08:39:54 Started by GitHub push by andreapoli 08:39:54 Running as SYSTEM 08:39:54 Building in workspace /var/lib/jenkins/workspace/GovWay 08:39:54 [WS-CLEANUP] Clean-up disabled, skipping workspace deletion. 08:39:54 The recommended git tool is: NONE 08:39:54 No credentials specified 08:39:54 > /usr/bin/git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/GovWay/.git # timeout=10 08:39:54 Fetching changes from the remote Git repository 08:39:54 > /usr/bin/git config remote.origin.url https://github.com/link-it/govway.git # timeout=10 08:39:54 Fetching upstream changes from https://github.com/link-it/govway.git 08:39:54 > /usr/bin/git --version # timeout=10 08:39:54 > git --version # 'git version 2.23.1' 08:39:54 > /usr/bin/git fetch --tags --force --progress -- https://github.com/link-it/govway.git +refs/heads/*:refs/remotes/origin/* # timeout=10 08:39:54 > /usr/bin/git rev-parse origin/master^{commit} # timeout=10 08:39:55 Checking out Revision a18de88c532b51b1bead69dada11048089de9d65 (origin/master) 08:39:55 > /usr/bin/git config core.sparsecheckout # timeout=10 08:39:55 > /usr/bin/git checkout -f a18de88c532b51b1bead69dada11048089de9d65 # timeout=10 08:39:55 Commit message: "[GovWayMonitor] Risolta anomalia presente nello script di verifica accesso, causata dalla modifica del commit precedente" 08:39:55 > /usr/bin/git rev-list --no-walk d67b7bdc86d9ca253f20043b2cf05258d12187cc # timeout=10 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 08:39:55 [GovWay] $ /bin/bash /tmp/jenkins6773273241451463773.sh 08:39:55 ============================= 08:39:55 General Info 08:39:55 Workspace: /var/lib/jenkins/workspace/GovWay 08:39:55 Build: true 08:39:55 Deploy: true 08:39:55 Test: true 08:39:55 Test Integrazione: true 08:39:55 ============================= 08:39:55 08:39:55 ============================= 08:39:55 Environment Info 08:39:55 HOME: /var/lib/jenkins 08:39:55 ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 08:39:55 MAVEN_OPTS: 08:39:55 SOFTHSM2_CONF: /home/ec2-user/lib/softhsm/softhsm2.conf 08:39:55 SONAR_SCANNER_OPTS: 08:39:55 ============================= 08:39:55 08:39:55 ============================= 08:39:55 Java 08:39:55 openjdk version "11.0.12" 2021-07-20 08:39:55 OpenJDK Runtime Environment 18.9 (build 11.0.12+7) 08:39:55 OpenJDK 64-Bit Server VM 18.9 (build 11.0.12+7, mixed mode) 08:39:55 ============================= 08:39:55 08:39:55 ============================= 08:39:55 Git Info 08:39:55 Url: https://github.com/link-it/govway.git 08:39:55 branch: origin/master 08:39:55 commit: a18de88c532b51b1bead69dada11048089de9d65 08:39:55 previuos commit: d67b7bdc86d9ca253f20043b2cf05258d12187cc 08:39:55 previuos successful commit: c97f06351efc4bf140728e63505b47e5d0eed96b 08:39:55 commit message: [GovWayMonitor] 08:39:55 Risolta anomalia presente nello script di verifica accesso, causata dalla modifica del commit precedente 08:39:55 ============================= 08:39:55 08:39:55 ============================= 08:39:55 NODEjs Info 08:39:55 v22.14.0 08:39:56 { 08:39:56 npm: '10.9.2', 08:39:56 node: '22.14.0', 08:39:56 acorn: '8.14.0', 08:39:56 ada: '2.9.2', 08:39:56 amaro: '0.3.0', 08:39:56 ares: '1.34.4', 08:39:56 brotli: '1.1.0', 08:39:56 cjs_module_lexer: '1.4.1', 08:39:56 cldr: '46.0', 08:39:56 icu: '76.1', 08:39:56 llhttp: '9.2.1', 08:39:56 modules: '127', 08:39:56 napi: '10', 08:39:56 nbytes: '0.1.1', 08:39:56 ncrypto: '0.0.1', 08:39:56 nghttp2: '1.64.0', 08:39:56 nghttp3: '1.6.0', 08:39:56 ngtcp2: '1.10.0', 08:39:56 openssl: '3.0.15+quic', 08:39:56 simdjson: '3.10.1', 08:39:56 simdutf: '6.0.3', 08:39:56 sqlite: '3.47.2', 08:39:56 tz: '2024b', 08:39:56 undici: '6.21.1', 08:39:56 unicode: '16.0', 08:39:56 uv: '1.49.2', 08:39:56 uvwasi: '0.0.21', 08:39:56 v8: '12.4.254.21-node.22', 08:39:56 zlib: '1.3.0.1-motley-82a5fec' 08:39:56 } 08:39:56 ============================= 08:39:56 08:39:56 ============================= 08:39:56 OWASP ZAP Info 'ZAP_2.16.0' 08:39:56 Associo diritti di esecuzione agli script zap ... 08:39:56 Associati diritti di esecuzione agli script zap 08:39:56 Update ... 08:39:56 Execute: /opt/openjdk-17.0.14+7/bin/java -classpath /opt/zaproxy/ZAP_2.16.0/*:/opt/zaproxy/ZAP_2.16.0/lib/* org.zaproxy.zap.ZAP -cmd -addonupdate -port 8280 -host 127.0.0.1 08:39:57 Defaulting ZAP install dir to /opt/zaproxy/ZAP_2.16.0 08:40:06 Add-on update check complete 08:40:12 Update effettuato 08:40:12 ============================= 08:40:12 08:40:12 08:40:12 08:40:12 Fermo application server ... 08:40:13 Stoping Tomcat 08:40:13 NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED 08:40:14 Pid Tomcat: 13446 08:40:14 08:40:15 waiting for processes to exit 08:40:16 waiting for processes to exit 08:40:17 waiting for processes to exit 08:40:18 waiting for processes to exit 08:40:19 waiting for processes to exitFermo application server effettuato 08:40:19 Ripulisco log application server ... 08:40:19 Ripulisco log application server effettuato 08:40:19 Predispongo dir testsuite ... 08:40:19 Predispongo dir testsuite ok 08:40:19 Ripulisco output jacoco ... 08:40:19 Ripulisco output jacoco effettuato 08:40:19 Fermo sonarqube ... 08:40:19 08:40:19 Gracefully stopping SonarQube... 08:40:19 SonarQube was not running. 08:40:19 Fermo sonarqube effettuato 08:40:19 Verifico che il workspace non esista ... 08:40:19 Non e' stata rilevata una corretta re-inizializzazione del Workspace 08:40:19 [Boolean condition] checking [true] against [^(1|y|yes|t|true|on|run)$] (origin token: ${GOVWAY_BUILD}) 08:40:19 Run condition [Boolean condition] enabling perform for step [BuilderChain] 08:40:19 [GovWay] $ /bin/sh -xe /tmp/jenkins2673534019225835496.sh 08:40:19 + perl -pi -e s/log4bash.appender=ColorConsoleAppender/log4bash.appender=ConsoleAppender/g /var/lib/jenkins/workspace/GovWay/distrib/log4bash.properties 08:40:19 + sed -i -e 's#<module>swagger-codegen</module>#<!-- <module>swagger-codegen</module> -->#g' /var/lib/jenkins/workspace/GovWay/mvn/dependencies/pom.xml 08:40:19 + sed -i -e s#UPDATE_DOC=true#UPDATE_DOC=false#g /var/lib/jenkins/workspace/GovWay/distrib/distrib.sh 08:40:19 + sed -i -e s#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver,db2#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver#g /var/lib/jenkins/workspace/GovWay/ant/setup/prepare-build.properties 08:40:19 + sed -i -e 's#<dependencies.soapbox>false</dependencies.soapbox>#<dependencies.soapbox>true</dependencies.soapbox>#g' /var/lib/jenkins/workspace/GovWay/pom.xml 08:40:19 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Ddependencies.soapbox=true initialize 08:40:21 [INFO] Scanning for projects... 08:40:22 [INFO] ------------------------------------------------------------------------ 08:40:22 [INFO] Reactor Build Order: 08:40:22 [INFO] 08:40:22 [INFO] govway [pom] 08:40:22 [INFO] dependencies [pom] 08:40:22 [INFO] dependencies.ant [pom] 08:40:22 [INFO] dependencies.antinstaller [pom] 08:40:22 [INFO] dependencies.axiom [pom] 08:40:22 [INFO] dependencies.bean-validation [pom] 08:40:22 [INFO] dependencies.cxf [pom] 08:40:22 [INFO] dependencies.commons [pom] 08:40:22 [INFO] dependencies.faces [pom] 08:40:22 [INFO] dependencies.git [pom] 08:40:22 [INFO] dependencies.httpcore [pom] 08:40:22 [INFO] dependencies.jackson [pom] 08:40:22 [INFO] dependencies.javax [pom] 08:40:22 [INFO] dependencies.jax [pom] 08:40:22 [INFO] dependencies.jetty [pom] 08:40:22 [INFO] dependencies.jminix [pom] 08:40:22 [INFO] dependencies.json [pom] 08:40:22 [INFO] dependencies.log [pom] 08:40:22 [INFO] dependencies.lucene [pom] 08:40:22 [INFO] dependencies.openapi4j [pom] 08:40:22 [INFO] dependencies.opensaml [pom] 08:40:22 [INFO] dependencies.pdf [pom] 08:40:22 [INFO] dependencies.redis [pom] 08:40:22 [INFO] dependencies.reports [pom] 08:40:22 [INFO] dependencies.saaj [pom] 08:40:22 [INFO] dependencies.security [pom] 08:40:22 [INFO] dependencies.shared [pom] 08:40:22 [INFO] dependencies.spring [pom] 08:40:22 [INFO] dependencies.spring-ldap [pom] 08:40:22 [INFO] dependencies.spring-security [pom] 08:40:22 [INFO] dependencies.swagger [pom] 08:40:22 [INFO] dependencies.wadl [pom] 08:40:22 [INFO] dependencies.wss4j [pom] 08:40:22 [INFO] dependencies.testsuite [pom] 08:40:22 [INFO] dependencies.testsuite.axis14 [pom] 08:40:22 [INFO] dependencies.testsuite.as [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly9 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly10 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly11 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly12 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly13 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly14 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly15 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly16 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly17 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly18 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly19 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly20 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly21 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly22 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly23 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly24 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly25 [pom] 08:40:22 [INFO] dependencies.testsuite.as.wildfly26 [pom] 08:40:22 [INFO] dependencies.testsuite.as.tomcat9 [pom] 08:40:22 [INFO] dependencies.testsuite.test [pom] 08:40:22 [INFO] dependencies.testsuite.staticAnalysis [pom] 08:40:22 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 08:40:22 [INFO] dependencies.testsuite.coverage [pom] 08:40:22 [INFO] dependencies.soapbox [pom] 08:40:22 [INFO] compile [pom] 08:40:22 [INFO] package [pom] 08:40:22 [INFO] testsuite.utils [pom] 08:40:22 [INFO] testsuite.utils.sql [pom] 08:40:22 [INFO] testsuite.pdd.core [pom] 08:40:22 [INFO] testsuite.pdd.core.sql [pom] 08:40:22 [INFO] static_analysis.spotbugs [pom] 08:40:22 [INFO] static_analysis.sonarqube [pom] 08:40:22 [INFO] dynamic_analysis.zap [pom] 08:40:22 [INFO] coverage.jacoco [pom] 08:40:22 [INFO] 08:40:22 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 08:40:22 [INFO] Building govway 1.0 [1/70] 08:40:22 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:22 [INFO] 08:40:22 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 08:40:22 [INFO] Building dependencies 1.0 [2/70] 08:40:22 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:22 [INFO] 08:40:22 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 08:40:22 [INFO] Building dependencies.ant 1.0 [3/70] 08:40:22 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:22 [INFO] 08:40:22 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 08:40:22 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 08:40:22 [INFO] 08:40:22 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 08:40:23 [INFO] 08:40:23 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 08:40:23 [INFO] Building dependencies.antinstaller 1.0 [4/70] 08:40:23 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:23 [INFO] 08:40:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 08:40:23 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 08:40:23 [INFO] 08:40:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 08:40:23 [INFO] 08:40:23 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 08:40:23 [INFO] Building dependencies.axiom 1.0 [5/70] 08:40:23 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:23 [INFO] 08:40:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 08:40:23 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 08:40:23 [INFO] 08:40:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 08:40:23 [INFO] 08:40:23 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 08:40:24 [INFO] Executing tasks 08:40:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 08:40:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 08:40:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 08:40:24 [INFO] Executed tasks 08:40:24 [INFO] 08:40:24 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 08:40:24 [INFO] Building dependencies.bean-validation 1.0 [6/70] 08:40:24 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:24 [INFO] 08:40:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 08:40:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 08:40:24 [INFO] 08:40:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 08:40:24 [INFO] 08:40:24 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 08:40:24 [INFO] Building dependencies.cxf 1.0 [7/70] 08:40:24 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:24 [INFO] 08:40:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 08:40:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 08:40:24 [INFO] 08:40:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 08:40:25 [INFO] Executing tasks 08:40:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 08:40:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 08:40:25 [INFO] Executed tasks 08:40:25 [INFO] 08:40:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 08:40:25 [INFO] Building dependencies.commons 1.0 [8/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 08:40:25 [INFO] 08:40:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 08:40:25 [INFO] Building dependencies.faces 1.0 [9/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 08:40:25 [INFO] 08:40:25 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 08:40:25 [INFO] Building dependencies.git 1.0 [10/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 08:40:25 [INFO] 08:40:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 08:40:25 [INFO] Building dependencies.httpcore 1.0 [11/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 08:40:25 [INFO] Executing tasks 08:40:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 08:40:25 [INFO] Executed tasks 08:40:25 [INFO] 08:40:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 08:40:25 [INFO] Building dependencies.jackson 1.0 [12/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 08:40:25 [INFO] 08:40:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 08:40:25 [INFO] Building dependencies.javax 1.0 [13/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 08:40:25 [INFO] 08:40:25 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 08:40:25 [INFO] Building dependencies.jax 1.0 [14/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 08:40:25 [INFO] 08:40:25 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 08:40:25 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 08:40:25 [INFO] 08:40:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 08:40:25 [INFO] Executing tasks 08:40:25 [INFO] Executed tasks 08:40:25 [INFO] 08:40:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 08:40:25 [INFO] Building dependencies.jetty 1.0 [15/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 08:40:25 [INFO] 08:40:25 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 08:40:25 [INFO] Building dependencies.jminix 1.0 [16/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 08:40:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 08:40:25 [INFO] 08:40:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 08:40:25 [INFO] 08:40:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 08:40:25 [INFO] Executing tasks 08:40:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 08:40:25 [INFO] Executed tasks 08:40:25 [INFO] 08:40:25 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 08:40:25 [INFO] Building dependencies.json 1.0 [17/70] 08:40:25 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 08:40:26 [INFO] Executing tasks 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 08:40:26 [INFO] Executed tasks 08:40:26 [INFO] 08:40:26 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 08:40:26 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 08:40:26 [INFO] 08:40:26 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 08:40:26 [INFO] Building dependencies.log 1.0 [18/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 08:40:26 [INFO] Executing tasks 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 08:40:26 [INFO] Executed tasks 08:40:26 [INFO] 08:40:26 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 08:40:26 [INFO] Building dependencies.lucene 1.0 [19/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 08:40:26 [INFO] 08:40:26 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 08:40:26 [INFO] Building dependencies.openapi4j 1.0 [20/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 08:40:26 [INFO] Executing tasks 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 08:40:26 [INFO] Executed tasks 08:40:26 [INFO] 08:40:26 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 08:40:26 [INFO] Building dependencies.opensaml 1.0 [21/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 08:40:26 [INFO] 08:40:26 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 08:40:26 [INFO] Building dependencies.pdf 1.0 [22/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 08:40:26 [INFO] 08:40:26 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 08:40:26 [INFO] Building dependencies.redis 1.0 [23/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 08:40:26 [INFO] 08:40:26 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 08:40:26 [INFO] Building dependencies.reports 1.0 [24/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 08:40:26 [INFO] 08:40:26 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 08:40:26 [INFO] Building dependencies.saaj 1.0 [25/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 08:40:26 [INFO] Executing tasks 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 08:40:26 [INFO] Executed tasks 08:40:26 [INFO] 08:40:26 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 08:40:26 [INFO] Building dependencies.security 1.0 [26/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 08:40:26 [INFO] Executing tasks 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 08:40:26 [INFO] Executed tasks 08:40:26 [INFO] 08:40:26 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 08:40:26 [INFO] Building dependencies.shared 1.0 [27/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 08:40:26 [INFO] Executing tasks 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 08:40:26 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 08:40:26 [INFO] Executed tasks 08:40:26 [INFO] 08:40:26 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 08:40:26 [INFO] Building dependencies.spring 1.0 [28/70] 08:40:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 08:40:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 08:40:26 [INFO] 08:40:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 08:40:26 [INFO] 08:40:26 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 08:40:27 [INFO] Executing tasks 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 08:40:27 [INFO] Executed tasks 08:40:27 [INFO] 08:40:27 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 08:40:27 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 08:40:27 [INFO] 08:40:27 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 08:40:27 [INFO] Building dependencies.spring-security 1.0 [30/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 08:40:27 [INFO] Executing tasks 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 08:40:27 [INFO] Executed tasks 08:40:27 [INFO] 08:40:27 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 08:40:27 [INFO] Building dependencies.swagger 1.0 [31/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 08:40:27 [INFO] Executing tasks 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 08:40:27 [INFO] Executed tasks 08:40:27 [INFO] 08:40:27 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 08:40:27 [INFO] Building dependencies.wadl 1.0 [32/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 08:40:27 [INFO] 08:40:27 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 08:40:27 [INFO] Building dependencies.wss4j 1.0 [33/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 08:40:27 [INFO] Executing tasks 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 08:40:27 [INFO] Executed tasks 08:40:27 [INFO] 08:40:27 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 08:40:27 [INFO] Building dependencies.testsuite 1.0 [34/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 08:40:27 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 08:40:27 [INFO] Executing tasks 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 08:40:27 [INFO] Executed tasks 08:40:27 [INFO] 08:40:27 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 08:40:27 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 08:40:27 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 08:40:27 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:40:27 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 08:40:27 [INFO] 08:40:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 08:40:27 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:40:27 [INFO] 08:40:27 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 08:40:27 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 08:40:27 [INFO] Executing tasks 08:40:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 08:40:27 [INFO] Executed tasks 08:40:27 [INFO] 08:40:27 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 08:40:27 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 08:40:27 [INFO] 08:40:27 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 08:40:27 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:40:27 [INFO] 08:40:27 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 08:40:27 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 08:40:27 [INFO] 08:40:27 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 08:40:27 [INFO] Building dependencies.soapbox 1.0 [60/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 08:40:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 08:40:27 [INFO] 08:40:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 08:40:27 [INFO] 08:40:27 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 08:40:27 [INFO] Building compile 1.0 [61/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 08:40:27 [INFO] Building package 1.0 [62/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 08:40:27 [INFO] Building testsuite.utils 1.0 [63/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 08:40:27 [INFO] Building testsuite.utils.sql 1.0 [64/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 08:40:27 [INFO] Building testsuite.pdd.core 1.0 [65/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 08:40:27 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 08:40:27 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 08:40:27 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 08:40:27 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] 08:40:27 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 08:40:27 [INFO] Building coverage.jacoco 1.0 [70/70] 08:40:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:27 [INFO] ------------------------------------------------------------------------ 08:40:27 [INFO] Reactor Summary for govway 1.0: 08:40:27 [INFO] 08:40:27 [INFO] govway ............................................. SUCCESS [ 0.006 s] 08:40:27 [INFO] dependencies ....................................... SUCCESS [ 0.002 s] 08:40:27 [INFO] dependencies.ant ................................... SUCCESS [ 1.414 s] 08:40:27 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.051 s] 08:40:27 [INFO] dependencies.axiom ................................. SUCCESS [ 0.718 s] 08:40:27 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.162 s] 08:40:27 [INFO] dependencies.cxf ................................... SUCCESS [ 0.567 s] 08:40:27 [INFO] dependencies.commons ............................... SUCCESS [ 0.137 s] 08:40:27 [INFO] dependencies.faces ................................. SUCCESS [ 0.085 s] 08:40:27 [INFO] dependencies.git ................................... SUCCESS [ 0.031 s] 08:40:27 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.124 s] 08:40:27 [INFO] dependencies.jackson ............................... SUCCESS [ 0.085 s] 08:40:27 [INFO] dependencies.javax ................................. SUCCESS [ 0.045 s] 08:40:27 [INFO] dependencies.jax ................................... SUCCESS [ 0.193 s] 08:40:27 [INFO] dependencies.jetty ................................. SUCCESS [ 0.044 s] 08:40:27 [INFO] dependencies.jminix ................................ SUCCESS [ 0.086 s] 08:40:27 [INFO] dependencies.json .................................. SUCCESS [ 0.108 s] 08:40:27 [INFO] dependencies.log ................................... SUCCESS [ 0.115 s] 08:40:27 [INFO] dependencies.lucene ................................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.072 s] 08:40:27 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.082 s] 08:40:27 [INFO] dependencies.pdf ................................... SUCCESS [ 0.029 s] 08:40:27 [INFO] dependencies.redis ................................. SUCCESS [ 0.078 s] 08:40:27 [INFO] dependencies.reports ............................... SUCCESS [ 0.091 s] 08:40:27 [INFO] dependencies.saaj .................................. SUCCESS [ 0.065 s] 08:40:27 [INFO] dependencies.security .............................. SUCCESS [ 0.082 s] 08:40:27 [INFO] dependencies.shared ................................ SUCCESS [ 0.194 s] 08:40:27 [INFO] dependencies.spring ................................ SUCCESS [ 0.086 s] 08:40:27 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 08:40:27 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.055 s] 08:40:27 [INFO] dependencies.swagger ............................... SUCCESS [ 0.082 s] 08:40:27 [INFO] dependencies.wadl .................................. SUCCESS [ 0.011 s] 08:40:27 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.062 s] 08:40:27 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 08:40:27 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.065 s] 08:40:27 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.020 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.024 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.024 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.022 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.021 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.022 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.025 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.022 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.027 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.022 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.023 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.089 s] 08:40:27 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.021 s] 08:40:27 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.009 s] 08:40:27 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.097 s] 08:40:27 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.011 s] 08:40:27 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.006 s] 08:40:27 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.019 s] 08:40:27 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.014 s] 08:40:27 [INFO] compile ............................................ SUCCESS [ 0.001 s] 08:40:27 [INFO] package ............................................ SUCCESS [ 0.000 s] 08:40:27 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 08:40:27 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 08:40:27 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 08:40:27 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 08:40:27 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 08:40:27 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 08:40:27 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 08:40:27 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 08:40:27 [INFO] ------------------------------------------------------------------------ 08:40:27 [INFO] BUILD SUCCESS 08:40:27 [INFO] ------------------------------------------------------------------------ 08:40:27 [INFO] Total time: 6.363 s 08:40:27 [INFO] Finished at: 2025-12-06T08:40:27+01:00 08:40:27 [INFO] ------------------------------------------------------------------------ 08:40:28 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dowasp.plugin.autoUpdate=true -Dpackage=none -DossIndexUsername=andrea.poli@link.it -Dcompile=none -Dowasp=verify -Dtestsuite=none -DossIndexPassword=6b31d4937d57ec65ccb3aed4ff8461107c8eeb5a -DnvdApiKey=f8281fbf-3d81-4e4a-9f03-ab68856b336d -Dowasp.plugin.failBuildOnAnyVulnerability=false verify 08:40:29 [INFO] Scanning for projects... 08:40:30 [INFO] ------------------------------------------------------------------------ 08:40:30 [INFO] Reactor Build Order: 08:40:30 [INFO] 08:40:30 [INFO] govway [pom] 08:40:30 [INFO] dependencies [pom] 08:40:30 [INFO] dependencies.ant [pom] 08:40:30 [INFO] dependencies.antinstaller [pom] 08:40:30 [INFO] dependencies.axiom [pom] 08:40:30 [INFO] dependencies.bean-validation [pom] 08:40:30 [INFO] dependencies.cxf [pom] 08:40:30 [INFO] dependencies.commons [pom] 08:40:30 [INFO] dependencies.faces [pom] 08:40:30 [INFO] dependencies.git [pom] 08:40:30 [INFO] dependencies.httpcore [pom] 08:40:30 [INFO] dependencies.jackson [pom] 08:40:30 [INFO] dependencies.javax [pom] 08:40:30 [INFO] dependencies.jax [pom] 08:40:30 [INFO] dependencies.jetty [pom] 08:40:30 [INFO] dependencies.jminix [pom] 08:40:30 [INFO] dependencies.json [pom] 08:40:30 [INFO] dependencies.log [pom] 08:40:30 [INFO] dependencies.lucene [pom] 08:40:30 [INFO] dependencies.openapi4j [pom] 08:40:30 [INFO] dependencies.opensaml [pom] 08:40:30 [INFO] dependencies.pdf [pom] 08:40:30 [INFO] dependencies.redis [pom] 08:40:30 [INFO] dependencies.reports [pom] 08:40:30 [INFO] dependencies.saaj [pom] 08:40:30 [INFO] dependencies.security [pom] 08:40:30 [INFO] dependencies.shared [pom] 08:40:30 [INFO] dependencies.spring [pom] 08:40:30 [INFO] dependencies.spring-ldap [pom] 08:40:30 [INFO] dependencies.spring-security [pom] 08:40:30 [INFO] dependencies.swagger [pom] 08:40:30 [INFO] dependencies.wadl [pom] 08:40:30 [INFO] dependencies.wss4j [pom] 08:40:30 [INFO] dependencies.testsuite [pom] 08:40:30 [INFO] dependencies.testsuite.axis14 [pom] 08:40:30 [INFO] dependencies.testsuite.as [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly9 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly10 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly11 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly12 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly13 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly14 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly15 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly16 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly17 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly18 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly19 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly20 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly21 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly22 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly23 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly24 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly25 [pom] 08:40:30 [INFO] dependencies.testsuite.as.wildfly26 [pom] 08:40:30 [INFO] dependencies.testsuite.as.tomcat9 [pom] 08:40:30 [INFO] dependencies.testsuite.test [pom] 08:40:30 [INFO] dependencies.testsuite.staticAnalysis [pom] 08:40:30 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 08:40:30 [INFO] dependencies.testsuite.coverage [pom] 08:40:30 [INFO] compile [pom] 08:40:30 [INFO] package [pom] 08:40:30 [INFO] testsuite.utils [pom] 08:40:30 [INFO] testsuite.utils.sql [pom] 08:40:30 [INFO] testsuite.pdd.core [pom] 08:40:30 [INFO] testsuite.pdd.core.sql [pom] 08:40:30 [INFO] static_analysis.spotbugs [pom] 08:40:30 [INFO] static_analysis.sonarqube [pom] 08:40:30 [INFO] dynamic_analysis.zap [pom] 08:40:30 [INFO] coverage.jacoco [pom] 08:40:30 [INFO] 08:40:30 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 08:40:30 [INFO] Building govway 1.0 [1/69] 08:40:30 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:30 [INFO] 08:40:30 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 08:40:30 [INFO] Building dependencies 1.0 [2/69] 08:40:30 [INFO] --------------------------------[ pom ]--------------------------------- 08:40:30 [INFO] 08:40:30 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.dependencies --- 08:40:31 [INFO] Executing tasks 08:40:36 [INFO] Executed tasks 08:40:38 [INFO] 08:40:38 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.dependencies --- 08:40:43 [INFO] Checking for updates 08:40:45 [WARNING] NVD API request failures are occurring; retrying request for the 1st time 08:40:46 [INFO] NVD API has 274 records in this update 08:40:47 [INFO] Downloaded 274/274 (100%) 08:40:48 [INFO] Completed processing batch 1/1 (100%) in 1,272ms 08:40:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:40:48 [INFO] Begin database defrag 08:41:01 [INFO] End database defrag (12418 ms) 08:41:01 [INFO] Check for updates complete (17286 ms) 08:41:01 [INFO] 08:41:01 08:41:01 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:41:01 08:41:01 08:41:01 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:41:01 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:41:01 08:41:01 💖 Sponsor: https://github.com/sponsors/jeremylong 08:41:01 08:41:01 08:41:01 [INFO] Analysis Started 08:41:04 [INFO] Finished Archive Analyzer (3 seconds) 08:41:04 [INFO] Finished File Name Analyzer (0 seconds) 08:41:07 [INFO] Finished Jar Analyzer (2 seconds) 08:41:08 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:41:08 [INFO] Finished Hint Analyzer (0 seconds) 08:41:08 [INFO] Finished Version Filter Analyzer (0 seconds) 08:41:12 [INFO] Created CPE Index (4 seconds) 08:41:20 [INFO] Finished CPE Analyzer (12 seconds) 08:41:20 [INFO] Finished False Positive Analyzer (0 seconds) 08:41:20 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:41:37 [INFO] Finished RetireJS Analyzer (16 seconds) 08:41:38 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:41:38 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:41:38 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:41:39 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:41:39 08:41:39 08:41:39 ## Recommendation 08:41:39 08:41:39 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:41:39 08:41:39 The following template can be used to demonstrate the vulnerability: 08:41:39 ```{{#with "constructor"}} 08:41:39 {{#with split as |a|}} 08:41:39 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:41:39 {{#with (concat (lookup join (slice 0 1)))}} 08:41:39 {{#each (slice 2 3)}} 08:41:39 {{#with (apply 0 a)}} 08:41:39 {{.}} 08:41:39 {{/with}} 08:41:39 {{/each}} 08:41:39 {{/with}} 08:41:39 {{/with}} 08:41:39 {{/with}}``` 08:41:39 08:41:39 08:41:39 ## Recommendation 08:41:39 08:41:39 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:39 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:39 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:41:39 [INFO] Analysis Complete (38 seconds) 08:41:39 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 08:41:40 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.html 08:41:41 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.json 08:41:42 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.csv 08:41:42 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.sarif 08:41:42 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-jenkins.html 08:41:42 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-junit.xml 08:41:42 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-gitlab.json 08:41:42 [WARNING] 08:41:42 08:41:42 One or more dependencies were identified with known vulnerabilities in dependencies: 08:41:42 08:41:42 commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 08:41:42 rhino-1.7.14.jar (pkg:maven/org.mozilla/rhino@1.7.14) : CVE-2025-66453 08:41:42 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 08:41:42 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:web_project:web:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 08:41:42 08:41:42 08:41:42 See the dependency-check report for more details. 