda-time-2.12.0.jar
[INFO] Copying aspectjrt-1.9.9.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/aspectjrt-1.9.9.1.jar
[INFO] Copying aspectjweaver-1.9.9.1.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/aspectjweaver-1.9.9.1.jar
[INFO] Copying jakarta.activation-1.2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/jakarta.activation-1.2.2.jar
[INFO] Copying ehcache-3.10.2.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/ehcache-3.10.2.jar
[INFO] Copying rhino-1.7.14.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/rhino-1.7.14.jar
[INFO] Copying hazelcast-5.3.5.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/hazelcast-5.3.5.jar
[INFO] Copying hibernate-core-6.1.4.Final.jar to /var/lib/jenkins/workspace/GovWay/lib/shared/hibernate-core-6.1.4.Final.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >---------------
[INFO] Building dependencies.soapbox 1.0 [28/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.soapbox ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox ---
[INFO] Copying metro-webservices_xwss_com_sun_xml-2.2.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/metro-webservices_xwss_com_sun_xml-2.2.jar
[INFO] Copying ultraesb-api-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/ultraesb-api-1.7.1.jar
[INFO] Copying ultraesb-core-1.7.1.jar to /var/lib/jenkins/workspace/GovWay/lib/soapbox/ultraesb-core-1.7.1.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >---------------
[INFO] Building dependencies.spring 1.0 [29/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring ---
[INFO] Copying spring-aop-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-aop-5.3.39.jar
[INFO] Copying spring-aspects-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-aspects-5.3.39.jar
[INFO] Copying spring-beans-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39-gov4j-1.jar
[INFO] Copying spring-context-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39-gov4j-1.jar
[INFO] Copying spring-context-support-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39-gov4j-1.jar
[INFO] Copying spring-core-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39-gov4j-1.jar
[INFO] Copying spring-expression-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39-gov4j-1.jar
[INFO] Copying spring-orm-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-orm-5.3.39.jar
[INFO] Copying spring-tx-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-tx-5.3.39.jar
[INFO] Copying spring-web-5.3.39-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39-gov4j-1.jar
[INFO]
[INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >-------------
[INFO] Building dependencies.spring-ldap 1.0 [30/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring-ldap ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap ---
[INFO] Copying spring-ldap-core-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-ldap/spring-ldap-core-2.4.2.jar
[INFO] Copying spring-ldap-ldif-core-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-ldap/spring-ldap-ldif-core-2.4.2.jar
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >-----------
[INFO] Building dependencies.spring-security 1.0 [31/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.spring-security ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security ---
[INFO] Copying spring-security-config-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-config-5.8.15.jar
[INFO] Copying spring-security-core-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-core-5.8.15.jar
[INFO] Copying spring-security-web-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-web-5.8.15.jar
[INFO] Copying spring-security-crypto-5.8.15.jar to /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.15.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >---------------
[INFO] Building dependencies.swagger 1.0 [32/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.swagger ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger ---
[INFO] Copying swagger-ui-4.19.1.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-ui-4.19.1.jar
[INFO] Copying classgraph-4.8.149.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/classgraph-4.8.149.jar
[INFO] Copying swagger-annotations-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-annotations-2.2.4.jar
[INFO] Copying swagger-core-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-core-2.2.4.jar
[INFO] Copying swagger-jaxrs2-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-jaxrs2-2.2.4.jar
[INFO] Copying swagger-models-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-models-2.2.4.jar
[INFO] Copying swagger-integration-2.2.4.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-integration-2.2.4.jar
[INFO] Copying swagger-parser-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-2.1.6.jar
[INFO] Copying swagger-parser-core-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-core-2.1.6.jar
