{ "_class" : "io.jenkins.plugins.analysis.core.restapi.ReportApi", "issues" : [ { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "cxf-core-3.6.5-gov4j-2.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "fingerprint" : "FALLBACK-405fbc1d", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-36wv-v2qp-v4g4-cxf-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-36wv-v2qp-v4g4 medium vulnerability for cxf-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-36wv-v2qp-v4g4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | cxf-core | 3.6.5-gov4j-2 | 3.6.6 | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar | github:language:java | [GHSA-36wv-v2qp-v4g4](https://github.com/advisories/GHSA-36wv-v2qp-v4g4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: cxf-core, version 3.6.5-gov4j-2 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1269", "severity" : "NORMAL", "toString" : "cxf-core-3.6.5-gov4j-2.jar(1,0): GHSA-36wv-v2qp-v4g4-cxf-core: : GHSA-36wv-v2qp-v4g4-cxf-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-36wv-v2qp-v4g4 medium vulnerability for cxf-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-36wv-v2qp-v4g4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | cxf-core | 3.6.5-gov4j-2 | 3.6.6 | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar | github:language:java | [GHSA-36wv-v2qp-v4g4](https://github.com/advisories/GHSA-36wv-v2qp-v4g4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: cxf-core, version 3.6.5-gov4j-2 was found in image linkitaly/govway:master_oracle at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "type" : "GHSA-36wv-v2qp-v4g4-cxf-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "cxf-core-3.6.5-gov4j-2.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "fingerprint" : "FALLBACK-405fbc1d", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-36wv-v2qp-v4g4-cxf-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-36wv-v2qp-v4g4 medium vulnerability for cxf-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-36wv-v2qp-v4g4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | cxf-core | 3.6.5-gov4j-2 | 3.6.6 | java-archive | /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar | github:language:java | [GHSA-36wv-v2qp-v4g4](https://github.com/advisories/GHSA-36wv-v2qp-v4g4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: cxf-core, version 3.6.5-gov4j-2 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1269", "severity" : "NORMAL", "toString" : "cxf-core-3.6.5-gov4j-2.jar(1,0): GHSA-36wv-v2qp-v4g4-cxf-core: : GHSA-36wv-v2qp-v4g4-cxf-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-36wv-v2qp-v4g4 medium vulnerability for cxf-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-36wv-v2qp-v4g4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | cxf-core | 3.6.5-gov4j-2 | 3.6.6 | java-archive | /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar | github:language:java | [GHSA-36wv-v2qp-v4g4](https://github.com/advisories/GHSA-36wv-v2qp-v4g4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: cxf-core, version 3.6.5-gov4j-2 was found in image linkitaly/govway:master_postgres at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "type" : "GHSA-36wv-v2qp-v4g4-cxf-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "cxf-core-3.6.5-gov4j-2.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "fingerprint" : "FALLBACK-405fbc1d", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-36wv-v2qp-v4g4-cxf-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-36wv-v2qp-v4g4 medium vulnerability for cxf-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-36wv-v2qp-v4g4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | cxf-core | 3.6.5-gov4j-2 | 3.6.6 | java-archive | /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar | github:language:java | [GHSA-36wv-v2qp-v4g4](https://github.com/advisories/GHSA-36wv-v2qp-v4g4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: cxf-core, version 3.6.5-gov4j-2 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1269", "severity" : "NORMAL", "toString" : "cxf-core-3.6.5-gov4j-2.jar(1,0): GHSA-36wv-v2qp-v4g4-cxf-core: : GHSA-36wv-v2qp-v4g4-cxf-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-36wv-v2qp-v4g4 medium vulnerability for cxf-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-36wv-v2qp-v4g4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | cxf-core | 3.6.5-gov4j-2 | 3.6.6 | java-archive | /usr/local/tomcat/webapps/govwayConsole.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar | github:language:java | [GHSA-36wv-v2qp-v4g4](https://github.com/advisories/GHSA-36wv-v2qp-v4g4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: cxf-core, version 3.6.5-gov4j-2 was found in image linkitaly/govway:master_standalone at: /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/cxf-core-3.6.5-gov4j-2.jar", "type" : "GHSA-36wv-v2qp-v4g4-cxf-core" } ], "size" : 3, "toString" : "3 warnings (normal: 3)" }