08:41:42 08:41:42 08:41:42 [INFO] 08:41:42 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 08:41:42 [INFO] Building dependencies.ant 1.0 [3/69] 08:41:42 [INFO] --------------------------------[ pom ]--------------------------------- 08:41:42 [INFO] 08:41:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 08:41:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 08:41:42 [INFO] 08:41:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 08:41:43 [INFO] 08:41:43 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.ant --- 08:41:43 [INFO] Executing tasks 08:41:48 [INFO] Executed tasks 08:41:48 [INFO] 08:41:48 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.ant --- 08:41:48 [INFO] Checking for updates 08:41:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:41:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:41:48 [INFO] Check for updates complete (80 ms) 08:41:49 [INFO] 08:41:49 08:41:49 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:41:49 08:41:49 08:41:49 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:41:49 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:41:49 08:41:49 💖 Sponsor: https://github.com/sponsors/jeremylong 08:41:49 08:41:49 08:41:49 [INFO] Analysis Started 08:41:49 [INFO] Finished Archive Analyzer (0 seconds) 08:41:49 [INFO] Finished File Name Analyzer (0 seconds) 08:41:49 [INFO] Finished Jar Analyzer (0 seconds) 08:41:49 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:41:49 [INFO] Finished Hint Analyzer (0 seconds) 08:41:49 [INFO] Finished Version Filter Analyzer (0 seconds) 08:41:51 [INFO] Created CPE Index (2 seconds) 08:41:51 [INFO] Finished CPE Analyzer (2 seconds) 08:41:51 [INFO] Finished False Positive Analyzer (0 seconds) 08:41:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:41:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:41:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:41:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:41:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:41:51 08:41:51 08:41:51 ## Recommendation 08:41:51 08:41:51 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:41:51 08:41:51 The following template can be used to demonstrate the vulnerability: 08:41:51 ```{{#with "constructor"}} 08:41:51 {{#with split as |a|}} 08:41:51 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:41:51 {{#with (concat (lookup join (slice 0 1)))}} 08:41:51 {{#each (slice 2 3)}} 08:41:51 {{#with (apply 0 a)}} 08:41:51 {{.}} 08:41:51 {{/with}} 08:41:51 {{/each}} 08:41:51 {{/with}} 08:41:51 {{/with}} 08:41:51 {{/with}}``` 08:41:51 08:41:51 08:41:51 ## Recommendation 08:41:51 08:41:51 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:41:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:41:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:41:51 [INFO] Analysis Complete (2 seconds) 08:41:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:41:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:41:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:41:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:41:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:41:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:41:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:41:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:41:51 [INFO] 08:41:51 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 08:41:51 [INFO] Building dependencies.antinstaller 1.0 [4/69] 08:41:51 [INFO] --------------------------------[ pom ]--------------------------------- 08:41:51 [INFO] 08:41:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 08:41:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 08:41:51 [INFO] 08:41:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 08:41:51 [INFO] 08:41:51 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.antinstaller --- 08:41:51 [INFO] Executing tasks 08:41:56 [INFO] Executed tasks 08:41:56 [INFO] 08:41:56 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.antinstaller --- 08:41:56 [INFO] Checking for updates 08:41:56 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:41:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:41:57 [INFO] Check for updates complete (87 ms) 08:41:57 [INFO] 08:41:57 08:41:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:41:57 08:41:57 08:41:57 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:41:57 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:41:57 08:41:57 💖 Sponsor: https://github.com/sponsors/jeremylong 08:41:57 08:41:57 08:41:57 [INFO] Analysis Started 08:41:57 [INFO] Finished Archive Analyzer (0 seconds) 08:41:57 [INFO] Finished File Name Analyzer (0 seconds) 08:41:57 [INFO] Finished Jar Analyzer (0 seconds) 08:41:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:41:57 [INFO] Finished Hint Analyzer (0 seconds) 08:41:57 [INFO] Finished Version Filter Analyzer (0 seconds) 08:41:58 [INFO] Created CPE Index (1 seconds) 08:41:59 [INFO] Finished CPE Analyzer (1 seconds) 08:41:59 [INFO] Finished False Positive Analyzer (0 seconds) 08:41:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:41:59 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:41:59 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:41:59 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:41:59 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:41:59 08:41:59 08:41:59 ## Recommendation 08:41:59 08:41:59 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:41:59 08:41:59 The following template can be used to demonstrate the vulnerability: 08:41:59 ```{{#with "constructor"}} 08:41:59 {{#with split as |a|}} 08:41:59 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:41:59 {{#with (concat (lookup join (slice 0 1)))}} 08:41:59 {{#each (slice 2 3)}} 08:41:59 {{#with (apply 0 a)}} 08:41:59 {{.}} 08:41:59 {{/with}} 08:41:59 {{/each}} 08:41:59 {{/with}} 08:41:59 {{/with}} 08:41:59 {{/with}}``` 08:41:59 08:41:59 08:41:59 ## Recommendation 08:41:59 08:41:59 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:41:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:41:59 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:41:59 [INFO] Analysis Complete (2 seconds) 08:41:59 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:41:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:41:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:41:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:41:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:41:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:41:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:41:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:41:59 [INFO] 08:41:59 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 08:41:59 [INFO] Building dependencies.axiom 1.0 [5/69] 08:41:59 [INFO] --------------------------------[ pom ]--------------------------------- 08:41:59 [INFO] 08:41:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 08:41:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 08:41:59 [INFO] 08:41:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 08:41:59 [INFO] 08:41:59 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 08:41:59 [INFO] Executing tasks 08:41:59 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 08:41:59 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 08:41:59 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 08:41:59 [INFO] Executed tasks 08:41:59 [INFO] 08:41:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.axiom --- 08:41:59 [INFO] Executing tasks 08:42:04 [INFO] Executed tasks 08:42:04 [INFO] 08:42:04 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.axiom --- 08:42:04 [INFO] Checking for updates 08:42:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:42:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:42:04 [INFO] Check for updates complete (71 ms) 08:42:05 [INFO] 08:42:05 08:42:05 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:42:05 08:42:05 08:42:05 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:42:05 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:42:05 08:42:05 💖 Sponsor: https://github.com/sponsors/jeremylong 08:42:05 08:42:05 08:42:05 [INFO] Analysis Started 08:42:05 [INFO] Finished Archive Analyzer (0 seconds) 08:42:05 [INFO] Finished File Name Analyzer (0 seconds) 08:42:05 [INFO] Finished Jar Analyzer (0 seconds) 08:42:05 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:42:05 [INFO] Finished Hint Analyzer (0 seconds) 08:42:05 [INFO] Finished Version Filter Analyzer (0 seconds) 08:42:06 [INFO] Created CPE Index (1 seconds) 08:42:07 [INFO] Finished CPE Analyzer (1 seconds) 08:42:07 [INFO] Finished False Positive Analyzer (0 seconds) 08:42:07 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:42:07 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:42:07 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:42:07 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:42:07 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:42:07 08:42:07 08:42:07 ## Recommendation 08:42:07 08:42:07 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:42:07 08:42:07 The following template can be used to demonstrate the vulnerability: 08:42:07 ```{{#with "constructor"}} 08:42:07 {{#with split as |a|}} 08:42:07 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:42:07 {{#with (concat (lookup join (slice 0 1)))}} 08:42:07 {{#each (slice 2 3)}} 08:42:07 {{#with (apply 0 a)}} 08:42:07 {{.}} 08:42:07 {{/with}} 08:42:07 {{/each}} 08:42:07 {{/with}} 08:42:07 {{/with}} 08:42:07 {{/with}}``` 08:42:07 08:42:07 08:42:07 ## Recommendation 08:42:07 08:42:07 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:42:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:42:07 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:42:07 [INFO] Analysis Complete (2 seconds) 08:42:07 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:42:07 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:42:07 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:42:07 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:42:07 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:42:07 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:42:07 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:42:07 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:42:07 [INFO] 08:42:07 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 08:42:07 [INFO] Building dependencies.bean-validation 1.0 [6/69] 08:42:07 [INFO] --------------------------------[ pom ]--------------------------------- 08:42:07 [INFO] 08:42:07 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 08:42:07 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 08:42:07 [INFO] 08:42:07 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 08:42:07 [INFO] 08:42:07 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.bean-validation --- 08:42:07 [INFO] Executing tasks 08:42:12 [INFO] Executed tasks 08:42:12 [INFO] 08:42:12 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.bean-validation --- 08:42:12 [INFO] Checking for updates 08:42:12 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:42:12 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:42:12 [INFO] Check for updates complete (74 ms) 08:42:12 [INFO] 08:42:12 08:42:12 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:42:12 08:42:12 08:42:12 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:42:12 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:42:12 08:42:12 💖 Sponsor: https://github.com/sponsors/jeremylong 08:42:12 08:42:12 08:42:12 [INFO] Analysis Started 08:42:12 [INFO] Finished Archive Analyzer (0 seconds) 08:42:12 [INFO] Finished File Name Analyzer (0 seconds) 08:42:12 [INFO] Finished Jar Analyzer (0 seconds) 08:42:12 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:42:12 [INFO] Finished Hint Analyzer (0 seconds) 08:42:12 [INFO] Finished Version Filter Analyzer (0 seconds) 08:42:14 [INFO] Created CPE Index (1 seconds) 08:42:14 [INFO] Finished CPE Analyzer (1 seconds) 08:42:14 [INFO] Finished False Positive Analyzer (0 seconds) 08:42:14 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:42:14 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:42:14 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:42:14 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:42:14 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:42:14 08:42:14 08:42:14 ## Recommendation 08:42:14 08:42:14 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:42:14 08:42:14 The following template can be used to demonstrate the vulnerability: 08:42:14 ```{{#with "constructor"}} 08:42:14 {{#with split as |a|}} 08:42:14 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:42:14 {{#with (concat (lookup join (slice 0 1)))}} 08:42:14 {{#each (slice 2 3)}} 08:42:14 {{#with (apply 0 a)}} 08:42:14 {{.}} 08:42:14 {{/with}} 08:42:14 {{/each}} 08:42:14 {{/with}} 08:42:14 {{/with}} 08:42:14 {{/with}}``` 08:42:14 08:42:14 08:42:14 ## Recommendation 08:42:14 08:42:14 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:42:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:42:14 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:42:14 [INFO] Analysis Complete (1 seconds) 08:42:14 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:42:14 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:42:14 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:42:14 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:42:14 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:42:14 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:42:14 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:42:14 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:42:14 [INFO] 08:42:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 08:42:14 [INFO] Building dependencies.cxf 1.0 [7/69] 08:42:14 [INFO] --------------------------------[ pom ]--------------------------------- 08:42:14 [INFO] 08:42:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 08:42:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 08:42:14 [INFO] 08:42:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 08:42:14 [INFO] 08:42:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 08:42:14 [INFO] Executing tasks 08:42:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 08:42:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 08:42:14 [INFO] Executed tasks 08:42:14 [INFO] 08:42:14 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.cxf --- 08:42:14 [INFO] Executing tasks 08:42:19 [INFO] Executed tasks 08:42:19 [INFO] 08:42:19 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.cxf --- 08:42:20 [INFO] Checking for updates 08:42:20 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:42:20 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:42:20 [INFO] Check for updates complete (71 ms) 08:42:20 [INFO] 08:42:20 08:42:20 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:42:20 08:42:20 08:42:20 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:42:20 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:42:20 08:42:20 💖 Sponsor: https://github.com/sponsors/jeremylong 08:42:20 08:42:20 08:42:20 [INFO] Analysis Started 08:42:20 [INFO] Finished Archive Analyzer (0 seconds) 08:42:20 [INFO] Finished File Name Analyzer (0 seconds) 08:42:20 [INFO] Finished Jar Analyzer (0 seconds) 08:42:20 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:42:20 [INFO] Finished Hint Analyzer (0 seconds) 08:42:20 [INFO] Finished Version Filter Analyzer (0 seconds) 08:42:22 [INFO] Created CPE Index (1 seconds) 08:42:22 [INFO] Finished CPE Analyzer (1 seconds) 08:42:22 [INFO] Finished False Positive Analyzer (0 seconds) 08:42:22 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:42:22 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:42:22 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:42:22 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:42:22 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:42:22 08:42:22 08:42:22 ## Recommendation 08:42:22 08:42:22 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:42:22 08:42:22 The following template can be used to demonstrate the vulnerability: 08:42:22 ```{{#with "constructor"}} 08:42:22 {{#with split as |a|}} 08:42:22 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:42:22 {{#with (concat (lookup join (slice 0 1)))}} 08:42:22 {{#each (slice 2 3)}} 08:42:22 {{#with (apply 0 a)}} 08:42:22 {{.