[INFO] Copying swagger-parser-v2-converter-2.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v2-converter-2.1.6.jar
[INFO] Copying swagger-parser-v3-2.1.6-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6-gov4j-1.jar
[INFO] Copying swagger-core-1.6.8.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-core-1.6.8.jar
[INFO] Copying swagger-models-1.6.8.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-models-1.6.8.jar
[INFO] Copying swagger-parser-1.0.63.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-1.0.63.jar
[INFO] Copying swagger-request-validator-core-2.30.0-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0-gov4j-2.jar
[INFO]
[INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >----------------
[INFO] Building dependencies.wadl 1.0 [33/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.wadl ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl ---
[INFO] Copying localizer-1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/localizer-1.0.jar
[INFO] Copying wadl-core-1.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/wadl-core-1.1.6.jar
[INFO] Copying wadl-xslt-1.1.6.jar to /var/lib/jenkins/workspace/GovWay/lib/wadl/wadl-xslt-1.1.6.jar
[INFO]
[INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >----------------
[INFO] Building dependencies.wss4j 1.0 [34/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.wss4j ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j ---
[INFO] Copying wss4j-bindings-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-bindings-2.4.1.jar
[INFO] Copying wss4j-integration-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-integration-2.4.1.jar
[INFO] Copying wss4j-policy-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-policy-2.4.1.jar
[INFO] Copying wss4j-ws-security-common-2.4.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1-gov4j-2.jar
[INFO] Copying wss4j-ws-security-dom-2.4.1-gov4j-2.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1-gov4j-2.jar
[INFO] Copying wss4j-ws-security-policy-stax-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-policy-stax-2.4.1.jar
[INFO] Copying wss4j-ws-security-stax-2.4.1.jar to /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-stax-2.4.1.jar
[INFO]
[INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >--------------
[INFO] Building dependencies.testsuite 1.0 [35/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >----------
[INFO] Building dependencies.testsuite.axis14 1.0 [36/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 ---
[INFO] Copying axis-1.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4-gov4j-1.jar
[INFO] Copying axis-jaxrpc-1.4-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4-gov4j-1.jar
[INFO] Copying axis-ant-1.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-ant-1.4.jar
[INFO] Copying axis-saaj-1.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-saaj-1.4.jar
[INFO] Copying mailapi-1.5.6.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/mailapi-1.5.6.jar
[INFO] Copying neethi-2.0.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/neethi-2.0.4.jar
[INFO] Copying opensaml-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/opensaml-1.1.jar
[INFO] Copying wss4j-1.5.11.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/wss4j-1.5.11.jar
[INFO] Copying xmlsec-1.4.4.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/xmlsec-1.4.4.jar
[INFO] Copying addressing-1.1.jar to /var/lib/jenkins/workspace/GovWay/lib/axis14/addressing-1.1.jar
[INFO]
[INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >-----
[INFO] Building dependencies.testsuite.as 1.0 [37/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly8 >--
[INFO] Building dependencies.testsuite.as.wildfly8 1.0 [38/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly8 ---
[INFO] org.wildfly:jboss-client:jar:wf8 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >--
[INFO] Building dependencies.testsuite.as.wildfly9 1.0 [39/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 ---
[INFO] org.wildfly:jboss-client:jar:wf9 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >--
[INFO] Building dependencies.testsuite.as.wildfly10 1.0 [40/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 ---
[INFO] org.wildfly:jboss-client:jar:wf10 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >--
[INFO] Building dependencies.testsuite.as.wildfly11 1.0 [41/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 ---
[INFO] org.wildfly:jboss-client:jar:wf11 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >--
[INFO] Building dependencies.testsuite.as.wildfly12 1.0 [42/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 ---
[INFO] org.wildfly:jboss-client:jar:wf12 already exists in destination.
[INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >--
[INFO] Building dependencies.testsuite.as.wildfly13 1.0 [43/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 ---
[INFO] org.wildfly:jboss-client:jar:wf13 already exists in destination.
[INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >--
[INFO] Building dependencies.testsuite.as.wildfly14 1.0 [44/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 ---
[INFO] org.wildfly:jboss-client:jar:wf14 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >--
[INFO] Building dependencies.testsuite.as.wildfly15 1.0 [45/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 ---
[INFO] org.wildfly:jboss-client:jar:wf15 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >--
[INFO] Building dependencies.testsuite.as.wildfly16 1.0 [46/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 ---
[INFO] org.wildfly:jboss-client:jar:wf16 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >--
[INFO] Building dependencies.testsuite.as.wildfly17 1.0 [47/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 ---
[INFO] org.wildfly:jboss-client:jar:wf17 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >--
[INFO] Building dependencies.testsuite.as.wildfly18 1.0 [48/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 ---
[INFO] org.wildfly:jboss-client:jar:wf18 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >--
[INFO] Building dependencies.testsuite.as.wildfly19 1.0 [49/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 ---
[INFO] org.wildfly:jboss-client:jar:wf19 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >--
[INFO] Building dependencies.testsuite.as.wildfly20 1.0 [50/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 ---
[INFO] org.wildfly:jboss-client:jar:wf20 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >--
[INFO] Building dependencies.testsuite.as.wildfly21 1.0 [51/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 ---
[INFO] org.wildfly:jboss-client:jar:wf21 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >--
[INFO] Building dependencies.testsuite.as.wildfly22 1.0 [52/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 ---
[INFO] org.wildfly:jboss-client:jar:wf22 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >--
[INFO] Building dependencies.testsuite.as.wildfly23 1.0 [53/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 ---
[INFO] org.wildfly:jboss-client:jar:wf23 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >--
[INFO] Building dependencies.testsuite.as.wildfly24 1.0 [54/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 ---
[INFO] org.wildfly:jboss-client:jar:wf24 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >--
[INFO] Building dependencies.testsuite.as.wildfly25 1.0 [55/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 ---
[INFO] org.wildfly:jboss-client:jar:wf25 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >--
[INFO] Building dependencies.testsuite.as.wildfly26 1.0 [56/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 ---
[INFO] org.wildfly:jboss-client:jar:wf26 already exists in destination.
[INFO]
[INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >--
[INFO] Building dependencies.testsuite.as.tomcat9 1.0 [57/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 ---
[INFO] org.apache.tomcat:tomcat-catalina:jar:9.0.83 already exists in destination.
[INFO] org.apache.tomcat:tomcat-juli:jar:9.0.83 already exists in destination.
[INFO]
[INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >-----------
[INFO] Building dependencies.testsuite.test 1.0 [58/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.test ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test ---
[INFO] Copying jcommander-1.82.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/jcommander-1.82.jar
[INFO] Copying guice-5.1.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/guice-5.1.0.jar
[INFO] Copying jquery-3.6.1.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/jquery-3.6.1.jar
[INFO] Copying testng-7.8.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/testng-7.8.0.jar
[INFO] Copying junit-4.13.2.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/junit-4.13.2.jar
[INFO] Copying karate-apache-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-apache-0.9.6.jar
[INFO] Copying karate-core-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-core-0.9.6.jar
[INFO] Copying karate-junit4-0.9.6.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/karate-junit4-0.9.6.jar
[INFO] Copying hamcrest-core-1.3.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/hamcrest-core-1.3.jar
[INFO] Copying picocli-4.2.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/picocli-4.2.0.jar
[INFO] Copying logback-classic-1.4.14.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/logback-classic-1.4.14.jar
[INFO] Copying logback-core-1.4.14.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/logback-core-1.4.14.jar
[INFO] Copying spring-jdbc-5.3.39.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/spring-jdbc-5.3.39.jar
[INFO] Copying spring-ldap-test-2.4.2.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/spring-ldap-test-2.4.2.jar
[INFO] Copying apacheds-all-2.0.0.AM27-gov4j-1.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27-gov4j-1.jar
[INFO] Copying slf4j-testng-2.0.0.jar to /var/lib/jenkins/workspace/GovWay/lib/testsuite/slf4j-testng-2.0.0.jar
[INFO]
[INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------
[INFO] Building dependencies.testsuite.staticAnalysis 1.0 [59/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis ---
[INFO] Copying spotbugs-ant-4.8.6.jar to /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis/spotbugs-ant-4.8.6.jar
[INFO] Copying sonarqube-ant-task-2.7.1.1951.jar to /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis/sonarqube-ant-task-2.7.1.1951.jar
[INFO]
[INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------
[INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [60/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis ---
[INFO] Copying zap-clientapi-1.11.0.jar to /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis/zap-clientapi-1.11.0.jar
[INFO]
[INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >---------
[INFO] Building dependencies.testsuite.coverage 1.0 [61/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-clean-plugin:3.1.0:clean (clean) @ org.openspcoop2.testsuite.coverage ---
[INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = [])
[INFO]
[INFO] --- maven-dependency-plugin:3.1.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage ---
[INFO] Copying org.jacoco.agent-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.agent-0.8.8.jar
[INFO] Copying org.jacoco.ant-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.ant-0.8.8.jar
[INFO] Copying org.jacoco.core-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.core-0.8.8.jar
[INFO] Copying org.jacoco.report-0.8.8.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/org.jacoco.report-0.8.8.jar
[INFO] Copying asm-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-9.5.jar
[INFO] Copying asm-commons-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-commons-9.5.jar
[INFO] Copying asm-tree-9.5.jar to /var/lib/jenkins/workspace/GovWay/lib/coverage/asm-tree-9.5.jar
[INFO]
[INFO] --------------< org.openspcoop2:org.openspcoop2.compile >---------------
[INFO] Building compile 1.0 [62/71]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-antrun-plugin:1.8:run (default) @ org.openspcoop2.compile ---
