Started by GitHub push by andreapoli Running as SYSTEM Building in workspace /var/lib/jenkins/workspace/GovWay [WS-CLEANUP] Clean-up disabled, skipping workspace deletion. The recommended git tool is: NONE No credentials specified Cloning the remote Git repository Cloning repository https://github.com/link-it/govway.git > /usr/bin/git init /var/lib/jenkins/workspace/GovWay # timeout=10 Fetching upstream changes from https://github.com/link-it/govway.git > /usr/bin/git --version # timeout=10 > git --version # 'git version 2.23.1' > /usr/bin/git fetch --tags --force --progress -- https://github.com/link-it/govway.git +refs/heads/*:refs/remotes/origin/* # timeout=10 > /usr/bin/git config remote.origin.url https://github.com/link-it/govway.git # timeout=10 > /usr/bin/git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10 Avoid second fetch > /usr/bin/git rev-parse origin/master^{commit} # timeout=10 Checking out Revision bb37a7f140c4bd2181f68c863be6c3a4aada2e39 (origin/master) > /usr/bin/git config core.sparsecheckout # timeout=10 > /usr/bin/git checkout -f bb37a7f140c4bd2181f68c863be6c3a4aada2e39 # timeout=10 Commit message: "[GovWayConsole, GovWayMonitor] Sono state risolte le seguenti vulnerabilità relative alle console di gestione e monitoraggio: - CWE-307 (Brute Force) - CWE-384 (Session Fixation)" > /usr/bin/git rev-list --no-walk d346992ed4d54d5d92650de4fdb6531ed8987ce6 # timeout=10 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] Run condition [Boolean condition] enabling prebuild for step [BuilderChain] [GovWay] $ /bin/bash /tmp/jenkins6313408268114763840.sh ============================= General Info Workspace: /var/lib/jenkins/workspace/GovWay Build: true Deploy: true Test: true Test Integrazione: true ============================= ============================= Environment Info HOME: /var/lib/jenkins ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC MAVEN_OPTS: SOFTHSM2_CONF: /home/ec2-user/lib/softhsm/softhsm2.conf SONAR_SCANNER_OPTS: ============================= ============================= Java openjdk version "11.0.12" 2021-07-20 OpenJDK Runtime Environment 18.9 (build 11.0.12+7) OpenJDK 64-Bit Server VM 18.9 (build 11.0.12+7, mixed mode) ============================= ============================= Git Info Url: https://github.com/link-it/govway.git branch: origin/master commit: bb37a7f140c4bd2181f68c863be6c3a4aada2e39 previuos commit: d346992ed4d54d5d92650de4fdb6531ed8987ce6 previuos successful commit: d346992ed4d54d5d92650de4fdb6531ed8987ce6 commit message: [GovWayConsole, GovWayMonitor] Sono state risolte le seguenti vulnerabilità relative alle console di gestione e monitoraggio: - CWE-307 (Brute Force) - CWE-384 (Session Fixation) Squashed commit of the following: commit 8660d71a59698a523aa99572c385f29a39d050bc Author: Giuliano Pintori Date: Fri Oct 3 18:19:24 2025 +0200 [GovWayConsole] Aggiunte classi mancanti. commit 9fc7225bf311740df08bc89c2629ef89177d4a5e Author: Giuliano Pintori Date: Thu Oct 2 11:38:24 2025 +0200 [GovWayConsole] Risolte segnalazioni Session Fixation (CWE-384) e Mancanza di restrizioni sui tentativi di autenticazione (CWE-307). [GovWayMonitor] Risolte segnalazioni Session Fixation (CWE-384) e Mancanza di restrizioni sui tentativi di autenticazione (CWE-307). ============================= ============================= NODEjs Info v22.14.0 { npm: '10.9.2', node: '22.14.0', acorn: '8.14.0', ada: '2.9.2', amaro: '0.3.0', ares: '1.34.4', brotli: '1.1.0', cjs_module_lexer: '1.4.1', cldr: '46.0', icu: '76.1', llhttp: '9.2.1', modules: '127', napi: '10', nbytes: '0.1.1', ncrypto: '0.0.1', nghttp2: '1.64.0', nghttp3: '1.6.0', ngtcp2: '1.10.0', openssl: '3.0.15+quic', simdjson: '3.10.1', simdutf: '6.0.3', sqlite: '3.47.2', tz: '2024b', undici: '6.21.1', unicode: '16.0', uv: '1.49.2', uvwasi: '0.0.21', v8: '12.4.254.21-node.22', zlib: '1.3.0.1-motley-82a5fec' } ============================= ============================= OWASP ZAP Info 'ZAP_2.16.0' Associo diritti di esecuzione agli script zap ... Associati diritti di esecuzione agli script zap Update ... Execute: /opt/openjdk-17.0.14+7/bin/java -classpath /opt/zaproxy/ZAP_2.16.0/*:/opt/zaproxy/ZAP_2.16.0/lib/* org.zaproxy.zap.ZAP -cmd -addonupdate -port 8280 -host 127.0.0.1 Defaulting ZAP install dir to /opt/zaproxy/ZAP_2.16.0 Add-on update check complete Update effettuato ============================= Fermo application server ... Stoping Tomcat NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED Pid Tomcat: 2841 waiting for processes to exit waiting for processes to exit waiting for processes to exit waiting for processes to exit waiting for processes to exit waiting for processes to exit waiting for processes to exit waiting for processes to exitFermo application server effettuato Ripulisco log application server ... Ripulisco log application server effettuato Predispongo dir testsuite ... Predispongo dir testsuite ok Ripulisco output jacoco ... Ripulisco output jacoco effettuato Fermo sonarqube ... Gracefully stopping SonarQube... Removed stale pid file: ./SonarQube.pid SonarQube was not running. Fermo sonarqube effettuato Verifico che il workspace non esista ... Workspace correttamente re-inizializzato [Boolean condition] checking [true] against [^(1|y|yes|t|true|on|run)$] (origin token: ${GOVWAY_BUILD}) Run condition [Boolean condition] enabling perform for step [BuilderChain] [GovWay] $ /bin/sh -xe /tmp/jenkins396007830158300444.sh + perl -pi -e s/log4bash.appender=ColorConsoleAppender/log4bash.appender=ConsoleAppender/g /var/lib/jenkins/workspace/GovWay/distrib/log4bash.properties + sed -i -e 's#swagger-codegen##g' /var/lib/jenkins/workspace/GovWay/mvn/dependencies/pom.xml + sed -i -e s#UPDATE_DOC=true#UPDATE_DOC=false#g /var/lib/jenkins/workspace/GovWay/distrib/distrib.sh + sed -i -e s#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver,db2#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver#g /var/lib/jenkins/workspace/GovWay/ant/setup/prepare-build.properties + sed -i -e 's#false#true#g' /var/lib/jenkins/workspace/GovWay/pom.xml [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Ddependencies.soapbox=true initialize [INFO] Scanning for projects... [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] [INFO] govway [pom] [INFO] dependencies [pom] [INFO] dependencies.ant [pom] [INFO] dependencies.antinstaller [pom] [INFO] dependencies.axiom [pom] [INFO] dependencies.bean-validation [pom] [INFO] dependencies.cxf [pom] [INFO] dependencies.commons [pom] [INFO] dependencies.faces [pom] [INFO] dependencies.git [pom] [INFO] dependencies.httpcore [pom] [INFO] dependencies.jackson [pom] [INFO] dependencies.javax [pom] [INFO] dependencies.jax [pom] [INFO] dependencies.jetty [pom] [INFO] dependencies.jminix [pom] [INFO] dependencies.json [pom] [INFO] dependencies.log [pom] [INFO] dependencies.lucene [pom] [INFO] dependencies.openapi4j [pom] [INFO] dependencies.opensaml [pom] [INFO] dependencies.pdf [pom] [INFO] dependencies.redis [pom] [INFO] dependencies.reports [pom] [INFO] dependencies.saaj [pom] [INFO] dependencies.security [pom] [INFO] dependencies.shared [pom] [INFO] dependencies.spring [pom] [INFO] dependencies.spring-ldap [pom] [INFO] dependencies.spring-security [pom] [INFO] dependencies.swagger [pom] [INFO] dependencies.wadl [pom] [INFO] dependencies.wss4j [pom] [INFO] dependencies.testsuite [pom] [INFO] dependencies.testsuite.axis14 [pom] [INFO] dependencies.testsuite.as [pom] [INFO] dependencies.testsuite.as.wildfly9 [pom] [INFO] dependencies.testsuite.as.wildfly10 [pom] [INFO] dependencies.testsuite.as.wildfly11 [pom] [INFO] dependencies.testsuite.as.wildfly12 [pom] [INFO] dependencies.testsuite.as.wildfly13 [pom] [INFO] dependencies.testsuite.as.wildfly14 [pom] [INFO] dependencies.testsuite.as.wildfly15 [pom] [INFO] dependencies.testsuite.as.wildfly16 [pom] [INFO] dependencies.testsuite.as.wildfly17 [pom] [INFO] dependencies.testsuite.as.wildfly18 [pom] [INFO] dependencies.testsuite.as.wildfly19 [pom] [INFO] dependencies.testsuite.as.wildfly20 [pom] [INFO] dependencies.testsuite.as.wildfly21 [pom] [INFO] dependencies.testsuite.as.wildfly22 [pom] [INFO] dependencies.testsuite.as.wildfly23 [pom] [INFO] dependencies.testsuite.as.wildfly24 [pom] [INFO] dependencies.testsuite.as.wildfly25 [pom] [INFO] dependencies.testsuite.as.wildfly26 [pom] [INFO] dependencies.testsuite.as.tomcat9 [pom] [INFO] dependencies.testsuite.test [pom] [INFO] dependencies.testsuite.staticAnalysis [pom] [INFO] dependencies.testsuite.dynamicAnalysis [pom] [INFO] dependencies.testsuite.coverage [pom] [INFO] dependencies.soapbox [pom] [INFO] compile [pom] [INFO] package [pom] [INFO] testsuite.utils [pom] [INFO] testsuite.utils.sql [pom] [INFO] testsuite.pdd.core [pom] [INFO] testsuite.pdd.core.sql [pom] [INFO] static_analysis.spotbugs [pom] [INFO] static_analysis.sonarqube [pom] [INFO] dynamic_analysis.zap [pom] [INFO] coverage.jacoco [pom] [INFO] [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- [INFO] Building govway 1.0 [1/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ [INFO] Building dependencies 1.0 [2/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- [INFO] Building dependencies.ant 1.0 [3/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ [INFO] Building dependencies.antinstaller 1.0 [4/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- [INFO] Building dependencies.axiom 1.0 [5/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar [INFO] Executed tasks [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- [INFO] Building dependencies.bean-validation 1.0 [6/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- [INFO] Building dependencies.cxf 1.0 [7/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- [INFO] Building dependencies.commons 1.0 [8/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- [INFO] Building dependencies.faces 1.0 [9/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- [INFO] Building dependencies.git 1.0 [10/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- [INFO] Building dependencies.httpcore 1.0 [11/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- [INFO] Building dependencies.jackson 1.0 [12/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- [INFO] Building dependencies.javax 1.0 [13/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- [INFO] Building dependencies.jax 1.0 [14/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- [INFO] Building dependencies.jetty 1.0 [15/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- [INFO] Building dependencies.jminix 1.0 [16/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar [INFO] Executed tasks [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- [INFO] Building dependencies.json 1.0 [17/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar [INFO] Executed tasks [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- [INFO] Building dependencies.log 1.0 [18/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- [INFO] Building dependencies.lucene 1.0 [19/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- [INFO] Building dependencies.openapi4j 1.0 [20/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- [INFO] Building dependencies.opensaml 1.0 [21/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- [INFO] Building dependencies.pdf 1.0 [22/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- [INFO] Building dependencies.redis 1.0 [23/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- [INFO] Building dependencies.reports 1.0 [24/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- [INFO] Building dependencies.saaj 1.0 [25/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- [INFO] Building dependencies.security 1.0 [26/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- [INFO] Building dependencies.shared 1.0 [27/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- [INFO] Building dependencies.spring 1.0 [28/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar [INFO] Executed tasks [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- [INFO] Building dependencies.spring-ldap 1.0 [29/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- [INFO] Building dependencies.spring-security 1.0 [30/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- [INFO] Building dependencies.swagger 1.0 [31/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar [INFO] Executed tasks [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- [INFO] Building dependencies.wadl 1.0 [32/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- [INFO] Building dependencies.wss4j 1.0 [33/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar [INFO] Executed tasks [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- [INFO] Building dependencies.testsuite 1.0 [34/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar [INFO] Executed tasks [INFO] [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- [INFO] Building dependencies.testsuite.as 1.0 [36/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- [INFO] Building dependencies.testsuite.test 