}} 08:42:22 {{/with}} 08:42:22 {{/each}} 08:42:22 {{/with}} 08:42:22 {{/with}} 08:42:22 {{/with}}``` 08:42:22 08:42:22 08:42:22 ## Recommendation 08:42:22 08:42:22 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:42:22 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:42:22 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:42:22 [INFO] Analysis Complete (2 seconds) 08:42:22 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:42:22 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:42:22 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:42:22 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:42:22 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:42:22 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:42:22 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:42:22 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:42:23 [INFO] 08:42:23 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 08:42:23 [INFO] Building dependencies.commons 1.0 [8/69] 08:42:23 [INFO] --------------------------------[ pom ]--------------------------------- 08:42:23 [INFO] 08:42:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 08:42:23 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 08:42:23 [INFO] 08:42:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 08:42:23 [INFO] 08:42:23 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.commons --- 08:42:23 [INFO] Executing tasks 08:42:28 [INFO] Executed tasks 08:42:28 [INFO] 08:42:28 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.commons --- 08:42:28 [INFO] Checking for updates 08:42:28 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:42:28 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:42:28 [INFO] Check for updates complete (71 ms) 08:42:28 [INFO] 08:42:28 08:42:28 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:42:28 08:42:28 08:42:28 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:42:28 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:42:28 08:42:28 💖 Sponsor: https://github.com/sponsors/jeremylong 08:42:28 08:42:28 08:42:28 [INFO] Analysis Started 08:42:28 [INFO] Finished Archive Analyzer (0 seconds) 08:42:28 [INFO] Finished File Name Analyzer (0 seconds) 08:42:28 [INFO] Finished Jar Analyzer (0 seconds) 08:42:28 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:42:28 [INFO] Finished Hint Analyzer (0 seconds) 08:42:28 [INFO] Finished Version Filter Analyzer (0 seconds) 08:42:29 [INFO] Created CPE Index (1 seconds) 08:42:30 [INFO] Finished CPE Analyzer (1 seconds) 08:42:30 [INFO] Finished False Positive Analyzer (0 seconds) 08:42:30 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:42:30 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:42:30 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:42:30 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:42:30 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:42:30 08:42:30 08:42:30 ## Recommendation 08:42:30 08:42:30 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:42:30 08:42:30 The following template can be used to demonstrate the vulnerability: 08:42:30 ```{{#with "constructor"}} 08:42:30 {{#with split as |a|}} 08:42:30 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:42:30 {{#with (concat (lookup join (slice 0 1)))}} 08:42:30 {{#each (slice 2 3)}} 08:42:30 {{#with (apply 0 a)}} 08:42:30 {{.}} 08:42:30 {{/with}} 08:42:30 {{/each}} 08:42:30 {{/with}} 08:42:30 {{/with}} 08:42:30 {{/with}}``` 08:42:30 08:42:30 08:42:30 ## Recommendation 08:42:30 08:42:30 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:42:30 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:42:30 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:42:30 [INFO] Analysis Complete (2 seconds) 08:42:30 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:42:30 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:42:30 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:42:30 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:42:30 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:42:30 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:42:30 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:42:30 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:42:30 [WARNING] 08:42:30 08:42:30 One or more dependencies were identified with known vulnerabilities in dependencies.commons: 08:42:30 08:42:30 commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 08:42:30 08:42:30 08:42:30 See the dependency-check report for more details. 08:42:30 08:42:30 08:42:30 [INFO] 08:42:30 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 08:42:30 [INFO] Building dependencies.faces 1.0 [9/69] 08:42:30 [INFO] --------------------------------[ pom ]--------------------------------- 08:42:30 [INFO] 08:42:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 08:42:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 08:42:30 [INFO] 08:42:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 08:42:31 [INFO] 08:42:31 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.faces --- 08:42:31 [INFO] Executing tasks 08:42:36 [INFO] Executed tasks 08:42:36 [INFO] 08:42:36 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.faces --- 08:42:36 [INFO] Checking for updates 08:42:36 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:42:36 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:42:36 [INFO] Check for updates complete (71 ms) 08:42:36 [INFO] 08:42:36 08:42:36 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:42:36 08:42:36 08:42:36 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:42:36 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:42:36 08:42:36 💖 Sponsor: https://github.com/sponsors/jeremylong 08:42:36 08:42:36 08:42:36 [INFO] Analysis Started 08:42:36 [INFO] Finished Archive Analyzer (0 seconds) 08:42:36 [INFO] Finished File Name Analyzer (0 seconds) 08:42:37 [INFO] Finished Jar Analyzer (0 seconds) 08:42:37 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:42:37 [INFO] Finished Hint Analyzer (0 seconds) 08:42:37 [INFO] Finished Version Filter Analyzer (0 seconds) 08:42:38 [INFO] Created CPE Index (1 seconds) 08:42:39 [INFO] Finished CPE Analyzer (2 seconds) 08:42:39 [INFO] Finished False Positive Analyzer (0 seconds) 08:42:39 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:42:47 [INFO] Finished RetireJS Analyzer (8 seconds) 08:42:47 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:42:47 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:42:47 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:42:47 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:42:47 08:42:47 08:42:47 ## Recommendation 08:42:47 08:42:47 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:42:47 08:42:47 The following template can be used to demonstrate the vulnerability: 08:42:47 ```{{#with "constructor"}} 08:42:47 {{#with split as |a|}} 08:42:47 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:42:47 {{#with (concat (lookup join (slice 0 1)))}} 08:42:47 {{#each (slice 2 3)}} 08:42:47 {{#with (apply 0 a)}} 08:42:47 {{.}} 08:42:47 {{/with}} 08:42:47 {{/each}} 08:42:47 {{/with}} 08:42:47 {{/with}} 08:42:47 {{/with}}``` 08:42:47 08:42:47 08:42:47 ## Recommendation 08:42:47 08:42:47 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:42:47 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:42:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:42:48 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:42:48 [INFO] Analysis Complete (11 seconds) 08:42:48 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:42:48 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:42:48 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:42:49 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:42:49 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:42:49 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:42:49 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:42:49 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:42:49 [INFO] 08:42:49 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 08:42:49 [INFO] Building dependencies.git 1.0 [10/69] 08:42:49 [INFO] --------------------------------[ pom ]--------------------------------- 08:42:49 [INFO] 08:42:49 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 08:42:49 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 08:42:49 [INFO] 08:42:49 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 08:42:49 [INFO] 08:42:49 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.git --- 08:42:49 [INFO] Executing tasks 08:42:54 [INFO] Executed tasks 08:42:54 [INFO] 08:42:54 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.git --- 08:42:54 [INFO] Checking for updates 08:42:54 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:42:54 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:42:54 [INFO] Check for updates complete (74 ms) 08:42:54 [INFO] 08:42:54 08:42:54 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:42:54 08:42:54 08:42:54 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:42:54 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:42:54 08:42:54 💖 Sponsor: https://github.com/sponsors/jeremylong 08:42:54 08:42:54 08:42:54 [INFO] Analysis Started 08:42:54 [INFO] Finished Archive Analyzer (0 seconds) 08:42:54 [INFO] Finished File Name Analyzer (0 seconds) 08:42:54 [INFO] Finished Jar Analyzer (0 seconds) 08:42:54 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:42:54 [INFO] Finished Hint Analyzer (0 seconds) 08:42:54 [INFO] Finished Version Filter Analyzer (0 seconds) 08:42:56 [INFO] Created CPE Index (1 seconds) 08:42:56 [INFO] Finished CPE Analyzer (1 seconds) 08:42:56 [INFO] Finished False Positive Analyzer (0 seconds) 08:42:56 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:42:56 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:42:56 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:42:56 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:42:56 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:42:56 08:42:56 08:42:56 ## Recommendation 08:42:56 08:42:56 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:42:56 08:42:56 The following template can be used to demonstrate the vulnerability: 08:42:56 ```{{#with "constructor"}} 08:42:56 {{#with split as |a|}} 08:42:56 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:42:56 {{#with (concat (lookup join (slice 0 1)))}} 08:42:56 {{#each (slice 2 3)}} 08:42:56 {{#with (apply 0 a)}} 08:42:56 {{.}} 08:42:56 {{/with}} 08:42:56 {{/each}} 08:42:56 {{/with}} 08:42:56 {{/with}} 08:42:56 {{/with}}``` 08:42:56 08:42:56 08:42:56 ## Recommendation 08:42:56 08:42:56 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:42:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:42:56 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:42:56 [INFO] Analysis Complete (1 seconds) 08:42:56 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:42:56 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:42:56 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:42:56 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:42:56 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:42:56 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:42:56 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:42:56 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:42:56 [INFO] 08:42:56 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 08:42:56 [INFO] Building dependencies.httpcore 1.0 [11/69] 08:42:56 [INFO] --------------------------------[ pom ]--------------------------------- 08:42:56 [INFO] 08:42:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 08:42:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 08:42:56 [INFO] 08:42:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 08:42:56 [INFO] 08:42:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 08:42:56 [INFO] Executing tasks 08:42:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 08:42:56 [INFO] Executed tasks 08:42:56 [INFO] 08:42:56 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.httpcore --- 08:42:56 [INFO] Executing tasks 08:43:01 [INFO] Executed tasks 08:43:01 [INFO] 08:43:01 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.httpcore --- 08:43:01 [INFO] Checking for updates 08:43:01 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:01 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:01 [INFO] Check for updates complete (68 ms) 08:43:02 [INFO] 08:43:02 08:43:02 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:02 08:43:02 08:43:02 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:02 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:02 08:43:02 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:02 08:43:02 08:43:02 [INFO] Analysis Started 08:43:02 [INFO] Finished Archive Analyzer (0 seconds) 08:43:02 [INFO] Finished File Name Analyzer (0 seconds) 08:43:02 [INFO] Finished Jar Analyzer (0 seconds) 08:43:02 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:02 [INFO] Finished Hint Analyzer (0 seconds) 08:43:02 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:03 [INFO] Created CPE Index (1 seconds) 08:43:03 [INFO] Finished CPE Analyzer (1 seconds) 08:43:03 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:03 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:03 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:03 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:03 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:03 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:03 08:43:03 08:43:03 ## Recommendation 08:43:03 08:43:03 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:03 08:43:03 The following template can be used to demonstrate the vulnerability: 08:43:03 ```{{#with "constructor"}} 08:43:03 {{#with split as |a|}} 08:43:03 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:03 {{#with (concat (lookup join (slice 0 1)))}} 08:43:03 {{#each (slice 2 3)}} 08:43:03 {{#with (apply 0 a)}} 08:43:03 {{.}} 08:43:03 {{/with}} 08:43:03 {{/each}} 08:43:03 {{/with}} 08:43:03 {{/with}} 08:43:03 {{/with}}``` 08:43:03 08:43:03 08:43:03 ## Recommendation 08:43:03 08:43:03 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:03 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:04 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:04 [INFO] Analysis Complete (1 seconds) 08:43:04 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:04 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:04 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:04 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:04 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:04 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:04 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:04 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:04 [INFO] 08:43:04 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 08:43:04 [INFO] Building dependencies.jackson 1.0 [12/69] 08:43:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:04 [INFO] 08:43:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 08:43:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 08:43:04 [INFO] 08:43:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 08:43:04 [INFO] 08:43:04 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jackson --- 08:43:04 [INFO] Executing tasks 08:43:09 [INFO] Executed tasks 08:43:09 [INFO] 08:43:09 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jackson --- 08:43:09 [INFO] Checking for updates 08:43:09 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:09 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:09 [INFO] Check for updates complete (69 ms) 08:43:09 [INFO] 08:43:09 08:43:09 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:09 08:43:09 08:43:09 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:09 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:09 08:43:09 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:09 08:43:09 08:43:09 [INFO] Analysis Started 08:43:09 [INFO] Finished Archive Analyzer (0 seconds) 08:43:09 [INFO] Finished File Name Analyzer (0 seconds) 08:43:09 [INFO] Finished Jar Analyzer (0 seconds) 08:43:09 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:09 [INFO] Finished Hint Analyzer (0 seconds) 08:43:09 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:11 [INFO] Created CPE Index (1 seconds) 08:43:11 [INFO] Finished CPE Analyzer (1 seconds) 08:43:11 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:11 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:11 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:11 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:11 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:11 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:11 08:43:11 08:43:11 ## Recommendation 08:43:11 08:43:11 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:11 08:43:11 The following template can be used to demonstrate the vulnerability: 08:43:11 ```{{#with "constructor"}} 08:43:11 {{#with split as |a|}} 08:43:11 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:11 {{#with (concat (lookup join (slice 0 1)))}} 08:43:11 {{#each (slice 2 3)}} 08:43:11 {{#with (apply 0 a)}} 08:43:11 {{.}} 08:43:11 {{/with}} 08:43:11 {{/each}} 08:43:11 {{/with}} 08:43:11 {{/with}} 08:43:11 {{/with}}``` 08:43:11 08:43:11 08:43:11 ## Recommendation 08:43:11 08:43:11 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:11 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:11 [INFO] Analysis Complete (1 seconds) 08:43:11 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:11 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:11 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:11 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:11 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:11 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:11 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:11 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:11 [INFO] 08:43:11 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 08:43:11 [INFO] Building dependencies.javax 1.0 [13/69] 08:43:11 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:11 [INFO] 08:43:11 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 08:43:11 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 08:43:11 [INFO] 08:43:11 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 08:43:11 [INFO] 08:43:11 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.javax --- 08:43:11 [INFO] Executing tasks 08:43:16 [INFO] Executed tasks 08:43:16 [INFO] 08:43:16 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.javax --- 08:43:16 [INFO] Checking for updates 08:43:16 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:16 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:16 [INFO] Check for updates complete (73 ms) 08:43:17 [INFO] 08:43:17 08:43:17 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:17 08:43:17 08:43:17 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:17 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:17 08:43:17 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:17 08:43:17 08:43:17 [INFO] Analysis Started 08:43:17 [INFO] Finished Archive Analyzer (0 seconds) 08:43:17 [INFO] Finished File Name Analyzer (0 seconds) 08:43:17 [INFO] Finished Jar Analyzer (0 seconds) 08:43:17 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:17 [INFO] Finished Hint Analyzer (0 seconds) 08:43:17 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:18 [INFO] Created CPE Index (1 seconds) 08:43:18 [INFO] Finished CPE Analyzer (1 seconds) 08:43:18 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:18 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:18 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:18 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:18 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:18 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:18 08:43:18 08:43:18 ## Recommendation 08:43:18 08:43:18 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:18 08:43:18 The following template can be used to demonstrate the vulnerability: 08:43:18 ```{{#with "constructor"}} 08:43:18 {{#with split as |a|}} 08:43:18 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:18 {{#with (concat (lookup join (slice 0 1)))}} 08:43:18 {{#each (slice 2 3)}} 08:43:18 {{#with (apply 0 a)}} 08:43:18 {{.