[INFO] Executing tasks
main:
[taskdef] Could not load definitions from resource net/sf/antcontrib/antlib.xml. It could not be found.
check_as_version:
build:
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist
init_compile_genericProject:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/tmp
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist
compile_openspcoop2_utils:
checkgit:
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils]
[javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/instrument]
[javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-instrument_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/resources]
[javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-resources_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mime]
[javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mime_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/date]
[javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-date_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/io]
[javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-io_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/random]
[javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-random_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/properties]
[javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-properties_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxb]
[javac] anomalous package-info.java path: package-info.java
[javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxb_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxrs]
[javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxrs_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml]
[javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/json]
[javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-json_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml2json]
[javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml2json_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/digest]
[javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-digest_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/regexp]
[javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-regexp_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate]
[javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/transport]
[javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-transport_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/ocsp]
[javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-ocsp_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/remote]
[javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-remote_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/byok]
[javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-byok_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jmx]
[javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jmx_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/cache]
[javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-cache_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/checksum]
[javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-checksum_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/crypt]
[javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-crypt_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/csv]
[javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-csv_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/dch]
[javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-dch_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sql]
[javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sql_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jdbc]
[javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jdbc_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/id]
[javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-id_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/serialization]
[javac] Compiling 26 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-serialization_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/logger]
[javac] Compiling 77 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-logger_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/service]
[javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-service_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/beans]
[javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-beans_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/security]
[javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-security_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/pdf]
[javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-pdf_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wsdl]
[javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wsdl_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/rest]
[javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-rest_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wadl]
[javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wadl_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/openapi]
[javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-openapi_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xacml]
[javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xacml_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mail]
[javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mail_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/datasource]
[javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-datasource_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sonde]
[javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sonde_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/semaphore]
[javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-semaphore_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/threads]
[javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-threads_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
jar_2_jar_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay]
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils_RELEASE.jar
compile_api_openspcoop2:
checkgit:
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils-test
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/test]
[javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils-test/openspcoop2_utils-test_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
jar_2_jar_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay]
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils-test_RELEASE.jar
compile_api_openspcoop2:
compile_openspcoop2_genericProject:
checkgit:
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/generic_project/src/]
[javac] Compiling 211 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_generic-project_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_api_openspcoop2:
compile_genericProject:
init_compile:
compile_openspcoop2_schemi:
checkgit:
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
build_jar_schema:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/schemi
[echo] Raccolta informazioni git per inserimento in manifest...