1.0 [56/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar [INFO] Executed tasks [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- [INFO] Building dependencies.soapbox 1.0 [60/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- [INFO] Building compile 1.0 [61/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- [INFO] Building package 1.0 [62/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- [INFO] Building testsuite.utils 1.0 [63/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- [INFO] Building testsuite.utils.sql 1.0 [64/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- [INFO] Building testsuite.pdd.core 1.0 [65/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ [INFO] Building static_analysis.spotbugs 1.0 [67/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ [INFO] Building static_analysis.sonarqube 1.0 [68/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- [INFO] Building dynamic_analysis.zap 1.0 [69/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- [INFO] Building coverage.jacoco 1.0 [70/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for govway 1.0: [INFO] [INFO] govway ............................................. SUCCESS [ 0.004 s] [INFO] dependencies ....................................... SUCCESS [ 0.001 s] [INFO] dependencies.ant ................................... SUCCESS [ 1.747 s] [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.078 s] [INFO] dependencies.axiom ................................. SUCCESS [ 0.586 s] [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.088 s] [INFO] dependencies.cxf ................................... SUCCESS [ 0.483 s] [INFO] dependencies.commons ............................... SUCCESS [ 0.239 s] [INFO] dependencies.faces ................................. SUCCESS [ 0.145 s] [INFO] dependencies.git ................................... SUCCESS [ 0.037 s] [INFO] dependencies.httpcore .............................. SUCCESS [ 0.177 s] [INFO] dependencies.jackson ............................... SUCCESS [ 0.173 s] [INFO] dependencies.javax ................................. SUCCESS [ 0.132 s] [INFO] dependencies.jax ................................... SUCCESS [ 0.383 s] [INFO] dependencies.jetty ................................. SUCCESS [ 0.113 s] [INFO] dependencies.jminix ................................ SUCCESS [ 0.138 s] [INFO] dependencies.json .................................. SUCCESS [ 0.176 s] [INFO] dependencies.log ................................... SUCCESS [ 0.251 s] [INFO] dependencies.lucene ................................ SUCCESS [ 0.069 s] [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.101 s] [INFO] dependencies.opensaml .............................. SUCCESS [ 0.164 s] [INFO] dependencies.pdf ................................... SUCCESS [ 0.070 s] [INFO] dependencies.redis ................................. SUCCESS [ 0.236 s] [INFO] dependencies.reports ............................... SUCCESS [ 0.153 s] [INFO] dependencies.saaj .................................. SUCCESS [ 0.139 s] [INFO] dependencies.security .............................. SUCCESS [ 0.193 s] [INFO] dependencies.shared ................................ SUCCESS [ 0.555 s] [INFO] dependencies.spring ................................ SUCCESS [ 0.171 s] [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.020 s] [INFO] dependencies.spring-security ....................... SUCCESS [ 0.072 s] [INFO] dependencies.swagger ............................... SUCCESS [ 0.206 s] [INFO] dependencies.wadl .................................. SUCCESS [ 0.021 s] [INFO] dependencies.wss4j ................................. SUCCESS [ 0.109 s] [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.119 s] [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.071 s] [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.095 s] [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.148 s] [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.124 s] [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.115 s] [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.138 s] [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.109 s] [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.113 s] [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.126 s] [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.125 s] [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.113 s] [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.112 s] [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.122 s] [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.119 s] [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.123 s] [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.121 s] [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.205 s] [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.145 s] [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.326 s] [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.010 s] [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.043 s] [INFO] dependencies.soapbox ............................... SUCCESS [ 0.032 s] [INFO] compile ............................................ SUCCESS [ 0.001 s] [INFO] package ............................................ SUCCESS [ 0.000 s] [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.000 s] [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 10.540 s [INFO] Finished at: 2025-10-06T18:11:37+02:00 [INFO] ------------------------------------------------------------------------ [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dowasp.plugin.autoUpdate=true -Dpackage=none -DossIndexUsername=andrea.poli@link.it -Dcompile=none -Dowasp=verify -Dtestsuite=none -DossIndexPassword=6b31d4937d57ec65ccb3aed4ff8461107c8eeb5a -DnvdApiKey=f8281fbf-3d81-4e4a-9f03-ab68856b336d -Dowasp.plugin.failBuildOnAnyVulnerability=false verify [INFO] Scanning for projects... [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] [INFO] govway [pom] [INFO] dependencies [pom] [INFO] dependencies.ant [pom] [INFO] dependencies.antinstaller [pom] [INFO] dependencies.axiom [pom] [INFO] dependencies.bean-validation [pom] [INFO] dependencies.cxf [pom] [INFO] dependencies.commons [pom] [INFO] dependencies.faces [pom] [INFO] dependencies.git [pom] [INFO] dependencies.httpcore [pom] [INFO] dependencies.jackson [pom] [INFO] dependencies.javax [pom] [INFO] dependencies.jax [pom] [INFO] dependencies.jetty [pom] [INFO] dependencies.jminix [pom] [INFO] dependencies.json [pom] [INFO] dependencies.log [pom] [INFO] dependencies.lucene [pom] [INFO] dependencies.openapi4j [pom] [INFO] dependencies.opensaml [pom] [INFO] dependencies.pdf [pom] [INFO] dependencies.redis [pom] [INFO] dependencies.reports [pom] [INFO] dependencies.saaj [pom] [INFO] dependencies.security [pom] [INFO] dependencies.shared [pom] [INFO] dependencies.spring [pom] [INFO] dependencies.spring-ldap [pom] [INFO] dependencies.spring-security [pom] [INFO] dependencies.swagger [pom] [INFO] dependencies.wadl [pom] [INFO] dependencies.wss4j [pom] [INFO] dependencies.testsuite [pom] [INFO] dependencies.testsuite.axis14 [pom] [INFO] dependencies.testsuite.as [pom] [INFO] dependencies.testsuite.as.wildfly9 [pom] [INFO] dependencies.testsuite.as.wildfly10 [pom] [INFO] dependencies.testsuite.as.wildfly11 [pom] [INFO] dependencies.testsuite.as.wildfly12 [pom] [INFO] dependencies.testsuite.as.wildfly13 [pom] [INFO] dependencies.testsuite.as.wildfly14 [pom] [INFO] dependencies.testsuite.as.wildfly15 [pom] [INFO] dependencies.testsuite.as.wildfly16 [pom] [INFO] dependencies.testsuite.as.wildfly17 [pom] [INFO] dependencies.testsuite.as.wildfly18 [pom] [INFO] dependencies.testsuite.as.wildfly19 [pom] [INFO] dependencies.testsuite.as.wildfly20 [pom] [INFO] dependencies.testsuite.as.wildfly21 [pom] [INFO] dependencies.testsuite.as.wildfly22 [pom] [INFO] dependencies.testsuite.as.wildfly23 [pom] [INFO] dependencies.testsuite.as.wildfly24 [pom] [INFO] dependencies.testsuite.as.wildfly25 [pom] [INFO] dependencies.testsuite.as.wildfly26 [pom] [INFO] dependencies.testsuite.as.tomcat9 [pom] [INFO] dependencies.testsuite.test [pom] [INFO] dependencies.testsuite.staticAnalysis [pom] [INFO] dependencies.testsuite.dynamicAnalysis [pom] [INFO] dependencies.testsuite.coverage [pom] [INFO] compile [pom] [INFO] package [pom] [INFO] testsuite.utils [pom] [INFO] testsuite.utils.sql [pom] [INFO] testsuite.pdd.core [pom] [INFO] testsuite.pdd.core.sql [pom] [INFO] static_analysis.spotbugs [pom] [INFO] static_analysis.sonarqube [pom] [INFO] dynamic_analysis.zap [pom] [INFO] coverage.jacoco [pom] [INFO] [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- [INFO] Building govway 1.0 [1/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ [INFO] Building dependencies 1.0 [2/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.dependencies --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.dependencies --- [INFO] Checking for updates [WARNING] NVD API request failures are occurring; retrying request for the 1st time [INFO] NVD API has 495 records in this update [INFO] Downloaded 495/495 (100%) [INFO] Completed processing batch 1/1 (100%) in 1,125ms [INFO] Updating CISA Known Exploited Vulnerability list: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json [INFO] Begin database defrag [INFO] End database defrag (11061 ms) [INFO] Check for updates complete (15509 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (3 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (2 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (3 seconds) [INFO] Finished CPE Analyzer (11 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished RetireJS Analyzer (18 seconds) [INFO] Finished Sonatype OSS Index Analyzer (4 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (1 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (43 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-gitlab.json [WARNING] One or more dependencies were identified with known vulnerabilities in dependencies: commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:web_project:web:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 See the dependency-check report for more details. [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- [INFO] Building dependencies.ant 1.0 [3/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.ant --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.ant --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (77 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (2 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (2 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ [INFO] Building dependencies.antinstaller 1.0 [4/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.antinstaller --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.antinstaller --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (73 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- [INFO] Building dependencies.axiom 1.0 [5/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.axiom --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.axiom --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (72 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (2 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- [INFO] Building dependencies.bean-validation 1.0 [6/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.bean-validation --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.bean-validation --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (75 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- [INFO] Building dependencies.cxf 1.0 [7/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.cxf --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.cxf --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (73 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (2 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- [INFO] Building dependencies.commons 1.0 [8/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.commons --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.commons --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (2 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (2 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [WARNING] One or more dependencies were identified with known vulnerabilities in dependencies.commons: commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 See the dependency-check report for more details. [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- [INFO] Building dependencies.faces 1.0 [9/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.faces --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.faces --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (74 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (2 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished RetireJS Analyzer (8 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (12 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- [INFO] Building dependencies.git 1.0 [10/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.git --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.git --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- [INFO] Building dependencies.httpcore 1.0 [11/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.httpcore --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.httpcore --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- [INFO] Building dependencies.jackson 1.0 [12/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jackson --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jackson --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (72 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- [INFO] Building dependencies.javax 1.0 [13/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.javax --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.javax --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (70 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (2 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- [INFO] Building dependencies.jax 1.0 [14/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jax --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jax --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (69 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- [INFO] Building dependencies.jetty 1.0 [15/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jetty --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jetty --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (169 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- [INFO] Building dependencies.jminix 1.0 [16/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jminix --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jminix --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished RetireJS Analyzer (1 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (3 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- [INFO] Building dependencies.json 1.0 [17/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar [INFO] Executed tasks [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.json --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.json --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (70 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- [INFO] Building dependencies.log 1.0 [18/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.log --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.log --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (70 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- [INFO] Building dependencies.lucene 1.0 [19/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.lucene --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.lucene --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- [INFO] Building dependencies.openapi4j 1.0 [20/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.openapi4j --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.openapi4j --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- [INFO] Building dependencies.opensaml 1.0 [21/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.opensaml --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.opensaml --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- [INFO] Building dependencies.pdf 1.0 [22/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.pdf --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.pdf --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- [INFO] Building dependencies.redis 1.0 [23/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.redis --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.redis --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- [INFO] Building dependencies.reports 1.0 [24/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.reports --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.reports --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished RetireJS Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- [INFO] Building dependencies.saaj 1.0 [25/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.saaj --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.saaj --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- [INFO] Building dependencies.security 1.0 [26/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.security --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.security --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- [INFO] Building dependencies.shared 1.0 [27/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.shared --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.shared --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (65 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished RetireJS Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (3 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- [INFO] Building dependencies.spring 1.0 [28/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (80 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [WARNING] One or more dependencies were identified with known vulnerabilities in dependencies.spring: spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:web_project:web:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 See the dependency-check report for more details. [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- [INFO] Building dependencies.spring-ldap 1.0 [29/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-ldap --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring-ldap --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- [INFO] Building dependencies.spring-security 1.0 [30/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-security --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring-security --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (68 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- [INFO] Building dependencies.swagger 1.0 [31/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.swagger --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.swagger --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (69 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished RetireJS Analyzer (9 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (11 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- [INFO] Building dependencies.wadl 1.0 [32/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wadl --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.wadl --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- [INFO] Building dependencies.wss4j 1.0 [33/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wss4j --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.wss4j --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished Archive Analyzer (0 seconds) [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Jar Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. ## Recommendation Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). The following template can be used to demonstrate the vulnerability: ```{{#with "constructor"}} {{#with split as |a|}} {{pop (push "alert('Vulnerable Handlebars JS');")}} {{#with (concat (lookup join (slice 0 1)))}} {{#each (slice 2 3)}} {{#with (apply 0 a)}} {{.}} {{/with}} {{/each}} {{/with}} {{/with}} {{/with}}``` ## Recommendation Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- [INFO] Building dependencies.testsuite 1.0 [34/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (64 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.axis14 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.axis14 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (64 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- [INFO] Building dependencies.testsuite.as 1.0 [36/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (64 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (65 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (65 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (74 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (97 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (68 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (85 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (67 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (75 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (66 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (75 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (70 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (72 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- [INFO] Building dependencies.testsuite.test 1.0 [56/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar [INFO] Executed tasks [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.test --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.test --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (65 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (86 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (92 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.coverage --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.coverage --- [INFO] Checking for updates [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. [INFO] Check for updates complete (65 ms) [INFO] Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 💖 Sponsor: https://github.com/sponsors/jeremylong [INFO] Analysis Started [INFO] Finished File Name Analyzer (0 seconds) [INFO] Finished Dependency Merging Analyzer (0 seconds) [INFO] Finished Hint Analyzer (0 seconds) [INFO] Finished Version Filter Analyzer (0 seconds) [INFO] Created CPE Index (1 seconds) [INFO] Finished CPE Analyzer (1 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) [INFO] Finished Dependency Bundling Analyzer (0 seconds) [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) [INFO] Analysis Complete (1 seconds) [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- [INFO] Building compile 1.0 [60/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- [INFO] Building package 1.0 [61/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- [INFO] Building testsuite.utils 1.0 [62/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- [INFO] Building testsuite.utils.sql 1.0 [63/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- [INFO] Building testsuite.pdd.core 1.0 [64/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ [INFO] Building static_analysis.spotbugs 1.0 [66/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ [INFO] Building static_analysis.sonarqube 1.0 [67/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- [INFO] Building dynamic_analysis.zap 1.0 [68/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- [INFO] Building coverage.jacoco 1.0 [69/69] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for govway 1.0: [INFO] [INFO] govway ............................................. SUCCESS [ 0.004 s] [INFO] dependencies ....................................... SUCCESS [01:15 min] [INFO] dependencies.ant ................................... SUCCESS [ 8.657 s] [INFO] dependencies.antinstaller .......................... SUCCESS [ 7.628 s] [INFO] dependencies.axiom ................................. SUCCESS [ 7.829 s] [INFO] dependencies.bean-validation ....................... SUCCESS [ 7.554 s] [INFO] dependencies.cxf ................................... SUCCESS [ 7.946 s] [INFO] dependencies.commons ............................... SUCCESS [ 8.114 s] [INFO] dependencies.faces ................................. SUCCESS [ 18.593 s] [INFO] dependencies.git ................................... SUCCESS [ 7.211 s] [INFO] dependencies.httpcore .............................. SUCCESS [ 7.349 s] [INFO] dependencies.jackson ............................... SUCCESS [ 7.197 s] [INFO] dependencies.javax ................................. SUCCESS [ 7.850 s] [INFO] dependencies.jax ................................... SUCCESS [ 7.548 s] [INFO] dependencies.jetty ................................. SUCCESS [ 6.969 s] [INFO] dependencies.jminix ................................ SUCCESS [ 8.912 s] [INFO] dependencies.json .................................. SUCCESS [ 7.446 s] [INFO] dependencies.log ................................... SUCCESS [ 7.342 s] [INFO] dependencies.lucene ................................ SUCCESS [ 7.172 s] [INFO] dependencies.openapi4j ............................. SUCCESS [ 7.183 s] [INFO] dependencies.opensaml .............................. SUCCESS [ 7.100 s] [INFO] dependencies.pdf ................................... SUCCESS [ 7.021 s] [INFO] dependencies.redis ................................. SUCCESS [ 7.112 s] [INFO] dependencies.reports ............................... SUCCESS [ 7.357 s] [INFO] dependencies.saaj .................................. SUCCESS [ 7.063 s] [INFO] dependencies.security .............................. SUCCESS [ 7.504 s] [INFO] dependencies.shared ................................ SUCCESS [ 8.941 s] [INFO] dependencies.spring ................................ SUCCESS [ 7.599 s] [INFO] dependencies.spring-ldap ........................... SUCCESS [ 7.015 s] [INFO] dependencies.spring-security ....................... SUCCESS [ 7.221 s] [INFO] dependencies.swagger ............................... SUCCESS [ 17.241 s] [INFO] dependencies.wadl .................................. SUCCESS [ 7.207 s] [INFO] dependencies.wss4j ................................. SUCCESS [ 7.146 s] [INFO] dependencies.testsuite ............................. SUCCESS [ 6.933 s] [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 6.748 s] [INFO] dependencies.testsuite.as .......................... SUCCESS [ 6.881 s] [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 6.989 s] [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 7.087 s] [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 7.133 s] [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 7.067 s] [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 6.894 s] [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 6.860 s] [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 6.763 s] [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 6.955 s] [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 7.161 s] [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 7.083 s] [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 7.161 s] [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 7.155 s] [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 7.320 s] [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 7.099 s] [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 7.138 s] [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 7.062 s] [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 7.084 s] [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 7.221 s] [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 6.858 s] [INFO] dependencies.testsuite.test ........................ SUCCESS [ 6.785 s] [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 6.750 s] [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 6.868 s] [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 6.726 s] [INFO] compile ............................................ SUCCESS [ 0.000 s] [INFO] package ............................................ SUCCESS [ 0.001 s] [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.000 s] [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 08:31 min [INFO] Finished at: 2025-10-06T18:20:11+02:00 [INFO] ------------------------------------------------------------------------ [GovWay] $ /bin/bash /tmp/jenkins16196028244655736441.sh Pubblicazione risultati dependency check ... cp: cannot create directory ‘/opt/apache-tomcat-9.0.91/webapps/dependency-check/result’: No such file or directory Pubblicazione risultati dependency check effettuata Pubblicazione installer su risultati testsuite ... Pubblicazione installer su risultati testsuite effettuata [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=compile -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true compile [INFO] Scanning for projects... [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] [INFO] govway [pom] [INFO] dependencies [pom] [INFO] dependencies.ant [pom] [INFO] dependencies.antinstaller [pom] [INFO] dependencies.axiom [pom] [INFO] dependencies.bean-validation [pom] [INFO] dependencies.cxf [pom] [INFO] dependencies.commons [pom] [INFO] dependencies.faces [pom] [INFO] dependencies.git [pom] [INFO] dependencies.httpcore [pom] [INFO] dependencies.jackson [pom] [INFO] dependencies.javax [pom] [INFO] dependencies.jax [pom] [INFO] dependencies.jetty [pom] [INFO] dependencies.jminix [pom] [INFO] dependencies.json [pom] [INFO] dependencies.log [pom] [INFO] dependencies.lucene [pom] [INFO] dependencies.openapi4j [pom] [INFO] dependencies.opensaml [pom] [INFO] dependencies.pdf [pom] [INFO] dependencies.redis [pom] [INFO] dependencies.reports [pom] [INFO] dependencies.saaj [pom] [INFO] dependencies.security [pom] [INFO] dependencies.shared [pom] [INFO] dependencies.spring [pom] [INFO] dependencies.spring-ldap [pom] [INFO] dependencies.spring-security [pom] [INFO] dependencies.swagger [pom] [INFO] dependencies.wadl [pom] [INFO] dependencies.wss4j [pom] [INFO] dependencies.testsuite [pom] [INFO] dependencies.testsuite.axis14 [pom] [INFO] dependencies.testsuite.as [pom] [INFO] dependencies.testsuite.as.wildfly9 [pom] [INFO] dependencies.testsuite.as.wildfly10 [pom] [INFO] dependencies.testsuite.as.wildfly11 [pom] [INFO] dependencies.testsuite.as.wildfly12 [pom] [INFO] dependencies.testsuite.as.wildfly13 [pom] [INFO] dependencies.testsuite.as.wildfly14 [pom] [INFO] dependencies.testsuite.as.wildfly15 [pom] [INFO] dependencies.testsuite.as.wildfly16 [pom] [INFO] dependencies.testsuite.as.wildfly17 [pom] [INFO] dependencies.testsuite.as.wildfly18 [pom] [INFO] dependencies.testsuite.as.wildfly19 [pom] [INFO] dependencies.testsuite.as.wildfly20 [pom] [INFO] dependencies.testsuite.as.wildfly21 [pom] [INFO] dependencies.testsuite.as.wildfly22 [pom] [INFO] dependencies.testsuite.as.wildfly23 [pom] [INFO] dependencies.testsuite.as.wildfly24 [pom] [INFO] dependencies.testsuite.as.wildfly25 [pom] [INFO] dependencies.testsuite.as.wildfly26 [pom] [INFO] dependencies.testsuite.as.tomcat9 [pom] [INFO] dependencies.testsuite.test [pom] [INFO] dependencies.testsuite.staticAnalysis [pom] [INFO] dependencies.testsuite.dynamicAnalysis [pom] [INFO] dependencies.testsuite.coverage [pom] [INFO] dependencies.soapbox [pom] [INFO] compile [pom] [INFO] package [pom] [INFO] testsuite.utils [pom] [INFO] testsuite.utils.sql [pom] [INFO] testsuite.pdd.core [pom] [INFO] testsuite.pdd.core.sql [pom] [INFO] static_analysis.spotbugs [pom] [INFO] static_analysis.sonarqube [pom] [INFO] dynamic_analysis.zap [pom] [INFO] coverage.jacoco [pom] [INFO] [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- [INFO] Building govway 1.0 [1/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ [INFO] Building dependencies 1.0 [2/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- [INFO] Building dependencies.ant 1.0 [3/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ [INFO] Building dependencies.antinstaller 1.0 [4/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- [INFO] Building dependencies.axiom 1.0 [5/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar [INFO] Executed tasks [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- [INFO] Building dependencies.bean-validation 1.0 [6/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- [INFO] Building dependencies.cxf 1.0 [7/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- [INFO] Building dependencies.commons 1.0 [8/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- [INFO] Building dependencies.faces 1.0 [9/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- [INFO] Building dependencies.git 1.0 [10/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- [INFO] Building dependencies.httpcore 1.0 [11/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- [INFO] Building dependencies.jackson 1.0 [12/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- [INFO] Building dependencies.javax 1.0 [13/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- [INFO] Building dependencies.jax 1.0 [14/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- [INFO] Building dependencies.jetty 1.0 [15/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- [INFO] Building dependencies.jminix 1.0 [16/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar [INFO] Executed tasks [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- [INFO] Building dependencies.json 1.0 [17/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar [INFO] Executed tasks [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- [INFO] Building dependencies.log 1.0 [18/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- [INFO] Building dependencies.lucene 1.0 [19/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- [INFO] Building dependencies.openapi4j 1.0 [20/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- [INFO] Building dependencies.opensaml 1.0 [21/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- [INFO] Building dependencies.pdf 1.0 [22/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- [INFO] Building dependencies.redis 1.0 [23/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- [INFO] Building dependencies.reports 1.0 [24/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- [INFO] Building dependencies.saaj 1.0 [25/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- [INFO] Building dependencies.security 1.0 [26/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- [INFO] Building dependencies.shared 1.0 [27/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- [INFO] Building dependencies.spring 1.0 [28/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar [INFO] Executed tasks [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- [INFO] Building dependencies.spring-ldap 1.0 [29/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- [INFO] Building dependencies.spring-security 1.0 [30/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- [INFO] Building dependencies.swagger 1.0 [31/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar [INFO] Executed tasks [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- [INFO] Building dependencies.wadl 1.0 [32/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- [INFO] Building dependencies.wss4j 1.0 [33/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar [INFO] Executed tasks [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- [INFO] Building dependencies.testsuite 1.0 [34/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar [INFO] Executed tasks [INFO] [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- [INFO] Building dependencies.testsuite.as 1.0 [36/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- [INFO] Building dependencies.testsuite.test 1.0 [56/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar [INFO] Executed tasks [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- [INFO] Building dependencies.soapbox 1.0 [60/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- [INFO] Building compile 1.0 [61/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.compile --- [INFO] Executing tasks [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/core [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/protocolli/modipa [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/protocolli/spcoop [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/protocolli/trasparente [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/protocolli/sdi [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/protocolli/as4 [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/queue [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/control_station [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/loader [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/rs/config/server [INFO] [copy] Copying 1 file to /var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/tmp [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils] [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/instrument] [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-instrument_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/resources] [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-resources_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mime] [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mime_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/date] [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-date_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/io] [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-io_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/random] [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-random_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/properties] [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-properties_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxb] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxb_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxrs] [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxrs_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml] [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/json] [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-json_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml2json] [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml2json_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/digest] [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-digest_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/regexp] [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-regexp_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate] [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/transport] [INFO] [javac] Compiling 65 