}} 08:43:18 {{/with}} 08:43:18 {{/each}} 08:43:18 {{/with}} 08:43:18 {{/with}} 08:43:18 {{/with}}``` 08:43:18 08:43:18 08:43:18 ## Recommendation 08:43:18 08:43:18 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:18 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:18 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:19 [INFO] Analysis Complete (1 seconds) 08:43:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:19 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:19 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:19 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:19 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:19 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:19 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:19 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:19 [INFO] 08:43:19 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 08:43:19 [INFO] Building dependencies.jax 1.0 [14/69] 08:43:19 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:19 [INFO] 08:43:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 08:43:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 08:43:19 [INFO] 08:43:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 08:43:19 [INFO] 08:43:19 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 08:43:19 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 08:43:19 [INFO] 08:43:19 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 08:43:19 [INFO] Executing tasks 08:43:19 [INFO] Executed tasks 08:43:19 [INFO] 08:43:19 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jax --- 08:43:19 [INFO] Executing tasks 08:43:24 [INFO] Executed tasks 08:43:24 [INFO] 08:43:24 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jax --- 08:43:24 [INFO] Checking for updates 08:43:24 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:24 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:24 [INFO] Check for updates complete (69 ms) 08:43:24 [INFO] 08:43:24 08:43:24 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:24 08:43:24 08:43:24 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:24 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:24 08:43:24 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:24 08:43:24 08:43:24 [INFO] Analysis Started 08:43:24 [INFO] Finished Archive Analyzer (0 seconds) 08:43:24 [INFO] Finished File Name Analyzer (0 seconds) 08:43:24 [INFO] Finished Jar Analyzer (0 seconds) 08:43:24 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:24 [INFO] Finished Hint Analyzer (0 seconds) 08:43:24 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:26 [INFO] Created CPE Index (1 seconds) 08:43:26 [INFO] Finished CPE Analyzer (1 seconds) 08:43:26 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:26 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:26 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:26 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:26 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:26 08:43:26 08:43:26 ## Recommendation 08:43:26 08:43:26 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:26 08:43:26 The following template can be used to demonstrate the vulnerability: 08:43:26 ```{{#with "constructor"}} 08:43:26 {{#with split as |a|}} 08:43:26 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:26 {{#with (concat (lookup join (slice 0 1)))}} 08:43:26 {{#each (slice 2 3)}} 08:43:26 {{#with (apply 0 a)}} 08:43:26 {{.}} 08:43:26 {{/with}} 08:43:26 {{/each}} 08:43:26 {{/with}} 08:43:26 {{/with}} 08:43:26 {{/with}}``` 08:43:26 08:43:26 08:43:26 ## Recommendation 08:43:26 08:43:26 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:26 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:26 [INFO] Analysis Complete (1 seconds) 08:43:26 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:26 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:26 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:26 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:26 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:26 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:26 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:26 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:26 [INFO] 08:43:26 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 08:43:26 [INFO] Building dependencies.jetty 1.0 [15/69] 08:43:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:26 [INFO] 08:43:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 08:43:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 08:43:26 [INFO] 08:43:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 08:43:26 [INFO] 08:43:26 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jetty --- 08:43:26 [INFO] Executing tasks 08:43:31 [INFO] Executed tasks 08:43:31 [INFO] 08:43:31 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jetty --- 08:43:32 [INFO] Checking for updates 08:43:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:32 [INFO] Check for updates complete (103 ms) 08:43:32 [INFO] 08:43:32 08:43:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:32 08:43:32 08:43:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:32 08:43:32 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:32 08:43:32 08:43:32 [INFO] Analysis Started 08:43:32 [INFO] Finished File Name Analyzer (0 seconds) 08:43:32 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:32 [INFO] Finished Hint Analyzer (0 seconds) 08:43:32 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:33 [INFO] Created CPE Index (1 seconds) 08:43:34 [INFO] Finished CPE Analyzer (1 seconds) 08:43:34 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:34 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:34 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:34 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:34 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:34 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:34 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:34 [INFO] Analysis Complete (1 seconds) 08:43:34 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:34 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:34 [INFO] 08:43:34 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 08:43:34 [INFO] Building dependencies.jminix 1.0 [16/69] 08:43:34 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:34 [INFO] 08:43:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 08:43:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 08:43:34 [INFO] 08:43:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 08:43:34 [INFO] 08:43:34 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 08:43:34 [INFO] Executing tasks 08:43:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 08:43:34 [INFO] Executed tasks 08:43:34 [INFO] 08:43:34 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jminix --- 08:43:34 [INFO] Executing tasks 08:43:39 [INFO] Executed tasks 08:43:39 [INFO] 08:43:39 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jminix --- 08:43:39 [INFO] Checking for updates 08:43:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:39 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:39 [INFO] Check for updates complete (70 ms) 08:43:39 [INFO] 08:43:39 08:43:39 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:39 08:43:39 08:43:39 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:39 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:39 08:43:39 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:39 08:43:39 08:43:39 [INFO] Analysis Started 08:43:39 [INFO] Finished Archive Analyzer (0 seconds) 08:43:39 [INFO] Finished File Name Analyzer (0 seconds) 08:43:39 [INFO] Finished Jar Analyzer (0 seconds) 08:43:39 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:39 [INFO] Finished Hint Analyzer (0 seconds) 08:43:39 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:41 [INFO] Created CPE Index (1 seconds) 08:43:41 [INFO] Finished CPE Analyzer (1 seconds) 08:43:41 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:41 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:42 [INFO] Finished RetireJS Analyzer (1 seconds) 08:43:42 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:42 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:42 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:42 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:42 08:43:42 08:43:42 ## Recommendation 08:43:42 08:43:42 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:42 08:43:42 The following template can be used to demonstrate the vulnerability: 08:43:42 ```{{#with "constructor"}} 08:43:42 {{#with split as |a|}} 08:43:42 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:42 {{#with (concat (lookup join (slice 0 1)))}} 08:43:42 {{#each (slice 2 3)}} 08:43:42 {{#with (apply 0 a)}} 08:43:42 {{.}} 08:43:42 {{/with}} 08:43:42 {{/each}} 08:43:42 {{/with}} 08:43:42 {{/with}} 08:43:42 {{/with}}``` 08:43:42 08:43:42 08:43:42 ## Recommendation 08:43:42 08:43:42 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:42 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:42 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:42 [INFO] Analysis Complete (3 seconds) 08:43:42 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:42 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:42 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:42 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:42 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:42 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:42 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:42 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:42 [INFO] 08:43:42 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 08:43:42 [INFO] Building dependencies.json 1.0 [17/69] 08:43:42 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:42 [INFO] 08:43:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 08:43:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 08:43:42 [INFO] 08:43:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 08:43:42 [INFO] 08:43:42 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 08:43:42 [INFO] Executing tasks 08:43:42 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 08:43:42 [INFO] Executed tasks 08:43:42 [INFO] 08:43:42 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 08:43:42 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 08:43:42 [INFO] 08:43:42 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.json --- 08:43:42 [INFO] Executing tasks 08:43:47 [INFO] Executed tasks 08:43:47 [INFO] 08:43:47 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.json --- 08:43:48 [INFO] Checking for updates 08:43:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:48 [INFO] Check for updates complete (74 ms) 08:43:48 [INFO] 08:43:48 08:43:48 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:48 08:43:48 08:43:48 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:48 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:48 08:43:48 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:48 08:43:48 08:43:48 [INFO] Analysis Started 08:43:48 [INFO] Finished Archive Analyzer (0 seconds) 08:43:48 [INFO] Finished File Name Analyzer (0 seconds) 08:43:48 [INFO] Finished Jar Analyzer (0 seconds) 08:43:48 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:48 [INFO] Finished Hint Analyzer (0 seconds) 08:43:48 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:49 [INFO] Created CPE Index (1 seconds) 08:43:50 [INFO] Finished CPE Analyzer (1 seconds) 08:43:50 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:50 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:50 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:50 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:50 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:50 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:50 08:43:50 08:43:50 ## Recommendation 08:43:50 08:43:50 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:50 08:43:50 The following template can be used to demonstrate the vulnerability: 08:43:50 ```{{#with "constructor"}} 08:43:50 {{#with split as |a|}} 08:43:50 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:50 {{#with (concat (lookup join (slice 0 1)))}} 08:43:50 {{#each (slice 2 3)}} 08:43:50 {{#with (apply 0 a)}} 08:43:50 {{.}} 08:43:50 {{/with}} 08:43:50 {{/each}} 08:43:50 {{/with}} 08:43:50 {{/with}} 08:43:50 {{/with}}``` 08:43:50 08:43:50 08:43:50 ## Recommendation 08:43:50 08:43:50 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:50 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:50 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:50 [INFO] Analysis Complete (1 seconds) 08:43:50 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:50 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:50 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:50 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:50 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:50 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:50 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:50 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:50 [INFO] 08:43:50 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 08:43:50 [INFO] Building dependencies.log 1.0 [18/69] 08:43:50 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:50 [INFO] 08:43:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 08:43:50 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 08:43:50 [INFO] 08:43:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 08:43:50 [INFO] 08:43:50 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 08:43:50 [INFO] Executing tasks 08:43:50 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 08:43:50 [INFO] Executed tasks 08:43:50 [INFO] 08:43:50 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.log --- 08:43:50 [INFO] Executing tasks 08:43:55 [INFO] Executed tasks 08:43:55 [INFO] 08:43:55 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.log --- 08:43:55 [INFO] Checking for updates 08:43:55 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:43:55 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:43:55 [INFO] Check for updates complete (69 ms) 08:43:55 [INFO] 08:43:55 08:43:55 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:43:55 08:43:55 08:43:55 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:43:55 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:43:55 08:43:55 💖 Sponsor: https://github.com/sponsors/jeremylong 08:43:55 08:43:55 08:43:55 [INFO] Analysis Started 08:43:56 [INFO] Finished Archive Analyzer (0 seconds) 08:43:56 [INFO] Finished File Name Analyzer (0 seconds) 08:43:56 [INFO] Finished Jar Analyzer (0 seconds) 08:43:56 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:43:56 [INFO] Finished Hint Analyzer (0 seconds) 08:43:56 [INFO] Finished Version Filter Analyzer (0 seconds) 08:43:57 [INFO] Created CPE Index (1 seconds) 08:43:57 [INFO] Finished CPE Analyzer (1 seconds) 08:43:57 [INFO] Finished False Positive Analyzer (0 seconds) 08:43:57 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:43:57 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:43:57 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:43:57 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:43:57 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:43:57 08:43:57 08:43:57 ## Recommendation 08:43:57 08:43:57 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:43:57 08:43:57 The following template can be used to demonstrate the vulnerability: 08:43:57 ```{{#with "constructor"}} 08:43:57 {{#with split as |a|}} 08:43:57 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:43:57 {{#with (concat (lookup join (slice 0 1)))}} 08:43:57 {{#each (slice 2 3)}} 08:43:57 {{#with (apply 0 a)}} 08:43:57 {{.