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-openspcoop2_RELEASE.jar
init_compile-build:
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
build_jar_schema:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-standard_RELEASE.jar
jar_2_jar_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay]
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_schemi-xsd_RELEASE.jar
compile_openspcoop2_message:
checkgit:
init_compile-build:
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/message
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/context]
[javac] anomalous package-info.java path: package-info.java
[javac] Compiling 42 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
[jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message-context_RELEASE.jar
[delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
init_compile-build:
[mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
compile_src_openspcoop2:
[echo] Java home: /opt/openjdk-11.0.12_7/
[echo] ****************************************
[echo] **** DEBUG MODE ON *****
[echo] ****************************************
[echo] Raccolta informazioni git per inserimento in manifest...
[echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message]
[javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2
/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/soap/SoapUtils.java:64: error: package org.openspcoop2.pdd.core.dynamic does not exist
import org.openspcoop2.pdd.core.dynamic.DynamicException;
^
/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/soap/SoapUtils.java:387: error: cannot find symbol
public static void addSWAStartParameterIfNotPresent(OpenSPCoop2Message message) throws DynamicException {
^
symbol: class DynamicException
location: class SoapUtils
/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/soap/SoapUtils.java:390: error: cannot find symbol
public static void addSWAStartParameterIfNotPresent(OpenSPCoop2Message message, boolean addOnlyIfExistsContentIdRootPart) throws DynamicException {
^
symbol: class DynamicException
location: class SoapUtils
/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/soap/SoapUtils.java:393: error: cannot find symbol
public static void addSWAStartParameterIfNotPresent(OpenSPCoop2Message message, boolean addOnlyIfExistsContentIdRootPart, boolean forceAddStartParameter) throws DynamicException {
^
symbol: class DynamicException
location: class SoapUtils
4 errors
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary for govway 1.0:
[INFO]
[INFO] govway ............................................. SUCCESS [ 0.003 s]
[INFO] dependencies ....................................... SUCCESS [ 0.002 s]
[INFO] dependencies.ant ................................... SUCCESS [ 1.398 s]
[INFO] dependencies.antinstaller .......................... SUCCESS [ 0.033 s]
[INFO] dependencies.axiom ................................. SUCCESS [ 0.019 s]
[INFO] dependencies.bean-validation ....................... SUCCESS [ 0.078 s]
[INFO] dependencies.cxf ................................... SUCCESS [ 0.284 s]
[INFO] dependencies.commons ............................... SUCCESS [ 0.161 s]
[INFO] dependencies.faces ................................. SUCCESS [ 0.055 s]
[INFO] dependencies.git ................................... SUCCESS [ 0.019 s]
[INFO] dependencies.httpcore .............................. SUCCESS [ 0.051 s]
[INFO] dependencies.jackson ............................... SUCCESS [ 0.063 s]
[INFO] dependencies.javax ................................. SUCCESS [ 0.043 s]
[INFO] dependencies.jax ................................... SUCCESS [ 0.115 s]
[INFO] dependencies.jetty ................................. SUCCESS [ 0.043 s]
[INFO] dependencies.jminix ................................ SUCCESS [ 0.013 s]
[INFO] dependencies.json .................................. SUCCESS [ 0.038 s]
[INFO] dependencies.log ................................... SUCCESS [ 0.040 s]
[INFO] dependencies.lucene ................................ SUCCESS [ 0.019 s]
[INFO] dependencies.swagger ............................... SUCCESS [ 0.011 s]
[INFO] dependencies.opensaml .............................. SUCCESS [ 0.056 s]
[INFO] dependencies.pdf ................................... SUCCESS [ 0.024 s]
[INFO] dependencies.redis ................................. SUCCESS [ 0.052 s]
[INFO] dependencies.reports ............................... SUCCESS [ 0.037 s]
[INFO] dependencies.saaj .................................. SUCCESS [ 0.013 s]
[INFO] dependencies.security .............................. SUCCESS [ 0.033 s]
[INFO] dependencies.shared ................................ SUCCESS [ 0.131 s]