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-transport_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/ocsp] [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-ocsp_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/remote] [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-remote_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/byok] [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-byok_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jmx] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jmx_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/cache] [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-cache_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/checksum] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-checksum_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/crypt] [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-crypt_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/csv] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-csv_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/dch] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-dch_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sql] [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sql_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jdbc] [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jdbc_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/id] [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-id_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/serialization] [INFO] [javac] Compiling 26 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-serialization_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/logger] [INFO] [javac] Compiling 77 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-logger_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/service] [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-service_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/beans] [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-beans_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/security] [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-security_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/pdf] [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-pdf_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wsdl] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wsdl_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/rest] [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-rest_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wadl] [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wadl_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/openapi] [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-openapi_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xacml] [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xacml_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mail] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mail_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/datasource] [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-datasource_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sonde] [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sonde_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/semaphore] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-semaphore_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/threads] [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-threads_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils-test [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/test] [INFO] [javac] Compiling 65 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils-test/openspcoop2_utils-test_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils-test_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/generic_project/src/] [INFO] [javac] Compiling 211 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_generic-project_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/schemi [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-openspcoop2_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-standard_RELEASE.jar [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_schemi-xsd_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/message [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/context] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 42 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message-context_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message] [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_message_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/core [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core] [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/id] [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-id_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons] [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/byok] [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-byok_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 346 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 139 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/tracciamento] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-tracciamento_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/diagnostica] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-diagnostica_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/transazioni] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 144 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-transazioni_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eventi] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eventi_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/statistiche] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 108 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-statistiche_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/plugins] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 94 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-plugins_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/controllo_traffico] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 128 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-controllo_traffico_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/allarmi] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 76 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-allarmi_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mapping] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mapping_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/details] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-details_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/router_details] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 25 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-router_details_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/errore_applicativo] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-errore_applicativo_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/integrazione] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-integrazione_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver] [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/db] [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-db_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/xml] [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-xml_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/utils] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-utils_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver] [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/wsdl] [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-wsdl_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/rest] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-rest_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/db] [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-db_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/xml] [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-xml_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/web] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-web_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/uddi] [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-uddi_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/ws] [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-ws_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/utils] [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-utils_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/search] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 184 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-search_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/dao] [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-dao_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mvc/properties] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mvc_properties_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_core_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol-api [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/manifest] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 131 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-manifest_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/information_missing] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-information_missing_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/sdk] [INFO] [javac] Compiling 226 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-sdk_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/utils] [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-utils_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/registry] [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-registry_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/abstraction] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-abstraction_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/basic] [INFO] [javac] Compiling 63 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-basic_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol-api_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor-api [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/sdk] [INFO] [javac] Compiling 69 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor-api/openspcoop2_monitor-sdk_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor-api_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/security [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security] [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-core_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message] [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/engine] [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-engine_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/jose] [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-jose_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/xml] [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-xml_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/wss4j] [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-wss4j_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/soapbox] [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-soapbox_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_security_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/engine] [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol/openspcoop2_protocol_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/transazioni] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-transazioni_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/ricerche] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-ricerche_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/statistiche] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-statistiche_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine] [INFO] [javac] Compiling 238 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/statistiche/package-info.class [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/ricerche/package-info.class [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/constants/package-info.class [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-engine_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd [INFO] [copy] Copying 1120 files to /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd [WARNING] [echo] Raccolta informazioni git per impostazione versione... [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd] [INFO] [javac] Compiling 1045 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/constants/package-info.class [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/package-info.class [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/services/skeleton/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd/openspcoop2_pdd_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd-test [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/pdd_test] [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd-test/openspcoop2_pdd-test_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd-test_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/modipa [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-plugin_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-config_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_modipa-protocol_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/spcoop [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/manifest] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 73 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-manifest_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/collprofiles] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipacollprofiles_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/schemas/_2003/egovit/exception1_0] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 24 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipaexception_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wscp] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wscp_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wsbl] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wsbl_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-plugin_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-config_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-schemi_RELEASE.jar [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_spcoop-protocol_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/trasparente [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-plugin_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-config_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_trasparente-protocol_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/sdi [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_0] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v10_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_1] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 113 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v11_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_0/] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturasemplificata-v10_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_2/] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 114 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v12_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/messaggi/v1_0] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 48 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-v10_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fattura/messaggi/v1_0] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-fattura-v10_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/ricezione/v1_0/types] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wsricezione-v10_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/trasmissione/v1_0/types] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wstrasmissione-v10_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/org/openspcoop2/protocol/sdi] [INFO] [javac] Compiling 32 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-plugin_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-config_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-schemi_RELEASE.jar [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_sdi-protocol_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/as4 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/org/oasis_open/docs/ebxml_msg/ebms/v3_0/ns/core/_200704] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-ebms-v3_0_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/backend/ecodex/org/_1_1] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-backend-ecodex-v1_1_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/eu/domibus/configuration] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-eu-domibus-configuration_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-plugin_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-config_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-schemi_RELEASE.jar [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_as4-protocol_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 warning: Implicitly compiled files were not subject to annotation processing. Use -proc:none to disable annotation processing or -implicit to specify a policy for implicit compilation. 1 warning [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/audit [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/costanti] [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-costanti_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/log] [WARNING] [javac] anomalous package-info.java path: package-info.java [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2/constants/package-info.class [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-log_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/dao] [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-dao_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src] [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-audit_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/queue/src] [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-queue_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/control_station/src] [INFO] [javac] Compiling 763 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayConsole_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/] [INFO] [javac] Compiling 144 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/resources] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core-resources_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-core_RELEASE.jar [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/] [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-transazioni_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/] [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-statistiche_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/] [INFO] [javac] Compiling 6 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-eventi_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml [ERROR] [concat] /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml.application does not exist. [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/] [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-allarmi_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/loader/src] [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-loaderConsole_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/config/server/src/] [INFO] [javac] Compiling 460 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-config-server_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/src/] [INFO] [javac] Compiling 126 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-monitor-server_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/statistiche/src/] [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-statistiche_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/runtime-repository/src/] [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-runtime-repository_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/config_loader/src] [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-configLoader_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ [WARNING] [echo] **************************************** [WARNING] [echo] **** DEBUG MODE ON ***** [WARNING] [echo] **************************************** [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/govway_vault/src] [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-vault_RELEASE.jar [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist.backup [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist.backup [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- [INFO] Building package 1.0 [62/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- [INFO] Building testsuite.utils 1.0 [63/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- [INFO] Building testsuite.utils.sql 1.0 [64/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- [INFO] Building testsuite.pdd.core 1.0 [65/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ [INFO] Building static_analysis.spotbugs 1.0 [67/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ [INFO] Building static_analysis.sonarqube 1.0 [68/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- [INFO] Building dynamic_analysis.zap 1.0 [69/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- [INFO] Building coverage.jacoco 1.0 [70/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for govway 1.0: [INFO] [INFO] govway ............................................. SUCCESS [ 0.004 s] [INFO] dependencies ....................................... SUCCESS [ 0.001 s] [INFO] dependencies.ant ................................... SUCCESS [ 1.229 s] [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.040 s] [INFO] dependencies.axiom ................................. SUCCESS [ 0.479 s] [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.048 s] [INFO] dependencies.cxf ................................... SUCCESS [ 0.280 s] [INFO] dependencies.commons ............................... SUCCESS [ 0.123 s] [INFO] dependencies.faces ................................. SUCCESS [ 0.053 s] [INFO] dependencies.git ................................... SUCCESS [ 0.017 s] [INFO] dependencies.httpcore .............................. SUCCESS [ 0.103 s] [INFO] dependencies.jackson ............................... SUCCESS [ 0.061 s] [INFO] dependencies.javax ................................. SUCCESS [ 0.039 s] [INFO] dependencies.jax ................................... SUCCESS [ 0.166 s] [INFO] dependencies.jetty ................................. SUCCESS [ 0.040 s] [INFO] dependencies.jminix ................................ SUCCESS [ 0.066 s] [INFO] dependencies.json .................................. SUCCESS [ 0.080 s] [INFO] dependencies.log ................................... SUCCESS [ 0.097 s] [INFO] dependencies.lucene ................................ SUCCESS [ 0.017 s] [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.058 s] [INFO] dependencies.opensaml .............................. SUCCESS [ 0.057 s] [INFO] dependencies.pdf ................................... SUCCESS [ 0.022 s] [INFO] dependencies.redis ................................. SUCCESS [ 0.060 s] [INFO] dependencies.reports ............................... SUCCESS [ 0.082 s] [INFO] dependencies.saaj .................................. SUCCESS [ 0.071 s] [INFO] dependencies.security .............................. SUCCESS [ 0.082 s] [INFO] dependencies.shared ................................ SUCCESS [ 0.201 s] [INFO] dependencies.spring ................................ SUCCESS [ 0.084 s] [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.010 s] [INFO] dependencies.spring-security ....................... SUCCESS [ 0.056 s] [INFO] dependencies.swagger ............................... SUCCESS [ 0.092 s] [INFO] dependencies.wadl .................................. SUCCESS [ 0.012 s] [INFO] dependencies.wss4j ................................. SUCCESS [ 0.066 s] [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.063 s] [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.029 s] [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.025 s] [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.023 s] [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.021 s] [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.025 s] [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.027 s] [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.108 s] [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.034 s] [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.010 s] [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.105 s] [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.011 s] [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.007 s] [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.019 s] [INFO] dependencies.soapbox ............................... SUCCESS [ 0.012 s] [INFO] compile ............................................ SUCCESS [15:28 min] [INFO] package ............................................ SUCCESS [ 0.000 s] [INFO] testsuite.utils .................................... SUCCESS [ 0.003 s] [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.003 s] [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.003 s] [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.003 s] [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.002 s] [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.003 s] [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.003 s] [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 15:34 min [INFO] Finished at: 2025-10-06T18:35:47+02:00 [INFO] ------------------------------------------------------------------------ [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage.git_info.generate=false -Dpackage=package -Dcompile=none -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true package [INFO] Scanning for projects... [INFO] ------------------------------------------------------------------------ [INFO] Reactor Build Order: [INFO] [INFO] govway [pom] [INFO] dependencies [pom] [INFO] dependencies.ant [pom] [INFO] dependencies.antinstaller [pom] [INFO] dependencies.axiom [pom] [INFO] dependencies.bean-validation [pom] [INFO] dependencies.cxf [pom] [INFO] dependencies.commons [pom] [INFO] dependencies.faces [pom] [INFO] dependencies.git [pom] [INFO] dependencies.httpcore [pom] [INFO] dependencies.jackson [pom] [INFO] dependencies.javax [pom] [INFO] dependencies.jax [pom] [INFO] dependencies.jetty [pom] [INFO] dependencies.jminix [pom] [INFO] dependencies.json [pom] [INFO] dependencies.log [pom] [INFO] dependencies.lucene [pom] [INFO] dependencies.openapi4j [pom] [INFO] dependencies.opensaml [pom] [INFO] dependencies.pdf [pom] [INFO] dependencies.redis [pom] [INFO] dependencies.reports [pom] [INFO] dependencies.saaj [pom] [INFO] dependencies.security [pom] [INFO] dependencies.shared [pom] [INFO] dependencies.spring [pom] [INFO] dependencies.spring-ldap [pom] [INFO] dependencies.spring-security [pom] [INFO] dependencies.swagger [pom] [INFO] dependencies.wadl [pom] [INFO] dependencies.wss4j [pom] [INFO] dependencies.testsuite [pom] [INFO] dependencies.testsuite.axis14 [pom] [INFO] dependencies.testsuite.as [pom] [INFO] dependencies.testsuite.as.wildfly9 [pom] [INFO] dependencies.testsuite.as.wildfly10 [pom] [INFO] dependencies.testsuite.as.wildfly11 [pom] [INFO] dependencies.testsuite.as.wildfly12 [pom] [INFO] dependencies.testsuite.as.wildfly13 [pom] [INFO] dependencies.testsuite.as.wildfly14 [pom] [INFO] dependencies.testsuite.as.wildfly15 [pom] [INFO] dependencies.testsuite.as.wildfly16 [pom] [INFO] dependencies.testsuite.as.wildfly17 [pom] [INFO] dependencies.testsuite.as.wildfly18 [pom] [INFO] dependencies.testsuite.as.wildfly19 [pom] [INFO] dependencies.testsuite.as.wildfly20 [pom] [INFO] dependencies.testsuite.as.wildfly21 [pom] [INFO] dependencies.testsuite.as.wildfly22 [pom] [INFO] dependencies.testsuite.as.wildfly23 [pom] [INFO] dependencies.testsuite.as.wildfly24 [pom] [INFO] dependencies.testsuite.as.wildfly25 [pom] [INFO] dependencies.testsuite.as.wildfly26 [pom] [INFO] dependencies.testsuite.as.tomcat9 [pom] [INFO] dependencies.testsuite.test [pom] [INFO] dependencies.testsuite.staticAnalysis [pom] [INFO] dependencies.testsuite.dynamicAnalysis [pom] [INFO] dependencies.testsuite.coverage [pom] [INFO] dependencies.soapbox [pom] [INFO] compile [pom] [INFO] package [pom] [INFO] testsuite.utils [pom] [INFO] testsuite.utils.sql [pom] [INFO] testsuite.pdd.core [pom] [INFO] testsuite.pdd.core.sql [pom] [INFO] static_analysis.spotbugs [pom] [INFO] static_analysis.sonarqube [pom] [INFO] dynamic_analysis.zap [pom] [INFO] coverage.jacoco [pom] [INFO] [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- [INFO] Building govway 1.0 [1/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ [INFO] Building dependencies 1.0 [2/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- [INFO] Building dependencies.ant 1.0 [3/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ [INFO] Building dependencies.antinstaller 1.0 [4/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- [INFO] Building dependencies.axiom 1.0 [5/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar [INFO] Executed tasks [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- [INFO] Building dependencies.bean-validation 1.0 [6/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- [INFO] Building dependencies.cxf 1.0 [7/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- [INFO] Building dependencies.commons 1.0 [8/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- [INFO] Building dependencies.faces 1.0 [9/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- [INFO] Building dependencies.git 1.0 [10/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- [INFO] Building dependencies.httpcore 1.0 [11/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- [INFO] Building dependencies.jackson 1.0 [12/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- [INFO] Building dependencies.javax 1.0 [13/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- [INFO] Building dependencies.jax 1.0 [14/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- [INFO] Executing tasks [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- [INFO] Building dependencies.jetty 1.0 [15/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- [INFO] Building dependencies.jminix 1.0 [16/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar [INFO] Executed tasks [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- [INFO] Building dependencies.json 1.0 [17/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar [INFO] Executed tasks [INFO] [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- [INFO] Building dependencies.log 1.0 [18/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- [INFO] Building dependencies.lucene 1.0 [19/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- [INFO] Building dependencies.openapi4j 1.0 [20/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- [INFO] Building dependencies.opensaml 1.0 [21/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- [INFO] Building dependencies.pdf 1.0 [22/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- [INFO] Building dependencies.redis 1.0 [23/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- [INFO] Building dependencies.reports 1.0 [24/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- [INFO] Building dependencies.saaj 1.0 [25/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- [INFO] Building dependencies.security 1.0 [26/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- [INFO] Building dependencies.shared 1.0 [27/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar [INFO] Executed tasks [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- [INFO] Building dependencies.spring 1.0 [28/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar [INFO] Executed tasks [INFO] [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- [INFO] Building dependencies.spring-ldap 1.0 [29/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- [INFO] Building dependencies.spring-security 1.0 [30/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar [INFO] Executed tasks [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- [INFO] Building dependencies.swagger 1.0 [31/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar [INFO] Executed tasks [INFO] [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- [INFO] Building dependencies.wadl 1.0 [32/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- [INFO] [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- [INFO] Building dependencies.wss4j 1.0 [33/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar [INFO] Executed tasks [INFO] [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- [INFO] Building dependencies.testsuite 1.0 [34/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar [INFO] Executed tasks [INFO] [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- [INFO] Building dependencies.testsuite.as 1.0 [36/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. [INFO] [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- [INFO] [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- [INFO] Building dependencies.testsuite.test 1.0 [56/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- [INFO] Executing tasks [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar [INFO] Executed tasks [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- [INFO] Building dependencies.soapbox 1.0 [60/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) [INFO] [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- [INFO] Building compile 1.0 [61/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- [INFO] Building package 1.0 [62/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.package --- [INFO] Executing tasks [INFO] [exec] INFO <2025/10/06 18:35:54>: --------------------------------------- [INFO] [exec] INFO <2025/10/06 18:35:54>: WORK_DIR: /var/lib/jenkins/workspace/GovWay/dist [INFO] [exec] INFO <2025/10/06 18:35:54>: LOG_DIR: /var/lib/jenkins/workspace/GovWay/log [INFO] [exec] INFO <2025/10/06 18:35:54>: TIPO: branches [INFO] [exec] INFO <2025/10/06 18:35:54>: BUILD-SETUP: true [INFO] [exec] INFO <2025/10/06 18:35:54>: BUILD-DOC: false [INFO] [exec] INFO <2025/10/06 18:35:54>: BUILD-LIB: false [INFO] [exec] INFO <2025/10/06 18:35:54>: READ_GIT_INFO: false [INFO] [exec] INFO <2025/10/06 18:35:54>: VERSION: 3.3.17.build-master [INFO] [exec] INFO <2025/10/06 18:35:54>: --------------------------------------- [INFO] [exec] WARN <2025/10/06 18:35:54>: Generazione distribuzione sorgente non eseguita su richiesta utente. [INFO] [exec] ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC [INFO] [exec] INFO <2025/10/06 18:35:54>: Comincio produzione distribuzione binaria [INFO] [exec] INFO <2025/10/06 18:35:54>: Generazione dei pacchetti software in corso (!!NOTA: questa operazione richiede parecchi minuti) ... [INFO] [exec] INFO <2025/10/06 19:29:54>: Generazione dei pacchetti software terminata correttamente [INFO] [exec] INFO <2025/10/06 19:29:54>: Generazione della documentazione (Questa operazione richiede qualche minuto) ... [INFO] [exec] INFO <2025/10/06 19:29:54>: Generazione della documentazione terminata correttamente [INFO] [exec] INFO <2025/10/06 19:29:54>: Generazione pacchetto installer ... [INFO] [exec] /bin/rm -rf /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.17.build-master [INFO] [exec] INFO <2025/10/06 19:30:19>: Generazione pacchetto installer terminata correttamente. [INFO] [exec] INFO <2025/10/06 19:30:19>: Generazione distribuzione binaria terminata correttamente. Archivio generato: /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.17.build-master.tgz [INFO] Executed tasks [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- [INFO] Building testsuite.utils 1.0 [63/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- [INFO] Building testsuite.utils.sql 1.0 [64/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- [INFO] Building testsuite.pdd.core 1.0 [65/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ [INFO] Building static_analysis.spotbugs 1.0 [67/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ [INFO] Building static_analysis.sonarqube 1.0 [68/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- [INFO] Building dynamic_analysis.zap 1.0 [69/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- [INFO] Building coverage.jacoco 1.0 [70/70] [INFO] --------------------------------[ pom ]--------------------------------- [INFO] ------------------------------------------------------------------------ [INFO] Reactor Summary for govway 1.0: [INFO] [INFO] govway ............................................. SUCCESS [ 0.004 s] [INFO] dependencies ....................................... SUCCESS [ 0.002 s] [INFO] dependencies.ant ................................... SUCCESS [ 1.314 s] [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.038 s] [INFO] dependencies.axiom ................................. SUCCESS [ 0.479 s] [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.047 s] [INFO] dependencies.cxf ................................... SUCCESS [ 0.261 s] [INFO] dependencies.commons ............................... SUCCESS [ 0.134 s] [INFO] dependencies.faces ................................. SUCCESS [ 0.059 s] [INFO] dependencies.git ................................... SUCCESS [ 0.019 s] [INFO] dependencies.httpcore .............................. SUCCESS [ 0.115 s] [INFO] dependencies.jackson ............................... SUCCESS [ 0.101 s] [INFO] dependencies.javax ................................. SUCCESS [ 0.043 s] [INFO] dependencies.jax ................................... SUCCESS [ 0.173 s] [INFO] dependencies.jetty ................................. SUCCESS [ 0.044 s] [INFO] dependencies.jminix ................................ SUCCESS [ 0.074 s] [INFO] dependencies.json .................................. SUCCESS [ 0.097 s] [INFO] dependencies.log ................................... SUCCESS [ 0.106 s] [INFO] dependencies.lucene ................................ SUCCESS [ 0.018 s] [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.067 s] [INFO] dependencies.opensaml .............................. SUCCESS [ 0.063 s] [INFO] dependencies.pdf ................................... SUCCESS [ 0.025 s] [INFO] dependencies.redis ................................. SUCCESS [ 0.059 s] [INFO] dependencies.reports ............................... SUCCESS [ 0.040 s] [INFO] dependencies.saaj .................................. SUCCESS [ 0.057 s] [INFO] dependencies.security .............................. SUCCESS [ 0.071 s] [INFO] dependencies.shared ................................ SUCCESS [ 0.171 s] [INFO] dependencies.spring ................................ SUCCESS [ 0.071 s] [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.008 s] [INFO] dependencies.spring-security ....................... SUCCESS [ 0.045 s] [INFO] dependencies.swagger ............................... SUCCESS [ 0.080 s] [INFO] dependencies.wadl .................................. SUCCESS [ 0.049 s] [INFO] dependencies.wss4j ................................. SUCCESS [ 0.061 s] [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.061 s] [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.023 s] [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.027 s] [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.029 s] [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.025 s] [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.024 s] [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.028 s] [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.025 s] [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.027 s] [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.030 s] [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.028 s] [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.026 s] [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.028 s] [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.028 s] [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.011 s] [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.112 s] [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.012 s] [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.008 s] [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.019 s] [INFO] dependencies.soapbox ............................... SUCCESS [ 0.012 s] [INFO] compile ............................................ SUCCESS [ 0.001 s] [INFO] package ............................................ SUCCESS [54:24 min] [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] [INFO] ------------------------------------------------------------------------ [INFO] BUILD SUCCESS [INFO] ------------------------------------------------------------------------ [INFO] Total time: 54:30 min [INFO] Finished at: 2025-10-06T19:30:19+02:00 [INFO] ------------------------------------------------------------------------ [GovWay] $ /bin/bash /tmp/jenkins18027355490389794361.sh Sistemo dependency-check-result/dependency-check-report.xml ... Sistemo dependency-check-result/dependency-check-report.xml ok [GovWay] $ /bin/bash /tmp/jenkins12081990548723332007.sh Archive Name [govway-installer-3.3.17.build-master.tgz] Pubblicazione last distrib ... Pubblicazione last distrib effettuata Pubblicazione installer su risultati testsuite ... Pubblicazione installer su risultati testsuite effettuata: scaricabile alla url 'https://jenkins.link.it/govway/govway-testsuite/installer/govway-installer-3.3.17.build-master.tgz' Archive DIR [govway-installer-3.3.17.build-master] Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server ... PLAY [instance_govway] ********************************************************* TASK [Gathering Facts] ********************************************************* ok: [127.0.0.1] TASK [include_vars] ************************************************************ ok: [127.0.0.1] TASK [link.govway : Remove Old Jenkins Installer] ****************************** [WARNING]: Consider using file module with state=absent rather than running rm changed: [127.0.0.1] TASK [link.govway : Load Jenkins Installer] ************************************ changed: [127.0.0.1] TASK [link.govway : Install the setup template] ******************************** changed: [127.0.0.1] TASK [link.govway : Fix the Govway installer to run non interactively] ********* changed: [127.0.0.1] TASK [link.govway : Fix the installer script to run non interactively] ********* ok: [127.0.0.1] TASK [link.govway : Fix the installer script template position] **************** ok: [127.0.0.1] TASK [link.govway : Verify JAVA_HOME and Run the Goway Setup] ****************** changed: [127.0.0.1] TASK [link.govway : Stop Tomcat 8] ********************************************* [WARNING]: Consider using service module rather than running service changed: [127.0.0.1] TASK [link.govway : Drop Govway DB and Create new one] ************************* changed: [127.0.0.1] TASK [link.govway : Load GovWay.sql] ******************************************* changed: [127.0.0.1] TASK [link.govway : Load GovWay_init.sql] ************************************** changed: [127.0.0.1] TASK [link.govway : Create tomcat configuration backup directory] ************** changed: [127.0.0.1] TASK [link.govway : Backup Govway data sources] ******************************** changed: [127.0.0.1] => (item=govwayConsole.xml) changed: [127.0.0.1] => (item=govwayMonitor.xml) changed: [127.0.0.1] => (item=govway.xml) changed: [127.0.0.1] => (item=govwayAPIConfig.xml) changed: [127.0.0.1] => (item=govwayAPIMonitor.xml) TASK [link.govway : Backup Govway war files] *********************************** changed: [127.0.0.1] => (item=govwayConsole.war) changed: [127.0.0.1] => (item=govwayMonitor.war) changed: [127.0.0.1] => (item=govway.war) changed: [127.0.0.1] => (item=govwayAPIConfig.war) changed: [127.0.0.1] => (item=govwayAPIMonitor.war) TASK [link.govway : Remove archive] ******************************************** changed: [127.0.0.1] TASK [link.govway : Remove archive unpackaged] ********************************* changed: [127.0.0.1] TASK [link.govway : Backup Govway Properties files] **************************** changed: [127.0.0.1] => (item=console_local.properties) changed: [127.0.0.1] => (item=consolePassword.properties) changed: [127.0.0.1] => (item=govway.fileTrace.log4j2.properties) changed: [127.0.0.1] => (item=govway.fileTrace.properties) changed: [127.0.0.1] => (item=govway_local.jcs.properties) changed: [127.0.0.1] => (item=govway_local.properties) changed: [127.0.0.1] => (item=monitor_local.properties) changed: [127.0.0.1] => (item=spcoop_local.properties) changed: [127.0.0.1] => (item=modipa_local.properties) changed: [127.0.0.1] => (item=rs-api-config_local.properties) changed: [127.0.0.1] => (item=rs-api-monitor_local.properties) changed: [127.0.0.1] => (item=govway.map.properties) changed: [127.0.0.1] => (item=byok.properties) changed: [127.0.0.1] => (item=govway.secrets.properties) changed: [127.0.0.1] => (item=govway.nodirun.properties) TASK [link.govway : Remove tools] ********************************************** changed: [127.0.0.1] TASK [link.govway : Deploy the Govway data sources] **************************** ok: [127.0.0.1] => (item=govwayConsole.xml) ok: [127.0.0.1] => (item=govwayMonitor.xml) changed: [127.0.0.1] => (item=govway.xml) ok: [127.0.0.1] => (item=govwayAPIConfig.xml) ok: [127.0.0.1] => (item=govwayAPIMonitor.xml) TASK [link.govway : Deploy the Govway war files] ******************************* changed: [127.0.0.1] => (item=govwayConsole.war) changed: [127.0.0.1] => (item=govwayMonitor.war) changed: [127.0.0.1] => (item=govway.war) changed: [127.0.0.1] => (item=govwayAPIConfig.war) changed: [127.0.0.1] => (item=govwayAPIMonitor.war) TASK [link.govway : Deploy the Properties files] ******************************* changed: [127.0.0.1] => (item=console_local.properties) ok: [127.0.0.1] => (item=consolePassword.properties) ok: [127.0.0.1] => (item=govway.fileTrace.log4j2.properties) ok: [127.0.0.1] => (item=govway.fileTrace.properties) ok: [127.0.0.1] => (item=govway_local.jcs.properties) changed: [127.0.0.1] => (item=govway_local.properties) changed: [127.0.0.1] => (item=monitor_local.properties) ok: [127.0.0.1] => (item=spcoop_local.properties) changed: [127.0.0.1] => (item=modipa_local.properties) ok: [127.0.0.1] => (item=rs-api-config_local.properties) changed: [127.0.0.1] => (item=rs-api-monitor_local.properties) ok: [127.0.0.1] => (item=govway.map.properties) ok: [127.0.0.1] => (item=byok.properties) ok: [127.0.0.1] => (item=govway.secrets.properties) ok: [127.0.0.1] => (item=govway.nodirun.properties) TASK [link.govway : Set Govway Console Name] *********************************** ok: [127.0.0.1] TASK [link.govway : Set Govway Monitor Name] *********************************** ok: [127.0.0.1] TASK [link.govway : Deploy the tools dir] ************************************** changed: [127.0.0.1] => (item=govway-config-loader) changed: [127.0.0.1] => (item=govway-vault-cli) TASK [link.govway : Change tomcat files ownership "/opt/apache-tomcat-9.0.91"] *** changed: [127.0.0.1] TASK [link.govway : Change tomcat files ownership "/etc/govway"] *************** changed: [127.0.0.1] TASK [link.govway : Change tomcat files ownership "/var/log/govway"] *********** changed: [127.0.0.1] TASK [link.govway : Start Tomcat 8] ******************************************** changed: [127.0.0.1] PLAY RECAP ********************************************************************* 127.0.0.1 : ok=30 changed=24 unreachable=0 failed=0 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server terminato Attendo che GovWay sia completamente riavviato (timeout 120sec) . . . . . . . . . . . . GovWay è tornato operativo [GovWay] $ /bin/bash /tmp/jenkins1035038449096627020.sh ********************************************** Verifica Accesso Console Accesso GovWay : Login effettuato con successo Verifica Session Fixation (CWE-384) Primo cookie (pre-auth): JSESSIONID_GW_CONSOLE=E6C20FD7A10B3F8908121739F60659E7 Secondo cookie (after login): JSESSIONID_GW_CONSOLE=16CB73AC939A488DD3731D51B999D996 Verifica cookie pre-autenticazione con cookie dopo autenticazione: OK sono diversi Rilevata problema di accesso dopo login Atteso: http://127.0.0.1:8080/govwayConsole/messagePage.do?mpText=Console+ripristinata+con+successo.&mpType=info-sintetico Ricevuto: messagePage.do?mpText=Console+ripristinata+con+successo.&mpType=info-sintetico ********************************************** ********************************************** Verifica Accesso Console Monitoraggio Accesso GovWay : Login effettuato con successo Verifica Session Fixation (CWE-384) Primo cookie (pre-auth): JSESSIONID_GW_MONITOR=F165288BE43485D97E840805D7A0E82A Secondo cookie (after login): JSESSIONID_GW_MONITOR=B7783DB082A646204CFA4B27A03C2E21 Verifica cookie pre-autenticazione con cookie dopo autenticazione: OK sono diversi Verifica accesso dopo login: OK Terzo cookie: JSESSIONID_GW_MONITOR=8E427E178FBAD22E689E013083724635 Verifica cookie post-autenticazione1 con cookie dopo nuova autenticazione: OK sono diversi Verifica accesso dopo login: OK Verifica Logout Console HTTP Status 302: OK Location redirect a login.jsf: OK Cookie prima del logout: Cookie dopo il logout: JSESSIONID_GW_MONITOR=565558EB703CE7047A7C56965A4E3151 Verifica cookie post-autenticazione con cookie dopo logout: OK sono diversi Verifica Brute Force - CWE-307 Test 1: Blocco dopo 4 tentativi falliti Tentativo fallito 1/4... Tentativo fallito 2/4... Tentativo fallito 3/4... Tentativo fallito 4/4... Tentativo 5/5 con password corretta (dovrebbe essere bloccato)... OK: Utenza correttamente bloccata dopo 4 tentativi falliti Verifica che l'utenza rimanga bloccata... OK: Utenza ancora bloccata Attesa di 16 secondi per sblocco automatico... Tentativo di login dopo attesa... OK: Login riuscito dopo attesa di 16 secondi Test 2: 3 tentativi falliti + 1 corretto (deve funzionare) Tentativo fallito 1/3... Tentativo fallito 2/3... Tentativo fallito 3/3... Tentativo 4/4 con password corretta (dovrebbe funzionare)... OK: Login riuscito al 4° tentativo (dopo 3 falliti) ********************************************** [GovWay] $ /bin/bash /tmp/jenkins9937507706451702442.sh ********************************************** Verifica Stato API Configurazione Stato API : il servizio è correttamente in esecuzione ********************************************** ********************************************** Verifica Stato API Monitoraggio ERROR: il servizio non è partito correttamente % Total % Received % Xferd Average Speed Time Time Time Current ********************************************** Build step 'Execute shell' marked build as failure INFO: Processing JUnit ERROR: Step ‘Publish xUnit test result report’ failed: [JUnit] - No test report file(s) were found with the pattern 'tools/rs/*/server/testsuite/risultati-testsuite/TEST-*.xml' relative to '/var/lib/jenkins/workspace/GovWay' for the testing framework 'JUnit'. Did you enter a pattern relative to (and within) the workspace directory? Did you generate the result report(s) for 'JUnit'?" TestNG Reports Processing: START Looking for TestNG results report in workspace using pattern: **/testng-results.xml Did not find any matching files. Collecting Dependency-Check artifact Parsing file /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml [analysis] Skipping execution of recorder since overall result is 'FAILURE' Started calculate disk usage of build Finished Calculation of disk usage of build in 0 seconds Started calculate disk usage of workspace Finished Calculation of disk usage of workspace in 0 seconds Finished: FAILURE