}} 08:43:57 {{/with}} 08:43:57 {{/each}} 08:43:57 {{/with}} 08:43:57 {{/with}} 08:43:57 {{/with}}``` 08:43:57 08:43:57 08:43:57 ## Recommendation 08:43:57 08:43:57 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:43:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:43:57 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:43:57 [INFO] Analysis Complete (1 seconds) 08:43:57 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:43:57 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:43:57 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:43:57 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:43:57 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:43:57 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:43:57 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:43:57 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:43:57 [INFO] 08:43:57 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 08:43:57 [INFO] Building dependencies.lucene 1.0 [19/69] 08:43:57 [INFO] --------------------------------[ pom ]--------------------------------- 08:43:57 [INFO] 08:43:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 08:43:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 08:43:57 [INFO] 08:43:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 08:43:57 [INFO] 08:43:57 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.lucene --- 08:43:57 [INFO] Executing tasks 08:44:02 [INFO] Executed tasks 08:44:02 [INFO] 08:44:02 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.lucene --- 08:44:02 [INFO] Checking for updates 08:44:02 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:02 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:02 [INFO] Check for updates complete (70 ms) 08:44:03 [INFO] 08:44:03 08:44:03 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:03 08:44:03 08:44:03 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:03 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:03 08:44:03 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:03 08:44:03 08:44:03 [INFO] Analysis Started 08:44:03 [INFO] Finished Archive Analyzer (0 seconds) 08:44:03 [INFO] Finished File Name Analyzer (0 seconds) 08:44:03 [INFO] Finished Jar Analyzer (0 seconds) 08:44:03 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:03 [INFO] Finished Hint Analyzer (0 seconds) 08:44:03 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:04 [INFO] Created CPE Index (1 seconds) 08:44:04 [INFO] Finished CPE Analyzer (1 seconds) 08:44:04 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:04 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:04 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:04 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:04 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:04 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:04 08:44:04 08:44:04 ## Recommendation 08:44:04 08:44:04 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:04 08:44:04 The following template can be used to demonstrate the vulnerability: 08:44:04 ```{{#with "constructor"}} 08:44:04 {{#with split as |a|}} 08:44:04 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:04 {{#with (concat (lookup join (slice 0 1)))}} 08:44:04 {{#each (slice 2 3)}} 08:44:04 {{#with (apply 0 a)}} 08:44:04 {{.}} 08:44:04 {{/with}} 08:44:04 {{/each}} 08:44:04 {{/with}} 08:44:04 {{/with}} 08:44:04 {{/with}}``` 08:44:04 08:44:04 08:44:04 ## Recommendation 08:44:04 08:44:04 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:04 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:04 [INFO] Analysis Complete (1 seconds) 08:44:04 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:04 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:04 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:04 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:04 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:04 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:04 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:04 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:04 [INFO] 08:44:04 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 08:44:04 [INFO] Building dependencies.openapi4j 1.0 [20/69] 08:44:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:04 [INFO] 08:44:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 08:44:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 08:44:04 [INFO] 08:44:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 08:44:04 [INFO] 08:44:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 08:44:05 [INFO] Executing tasks 08:44:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 08:44:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 08:44:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 08:44:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 08:44:05 [INFO] Executed tasks 08:44:05 [INFO] 08:44:05 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.openapi4j --- 08:44:05 [INFO] Executing tasks 08:44:10 [INFO] Executed tasks 08:44:10 [INFO] 08:44:10 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.openapi4j --- 08:44:10 [INFO] Checking for updates 08:44:10 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:10 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:10 [INFO] Check for updates complete (68 ms) 08:44:10 [INFO] 08:44:10 08:44:10 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:10 08:44:10 08:44:10 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:10 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:10 08:44:10 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:10 08:44:10 08:44:10 [INFO] Analysis Started 08:44:10 [INFO] Finished Archive Analyzer (0 seconds) 08:44:10 [INFO] Finished File Name Analyzer (0 seconds) 08:44:10 [INFO] Finished Jar Analyzer (0 seconds) 08:44:10 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:10 [INFO] Finished Hint Analyzer (0 seconds) 08:44:10 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:11 [INFO] Created CPE Index (1 seconds) 08:44:12 [INFO] Finished CPE Analyzer (1 seconds) 08:44:12 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:12 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:12 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:12 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:12 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:12 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:12 08:44:12 08:44:12 ## Recommendation 08:44:12 08:44:12 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:12 08:44:12 The following template can be used to demonstrate the vulnerability: 08:44:12 ```{{#with "constructor"}} 08:44:12 {{#with split as |a|}} 08:44:12 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:12 {{#with (concat (lookup join (slice 0 1)))}} 08:44:12 {{#each (slice 2 3)}} 08:44:12 {{#with (apply 0 a)}} 08:44:12 {{.}} 08:44:12 {{/with}} 08:44:12 {{/each}} 08:44:12 {{/with}} 08:44:12 {{/with}} 08:44:12 {{/with}}``` 08:44:12 08:44:12 08:44:12 ## Recommendation 08:44:12 08:44:12 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:12 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:12 [INFO] Analysis Complete (1 seconds) 08:44:12 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:12 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:12 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:12 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:12 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:12 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:12 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:12 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:12 [INFO] 08:44:12 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 08:44:12 [INFO] Building dependencies.opensaml 1.0 [21/69] 08:44:12 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:12 [INFO] 08:44:12 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 08:44:12 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 08:44:12 [INFO] 08:44:12 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 08:44:12 [INFO] 08:44:12 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.opensaml --- 08:44:12 [INFO] Executing tasks 08:44:17 [INFO] Executed tasks 08:44:17 [INFO] 08:44:17 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.opensaml --- 08:44:17 [INFO] Checking for updates 08:44:17 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:17 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:17 [INFO] Check for updates complete (73 ms) 08:44:17 [INFO] 08:44:17 08:44:17 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:17 08:44:17 08:44:17 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:17 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:17 08:44:17 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:17 08:44:17 08:44:17 [INFO] Analysis Started 08:44:17 [INFO] Finished Archive Analyzer (0 seconds) 08:44:17 [INFO] Finished File Name Analyzer (0 seconds) 08:44:17 [INFO] Finished Jar Analyzer (0 seconds) 08:44:17 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:17 [INFO] Finished Hint Analyzer (0 seconds) 08:44:17 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:19 [INFO] Created CPE Index (1 seconds) 08:44:19 [INFO] Finished CPE Analyzer (1 seconds) 08:44:19 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:19 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:19 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:19 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:19 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:19 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:19 08:44:19 08:44:19 ## Recommendation 08:44:19 08:44:19 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:19 08:44:19 The following template can be used to demonstrate the vulnerability: 08:44:19 ```{{#with "constructor"}} 08:44:19 {{#with split as |a|}} 08:44:19 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:19 {{#with (concat (lookup join (slice 0 1)))}} 08:44:19 {{#each (slice 2 3)}} 08:44:19 {{#with (apply 0 a)}} 08:44:19 {{.}} 08:44:19 {{/with}} 08:44:19 {{/each}} 08:44:19 {{/with}} 08:44:19 {{/with}} 08:44:19 {{/with}}``` 08:44:19 08:44:19 08:44:19 ## Recommendation 08:44:19 08:44:19 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:19 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:19 [INFO] Analysis Complete (1 seconds) 08:44:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:19 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:19 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:19 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:19 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:19 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:19 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:19 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:19 [INFO] 08:44:19 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 08:44:19 [INFO] Building dependencies.pdf 1.0 [22/69] 08:44:19 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:19 [INFO] 08:44:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 08:44:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 08:44:19 [INFO] 08:44:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 08:44:19 [INFO] 08:44:19 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.pdf --- 08:44:19 [INFO] Executing tasks 08:44:24 [INFO] Executed tasks 08:44:24 [INFO] 08:44:24 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.pdf --- 08:44:24 [INFO] Checking for updates 08:44:24 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:24 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:24 [INFO] Check for updates complete (71 ms) 08:44:24 [INFO] 08:44:24 08:44:24 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:24 08:44:24 08:44:24 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:24 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:24 08:44:24 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:24 08:44:24 08:44:24 [INFO] Analysis Started 08:44:25 [INFO] Finished Archive Analyzer (0 seconds) 08:44:25 [INFO] Finished File Name Analyzer (0 seconds) 08:44:25 [INFO] Finished Jar Analyzer (0 seconds) 08:44:25 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:25 [INFO] Finished Hint Analyzer (0 seconds) 08:44:25 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:26 [INFO] Created CPE Index (1 seconds) 08:44:26 [INFO] Finished CPE Analyzer (1 seconds) 08:44:26 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:26 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:26 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:26 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:26 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:26 08:44:26 08:44:26 ## Recommendation 08:44:26 08:44:26 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:26 08:44:26 The following template can be used to demonstrate the vulnerability: 08:44:26 ```{{#with "constructor"}} 08:44:26 {{#with split as |a|}} 08:44:26 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:26 {{#with (concat (lookup join (slice 0 1)))}} 08:44:26 {{#each (slice 2 3)}} 08:44:26 {{#with (apply 0 a)}} 08:44:26 {{.}} 08:44:26 {{/with}} 08:44:26 {{/each}} 08:44:26 {{/with}} 08:44:26 {{/with}} 08:44:26 {{/with}}``` 08:44:26 08:44:26 08:44:26 ## Recommendation 08:44:26 08:44:26 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:26 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:26 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:26 [INFO] Analysis Complete (1 seconds) 08:44:26 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:26 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:26 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:26 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:26 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:26 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:26 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:26 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:26 [INFO] 08:44:26 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 08:44:26 [INFO] Building dependencies.redis 1.0 [23/69] 08:44:26 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:26 [INFO] 08:44:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 08:44:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 08:44:26 [INFO] 08:44:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 08:44:26 [INFO] 08:44:26 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.redis --- 08:44:26 [INFO] Executing tasks 08:44:31 [INFO] Executed tasks 08:44:31 [INFO] 08:44:31 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.redis --- 08:44:31 [INFO] Checking for updates 08:44:31 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:31 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:31 [INFO] Check for updates complete (73 ms) 08:44:32 [INFO] 08:44:32 08:44:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:32 08:44:32 08:44:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:32 08:44:32 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:32 08:44:32 08:44:32 [INFO] Analysis Started 08:44:32 [INFO] Finished Archive Analyzer (0 seconds) 08:44:32 [INFO] Finished File Name Analyzer (0 seconds) 08:44:32 [INFO] Finished Jar Analyzer (0 seconds) 08:44:32 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:32 [INFO] Finished Hint Analyzer (0 seconds) 08:44:32 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:33 [INFO] Created CPE Index (1 seconds) 08:44:34 [INFO] Finished CPE Analyzer (1 seconds) 08:44:34 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:34 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:34 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:34 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:34 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:34 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:34 08:44:34 08:44:34 ## Recommendation 08:44:34 08:44:34 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:34 08:44:34 The following template can be used to demonstrate the vulnerability: 08:44:34 ```{{#with "constructor"}} 08:44:34 {{#with split as |a|}} 08:44:34 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:34 {{#with (concat (lookup join (slice 0 1)))}} 08:44:34 {{#each (slice 2 3)}} 08:44:34 {{#with (apply 0 a)}} 08:44:34 {{.}} 08:44:34 {{/with}} 08:44:34 {{/each}} 08:44:34 {{/with}} 08:44:34 {{/with}} 08:44:34 {{/with}}``` 08:44:34 08:44:34 08:44:34 ## Recommendation 08:44:34 08:44:34 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:34 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:34 [INFO] Analysis Complete (2 seconds) 08:44:34 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:34 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:34 [INFO] 08:44:34 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 08:44:34 [INFO] Building dependencies.reports 1.0 [24/69] 08:44:34 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:34 [INFO] 08:44:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 08:44:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 08:44:34 [INFO] 08:44:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 08:44:34 [INFO] 08:44:34 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.reports --- 08:44:34 [INFO] Executing tasks 08:44:39 [INFO] Executed tasks 08:44:39 [INFO] 08:44:39 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.reports --- 08:44:39 [INFO] Checking for updates 08:44:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:39 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:39 [INFO] Check for updates complete (70 ms) 08:44:39 [INFO] 08:44:39 08:44:39 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:39 08:44:39 08:44:39 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:39 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:39 08:44:39 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:39 08:44:39 08:44:39 [INFO] Analysis Started 08:44:40 [INFO] Finished Archive Analyzer (0 seconds) 08:44:40 [INFO] Finished File Name Analyzer (0 seconds) 08:44:40 [INFO] Finished Jar Analyzer (0 seconds) 08:44:40 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:40 [INFO] Finished Hint Analyzer (0 seconds) 08:44:40 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:41 [INFO] Created CPE Index (1 seconds) 08:44:41 [INFO] Finished CPE Analyzer (1 seconds) 08:44:41 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:41 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:41 [INFO] Finished RetireJS Analyzer (0 seconds) 08:44:41 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:41 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:41 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:41 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:41 08:44:41 08:44:41 ## Recommendation 08:44:41 08:44:41 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:41 08:44:41 The following template can be used to demonstrate the vulnerability: 08:44:41 ```{{#with "constructor"}} 08:44:41 {{#with split as |a|}} 08:44:41 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:41 {{#with (concat (lookup join (slice 0 1)))}} 08:44:41 {{#each (slice 2 3)}} 08:44:41 {{#with (apply 0 a)}} 08:44:41 {{.