[INFO] dependencies.soapbox ............................... SUCCESS [ 0.013 s]
[INFO] dependencies.spring ................................ SUCCESS [ 0.024 s]
[INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.008 s]
[INFO] dependencies.spring-security ....................... SUCCESS [ 0.014 s]
[INFO] dependencies.swagger ............................... SUCCESS [ 0.040 s]
[INFO] dependencies.wadl .................................. SUCCESS [ 0.010 s]
[INFO] dependencies.wss4j ................................. SUCCESS [ 0.020 s]
[INFO] dependencies.testsuite ............................. SUCCESS [ 0.000 s]
[INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.021 s]
[INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s]
[INFO] dependencies.testsuite.as.wildfly8 ................. SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.004 s]
[INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.008 s]
[INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.047 s]
[INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.006 s]
[INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.004 s]
[INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.004 s]
[INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.004 s]
[INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.005 s]
[INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.049 s]
[INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.012 s]
[INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.006 s]
[INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.019 s]
[INFO] compile ............................................ FAILURE [03:13 min]
[INFO] package ............................................ SKIPPED
[INFO] testsuite.utils .................................... SKIPPED
[INFO] testsuite.utils.sql ................................ SKIPPED
[INFO] testsuite.pdd.core ................................. SKIPPED
[INFO] testsuite.pdd.core.sql ............................. SKIPPED
[INFO] static_analysis.spotbugs ........................... SKIPPED
[INFO] static_analysis.sonarqube .......................... SKIPPED
[INFO] dynamic_analysis.zap ............................... SKIPPED
[INFO] coverage.jacoco .................................... SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 03:17 min
[INFO] Finished at: 2024-11-15T19:12:52+01:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-antrun-plugin:1.8:run (default) on project org.openspcoop2.compile: An Ant BuildException has occured: The following error occurred while executing this line:
[ERROR] /var/lib/jenkins/workspace/GovWay/build.xml:358: The following error occurred while executing this line:
[ERROR] /var/lib/jenkins/workspace/GovWay/core/ant/openspcoop2-message-build.xml:64: The following error occurred while executing this line:
[ERROR] /var/lib/jenkins/workspace/GovWay/ant/commons/compile-build.xml:149: Compile failed; see the compiler error output for details.
[ERROR] around Ant part ...... @ 5:58 in /var/lib/jenkins/workspace/GovWay/mvn/compile/target/antrun/build-main.xml
[ERROR] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR] mvn -rf :org.openspcoop2.compile
Build step 'Conditional steps (multiple)' marked build as failure
INFO: Processing JUnit
INFO: [JUnit] - 2 test report file(s) were found with the pattern 'tools/rs/*/server/testsuite/risultati-testsuite/TEST-*.xml' relative to '/var/lib/jenkins/workspace/GovWay' for the testing framework 'JUnit'.
ERROR: Step ‘Publish xUnit test result report’ failed: Test reports were found but not all of them are new. Did all the tests run?
* /var/lib/jenkins/workspace/GovWay/tools/rs/config/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.config.rs.testsuite.ApiConfigTestSuite.xml is 1 day 17 hr old
* /var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.monitor.rs.testsuite.ApiMonitorTestSuite.xml is 1 day 17 hr old
TestNG Reports Processing: START
Looking for TestNG results report in workspace using pattern: **/testng-results.xml
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
testng-results.xml was last modified before this build started. Ignoring it.
Saving reports...
Found matching files but did not find any TestNG results.
Collecting Dependency-Check artifact
Parsing file /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml
[SpotBugsZed Attack Proxy (ZAP)] Skipping execution of recorder since overall result is 'FAILURE'
Started calculate disk usage of build
Finished Calculation of disk usage of build in 0 seconds
Started calculate disk usage of workspace
Finished Calculation of disk usage of workspace in 0 seconds
Finished: FAILURE