}} 08:44:41 {{/with}} 08:44:41 {{/each}} 08:44:41 {{/with}} 08:44:41 {{/with}} 08:44:41 {{/with}}``` 08:44:41 08:44:41 08:44:41 ## Recommendation 08:44:41 08:44:41 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:41 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:41 [INFO] Analysis Complete (1 seconds) 08:44:41 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:41 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:41 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:41 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:41 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:41 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:41 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:41 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:41 [INFO] 08:44:41 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 08:44:41 [INFO] Building dependencies.saaj 1.0 [25/69] 08:44:41 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:41 [INFO] 08:44:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 08:44:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 08:44:41 [INFO] 08:44:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 08:44:41 [INFO] 08:44:41 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 08:44:41 [INFO] Executing tasks 08:44:41 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 08:44:41 [INFO] Executed tasks 08:44:41 [INFO] 08:44:41 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.saaj --- 08:44:41 [INFO] Executing tasks 08:44:46 [INFO] Executed tasks 08:44:46 [INFO] 08:44:46 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.saaj --- 08:44:47 [INFO] Checking for updates 08:44:47 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:47 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:47 [INFO] Check for updates complete (73 ms) 08:44:47 [INFO] 08:44:47 08:44:47 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:47 08:44:47 08:44:47 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:47 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:47 08:44:47 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:47 08:44:47 08:44:47 [INFO] Analysis Started 08:44:47 [INFO] Finished Archive Analyzer (0 seconds) 08:44:47 [INFO] Finished File Name Analyzer (0 seconds) 08:44:47 [INFO] Finished Jar Analyzer (0 seconds) 08:44:47 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:47 [INFO] Finished Hint Analyzer (0 seconds) 08:44:47 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:48 [INFO] Created CPE Index (1 seconds) 08:44:48 [INFO] Finished CPE Analyzer (1 seconds) 08:44:48 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:48 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:48 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:48 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:48 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:48 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:48 08:44:48 08:44:48 ## Recommendation 08:44:48 08:44:48 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:48 08:44:48 The following template can be used to demonstrate the vulnerability: 08:44:48 ```{{#with "constructor"}} 08:44:48 {{#with split as |a|}} 08:44:48 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:48 {{#with (concat (lookup join (slice 0 1)))}} 08:44:48 {{#each (slice 2 3)}} 08:44:48 {{#with (apply 0 a)}} 08:44:48 {{.}} 08:44:48 {{/with}} 08:44:48 {{/each}} 08:44:48 {{/with}} 08:44:48 {{/with}} 08:44:48 {{/with}}``` 08:44:48 08:44:48 08:44:48 ## Recommendation 08:44:48 08:44:48 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:48 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:48 [INFO] Analysis Complete (1 seconds) 08:44:48 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:48 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:49 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:49 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:49 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:49 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:49 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:49 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:49 [INFO] 08:44:49 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 08:44:49 [INFO] Building dependencies.security 1.0 [26/69] 08:44:49 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:49 [INFO] 08:44:49 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 08:44:49 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 08:44:49 [INFO] 08:44:49 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 08:44:49 [INFO] 08:44:49 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 08:44:49 [INFO] Executing tasks 08:44:49 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 08:44:49 [INFO] Executed tasks 08:44:49 [INFO] 08:44:49 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.security --- 08:44:49 [INFO] Executing tasks 08:44:54 [INFO] Executed tasks 08:44:54 [INFO] 08:44:54 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.security --- 08:44:54 [INFO] Checking for updates 08:44:54 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:44:54 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:44:54 [INFO] Check for updates complete (67 ms) 08:44:54 [INFO] 08:44:54 08:44:54 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:44:54 08:44:54 08:44:54 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:44:54 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:44:54 08:44:54 💖 Sponsor: https://github.com/sponsors/jeremylong 08:44:54 08:44:54 08:44:54 [INFO] Analysis Started 08:44:54 [INFO] Finished Archive Analyzer (0 seconds) 08:44:54 [INFO] Finished File Name Analyzer (0 seconds) 08:44:55 [INFO] Finished Jar Analyzer (0 seconds) 08:44:55 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:44:55 [INFO] Finished Hint Analyzer (0 seconds) 08:44:55 [INFO] Finished Version Filter Analyzer (0 seconds) 08:44:56 [INFO] Created CPE Index (1 seconds) 08:44:56 [INFO] Finished CPE Analyzer (1 seconds) 08:44:56 [INFO] Finished False Positive Analyzer (0 seconds) 08:44:56 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:44:56 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:44:56 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:44:56 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:44:56 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:44:56 08:44:56 08:44:56 ## Recommendation 08:44:56 08:44:56 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:44:56 08:44:56 The following template can be used to demonstrate the vulnerability: 08:44:56 ```{{#with "constructor"}} 08:44:56 {{#with split as |a|}} 08:44:56 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:44:56 {{#with (concat (lookup join (slice 0 1)))}} 08:44:56 {{#each (slice 2 3)}} 08:44:56 {{#with (apply 0 a)}} 08:44:56 {{.}} 08:44:56 {{/with}} 08:44:56 {{/each}} 08:44:56 {{/with}} 08:44:56 {{/with}} 08:44:56 {{/with}}``` 08:44:56 08:44:56 08:44:56 ## Recommendation 08:44:56 08:44:56 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:44:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:44:56 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:44:56 [INFO] Analysis Complete (2 seconds) 08:44:56 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:44:56 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:44:56 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:44:56 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:44:56 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:44:56 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:44:56 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:44:56 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:44:56 [INFO] 08:44:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 08:44:56 [INFO] Building dependencies.shared 1.0 [27/69] 08:44:56 [INFO] --------------------------------[ pom ]--------------------------------- 08:44:56 [INFO] 08:44:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 08:44:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 08:44:56 [INFO] 08:44:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 08:44:56 [INFO] 08:44:56 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 08:44:56 [INFO] Executing tasks 08:44:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 08:44:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 08:44:56 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 08:44:56 [INFO] Executed tasks 08:44:56 [INFO] 08:44:56 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.shared --- 08:44:56 [INFO] Executing tasks 08:45:01 [INFO] Executed tasks 08:45:01 [INFO] 08:45:01 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.shared --- 08:45:01 [INFO] Checking for updates 08:45:01 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:02 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:02 [INFO] Check for updates complete (73 ms) 08:45:02 [INFO] 08:45:02 08:45:02 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:02 08:45:02 08:45:02 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:02 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:02 08:45:02 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:02 08:45:02 08:45:02 [INFO] Analysis Started 08:45:03 [INFO] Finished Archive Analyzer (1 seconds) 08:45:03 [INFO] Finished File Name Analyzer (0 seconds) 08:45:03 [INFO] Finished Jar Analyzer (0 seconds) 08:45:03 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:03 [INFO] Finished Hint Analyzer (0 seconds) 08:45:03 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:05 [INFO] Created CPE Index (1 seconds) 08:45:05 [INFO] Finished CPE Analyzer (2 seconds) 08:45:05 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:06 [INFO] Finished RetireJS Analyzer (0 seconds) 08:45:06 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:06 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:06 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:06 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:06 08:45:06 08:45:06 ## Recommendation 08:45:06 08:45:06 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:06 08:45:06 The following template can be used to demonstrate the vulnerability: 08:45:06 ```{{#with "constructor"}} 08:45:06 {{#with split as |a|}} 08:45:06 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:06 {{#with (concat (lookup join (slice 0 1)))}} 08:45:06 {{#each (slice 2 3)}} 08:45:06 {{#with (apply 0 a)}} 08:45:06 {{.}} 08:45:06 {{/with}} 08:45:06 {{/each}} 08:45:06 {{/with}} 08:45:06 {{/with}} 08:45:06 {{/with}}``` 08:45:06 08:45:06 08:45:06 ## Recommendation 08:45:06 08:45:06 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:45:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:06 [INFO] Analysis Complete (3 seconds) 08:45:06 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:06 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:06 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:06 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:06 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:06 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:06 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:06 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:06 [WARNING] 08:45:06 08:45:06 One or more dependencies were identified with known vulnerabilities in dependencies.shared: 08:45:06 08:45:06 rhino-1.7.14.jar (pkg:maven/org.mozilla/rhino@1.7.14) : CVE-2025-66453 08:45:06 08:45:06 08:45:06 See the dependency-check report for more details. 08:45:06 08:45:06 08:45:06 [INFO] 08:45:06 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 08:45:06 [INFO] Building dependencies.spring 1.0 [28/69] 08:45:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:06 [INFO] 08:45:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 08:45:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 08:45:06 [INFO] 08:45:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 08:45:06 [INFO] 08:45:06 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 08:45:06 [INFO] Executing tasks 08:45:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 08:45:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 08:45:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 08:45:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 08:45:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 08:45:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 08:45:06 [INFO] Executed tasks 08:45:06 [INFO] 08:45:06 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring --- 08:45:06 [INFO] Executing tasks 08:45:11 [INFO] Executed tasks 08:45:11 [INFO] 08:45:11 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring --- 08:45:11 [INFO] Checking for updates 08:45:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:11 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:11 [INFO] Check for updates complete (69 ms) 08:45:12 [INFO] 08:45:12 08:45:12 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:12 08:45:12 08:45:12 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:12 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:12 08:45:12 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:12 08:45:12 08:45:12 [INFO] Analysis Started 08:45:12 [INFO] Finished Archive Analyzer (0 seconds) 08:45:12 [INFO] Finished File Name Analyzer (0 seconds) 08:45:12 [INFO] Finished Jar Analyzer (0 seconds) 08:45:12 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:12 [INFO] Finished Hint Analyzer (0 seconds) 08:45:12 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:13 [INFO] Created CPE Index (1 seconds) 08:45:13 [INFO] Finished CPE Analyzer (1 seconds) 08:45:13 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:13 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:13 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:13 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:13 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:13 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:13 08:45:13 08:45:13 ## Recommendation 08:45:13 08:45:13 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:13 08:45:13 The following template can be used to demonstrate the vulnerability: 08:45:13 ```{{#with "constructor"}} 08:45:13 {{#with split as |a|}} 08:45:13 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:13 {{#with (concat (lookup join (slice 0 1)))}} 08:45:13 {{#each (slice 2 3)}} 08:45:13 {{#with (apply 0 a)}} 08:45:13 {{.}} 08:45:13 {{/with}} 08:45:13 {{/each}} 08:45:13 {{/with}} 08:45:13 {{/with}} 08:45:13 {{/with}}``` 08:45:13 08:45:13 08:45:13 ## Recommendation 08:45:13 08:45:13 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:45:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:13 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:13 [INFO] Analysis Complete (1 seconds) 08:45:13 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:14 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:14 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:14 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:14 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:14 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:14 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:14 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:14 [WARNING] 08:45:14 08:45:14 One or more dependencies were identified with known vulnerabilities in dependencies.spring: 08:45:14 08:45:14 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 08:45:14 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:web_project:web:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 08:45:14 08:45:14 08:45:14 See the dependency-check report for more details. 08:45:14 08:45:14 08:45:14 [INFO] 08:45:14 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 08:45:14 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 08:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:14 [INFO] 08:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 08:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 08:45:14 [INFO] 08:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 08:45:14 [INFO] 08:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-ldap --- 08:45:14 [INFO] Executing tasks 08:45:19 [INFO] Executed tasks 08:45:19 [INFO] 08:45:19 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring-ldap --- 08:45:19 [INFO] Checking for updates 08:45:19 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:19 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:19 [INFO] Check for updates complete (67 ms) 08:45:19 [INFO] 08:45:19 08:45:19 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:19 08:45:19 08:45:19 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:19 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:19 08:45:19 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:19 08:45:19 08:45:19 [INFO] Analysis Started 08:45:19 [INFO] Finished Archive Analyzer (0 seconds) 08:45:19 [INFO] Finished File Name Analyzer (0 seconds) 08:45:19 [INFO] Finished Jar Analyzer (0 seconds) 08:45:19 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:19 [INFO] Finished Hint Analyzer (0 seconds) 08:45:19 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:20 [INFO] Created CPE Index (1 seconds) 08:45:20 [INFO] Finished CPE Analyzer (1 seconds) 08:45:20 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:20 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:20 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:20 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:20 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:20 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:20 08:45:20 08:45:20 ## Recommendation 08:45:20 08:45:20 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:20 08:45:20 The following template can be used to demonstrate the vulnerability: 08:45:20 ```{{#with "constructor"}} 08:45:20 {{#with split as |a|}} 08:45:20 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:20 {{#with (concat (lookup join (slice 0 1)))}} 08:45:20 {{#each (slice 2 3)}} 08:45:20 {{#with (apply 0 a)}} 08:45:20 {{.}} 08:45:20 {{/with}} 08:45:20 {{/each}} 08:45:20 {{/with}} 08:45:20 {{/with}} 08:45:20 {{/with}}``` 08:45:20 08:45:20 08:45:20 ## Recommendation 08:45:20 08:45:20 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:45:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:20 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:20 [INFO] Analysis Complete (1 seconds) 08:45:20 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:21 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:21 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:21 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:21 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:21 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:21 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:21 [INFO] 08:45:21 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 08:45:21 [INFO] Building dependencies.spring-security 1.0 [30/69] 08:45:21 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:21 [INFO] 08:45:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 08:45:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 08:45:21 [INFO] 08:45:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 08:45:21 [INFO] 08:45:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 08:45:21 [INFO] Executing tasks 08:45:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 08:45:21 [INFO] Executed tasks 08:45:21 [INFO] 08:45:21 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-security --- 08:45:21 [INFO] Executing tasks 08:45:26 [INFO] Executed tasks 08:45:26 [INFO] 08:45:26 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring-security --- 08:45:26 [INFO] Checking for updates 08:45:26 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:26 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:26 [INFO] Check for updates complete (66 ms) 08:45:26 [INFO] 08:45:26 08:45:26 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:26 08:45:26 08:45:26 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:26 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:26 08:45:26 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:26 08:45:26 08:45:26 [INFO] Analysis Started 08:45:26 [INFO] Finished Archive Analyzer (0 seconds) 08:45:26 [INFO] Finished File Name Analyzer (0 seconds) 08:45:26 [INFO] Finished Jar Analyzer (0 seconds) 08:45:26 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:26 [INFO] Finished Hint Analyzer (0 seconds) 08:45:26 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:27 [INFO] Created CPE Index (1 seconds) 08:45:28 [INFO] Finished CPE Analyzer (1 seconds) 08:45:28 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:28 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:28 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:28 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:28 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:28 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:28 08:45:28 08:45:28 ## Recommendation 08:45:28 08:45:28 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:28 08:45:28 The following template can be used to demonstrate the vulnerability: 08:45:28 ```{{#with "constructor"}} 08:45:28 {{#with split as |a|}} 08:45:28 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:28 {{#with (concat (lookup join (slice 0 1)))}} 08:45:28 {{#each (slice 2 3)}} 08:45:28 {{#with (apply 0 a)}} 08:45:28 {{.}} 08:45:28 {{/with}} 08:45:28 {{/each}} 08:45:28 {{/with}} 08:45:28 {{/with}} 08:45:28 {{/with}}``` 08:45:28 08:45:28 08:45:28 ## Recommendation 08:45:28 08:45:28 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:28 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:28 [INFO] Analysis Complete (1 seconds) 08:45:28 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:28 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:28 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:28 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:28 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:28 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:28 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:28 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:28 [INFO] 08:45:28 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 08:45:28 [INFO] Building dependencies.swagger 1.0 [31/69] 08:45:28 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:28 [INFO] 08:45:28 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 08:45:28 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 08:45:28 [INFO] 08:45:28 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 08:45:28 [INFO] 08:45:28 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 08:45:28 [INFO] Executing tasks 08:45:28 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 08:45:28 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 08:45:28 [INFO] Executed tasks 08:45:28 [INFO] 08:45:28 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.swagger --- 08:45:28 [INFO] Executing tasks 08:45:33 [INFO] Executed tasks 08:45:33 [INFO] 08:45:33 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.swagger --- 08:45:33 [INFO] Checking for updates 08:45:33 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:33 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:33 [INFO] Check for updates complete (71 ms) 08:45:33 [INFO] 08:45:33 08:45:33 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:33 08:45:33 08:45:33 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:33 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:33 08:45:33 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:33 08:45:33 08:45:33 [INFO] Analysis Started 08:45:34 [INFO] Finished Archive Analyzer (0 seconds) 08:45:34 [INFO] Finished File Name Analyzer (0 seconds) 08:45:34 [INFO] Finished Jar Analyzer (0 seconds) 08:45:34 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:34 [INFO] Finished Hint Analyzer (0 seconds) 08:45:34 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:35 [INFO] Created CPE Index (1 seconds) 08:45:35 [INFO] Finished CPE Analyzer (1 seconds) 08:45:35 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:35 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:44 [INFO] Finished RetireJS Analyzer (8 seconds) 08:45:44 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:44 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:44 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:44 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:44 08:45:44 08:45:44 ## Recommendation 08:45:44 08:45:44 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:44 08:45:44 The following template can be used to demonstrate the vulnerability: 08:45:44 ```{{#with "constructor"}} 08:45:44 {{#with split as |a|}} 08:45:44 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:44 {{#with (concat (lookup join (slice 0 1)))}} 08:45:44 {{#each (slice 2 3)}} 08:45:44 {{#with (apply 0 a)}} 08:45:44 {{.}} 08:45:44 {{/with}} 08:45:44 {{/each}} 08:45:44 {{/with}} 08:45:44 {{/with}} 08:45:44 {{/with}}``` 08:45:44 08:45:44 08:45:44 ## Recommendation 08:45:44 08:45:44 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:45:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:44 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:44 [INFO] Analysis Complete (10 seconds) 08:45:44 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:44 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:44 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:44 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:44 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:44 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:44 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:44 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:44 [INFO] 08:45:44 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 08:45:44 [INFO] Building dependencies.wadl 1.0 [32/69] 08:45:44 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:44 [INFO] 08:45:44 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 08:45:44 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 08:45:44 [INFO] 08:45:44 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 08:45:44 [INFO] 08:45:44 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wadl --- 08:45:44 [INFO] Executing tasks 08:45:49 [INFO] Executed tasks 08:45:49 [INFO] 08:45:49 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.wadl --- 08:45:49 [INFO] Checking for updates 08:45:49 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:49 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:49 [INFO] Check for updates complete (145 ms) 08:45:49 [INFO] 08:45:49 08:45:49 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:49 08:45:49 08:45:49 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:49 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:49 08:45:49 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:49 08:45:49 08:45:49 [INFO] Analysis Started 08:45:49 [INFO] Finished Archive Analyzer (0 seconds) 08:45:49 [INFO] Finished File Name Analyzer (0 seconds) 08:45:49 [INFO] Finished Jar Analyzer (0 seconds) 08:45:49 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:49 [INFO] Finished Hint Analyzer (0 seconds) 08:45:49 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:51 [INFO] Created CPE Index (1 seconds) 08:45:51 [INFO] Finished CPE Analyzer (1 seconds) 08:45:51 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:51 08:45:51 08:45:51 ## Recommendation 08:45:51 08:45:51 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:51 08:45:51 The following template can be used to demonstrate the vulnerability: 08:45:51 ```{{#with "constructor"}} 08:45:51 {{#with split as |a|}} 08:45:51 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:51 {{#with (concat (lookup join (slice 0 1)))}} 08:45:51 {{#each (slice 2 3)}} 08:45:51 {{#with (apply 0 a)}} 08:45:51 {{.}} 08:45:51 {{/with}} 08:45:51 {{/each}} 08:45:51 {{/with}} 08:45:51 {{/with}} 08:45:51 {{/with}}``` 08:45:51 08:45:51 08:45:51 ## Recommendation 08:45:51 08:45:51 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:45:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:51 [INFO] Analysis Complete (1 seconds) 08:45:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:51 [INFO] 08:45:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 08:45:51 [INFO] Building dependencies.wss4j 1.0 [33/69] 08:45:51 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:51 [INFO] 08:45:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 08:45:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 08:45:51 [INFO] 08:45:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 08:45:51 [INFO] 08:45:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 08:45:51 [INFO] Executing tasks 08:45:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 08:45:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 08:45:51 [INFO] Executed tasks 08:45:51 [INFO] 08:45:51 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wss4j --- 08:45:51 [INFO] Executing tasks 08:45:56 [INFO] Executed tasks 08:45:56 [INFO] 08:45:56 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.wss4j --- 08:45:56 [INFO] Checking for updates 08:45:56 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:45:56 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:45:56 [INFO] Check for updates complete (69 ms) 08:45:56 [INFO] 08:45:56 08:45:56 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:45:56 08:45:56 08:45:56 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:45:56 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:45:56 08:45:56 💖 Sponsor: https://github.com/sponsors/jeremylong 08:45:56 08:45:56 08:45:56 [INFO] Analysis Started 08:45:56 [INFO] Finished Archive Analyzer (0 seconds) 08:45:56 [INFO] Finished File Name Analyzer (0 seconds) 08:45:56 [INFO] Finished Jar Analyzer (0 seconds) 08:45:56 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:45:56 [INFO] Finished Hint Analyzer (0 seconds) 08:45:56 [INFO] Finished Version Filter Analyzer (0 seconds) 08:45:58 [INFO] Created CPE Index (1 seconds) 08:45:58 [INFO] Finished CPE Analyzer (1 seconds) 08:45:58 [INFO] Finished False Positive Analyzer (0 seconds) 08:45:58 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:45:58 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:45:58 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:45:58 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:45:58 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 08:45:58 08:45:58 08:45:58 ## Recommendation 08:45:58 08:45:58 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 08:45:58 08:45:58 The following template can be used to demonstrate the vulnerability: 08:45:58 ```{{#with "constructor"}} 08:45:58 {{#with split as |a|}} 08:45:58 {{pop (push "alert('Vulnerable Handlebars JS');")}} 08:45:58 {{#with (concat (lookup join (slice 0 1)))}} 08:45:58 {{#each (slice 2 3)}} 08:45:58 {{#with (apply 0 a)}} 08:45:58 {{.}} 08:45:58 {{/with}} 08:45:58 {{/each}} 08:45:58 {{/with}} 08:45:58 {{/with}} 08:45:58 {{/with}}``` 08:45:58 08:45:58 08:45:58 ## Recommendation 08:45:58 08:45:58 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 08:45:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 08:45:58 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:45:58 [INFO] Analysis Complete (1 seconds) 08:45:58 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:45:58 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:45:58 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:45:58 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:45:58 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:45:58 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:45:58 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:45:58 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:45:58 [INFO] 08:45:58 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 08:45:58 [INFO] Building dependencies.testsuite 1.0 [34/69] 08:45:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:45:58 [INFO] 08:45:58 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite --- 08:45:58 [INFO] Executing tasks 08:46:03 [INFO] Executed tasks 08:46:03 [INFO] 08:46:03 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite --- 08:46:03 [INFO] Checking for updates 08:46:03 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:03 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:03 [INFO] Check for updates complete (68 ms) 08:46:04 [INFO] 08:46:04 08:46:04 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:04 08:46:04 08:46:04 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:04 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:04 08:46:04 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:04 08:46:04 08:46:04 [INFO] Analysis Started 08:46:04 [INFO] Finished File Name Analyzer (0 seconds) 08:46:04 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:04 [INFO] Finished Hint Analyzer (0 seconds) 08:46:04 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:05 [INFO] Created CPE Index (1 seconds) 08:46:05 [INFO] Finished CPE Analyzer (1 seconds) 08:46:05 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:05 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:05 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:05 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:05 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:05 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:05 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:05 [INFO] Analysis Complete (1 seconds) 08:46:05 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 08:46:05 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 08:46:05 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 08:46:05 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 08:46:05 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 08:46:05 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 08:46:05 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 08:46:05 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 08:46:05 [INFO] 08:46:05 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 08:46:05 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 08:46:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:05 [INFO] 08:46:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 08:46:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 08:46:05 [INFO] 08:46:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 08:46:05 [INFO] 08:46:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 08:46:05 [INFO] Executing tasks 08:46:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 08:46:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 08:46:05 [INFO] Executed tasks 08:46:05 [INFO] 08:46:05 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.axis14 --- 08:46:05 [INFO] Executing tasks 08:46:10 [INFO] Executed tasks 08:46:10 [INFO] 08:46:10 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.axis14 --- 08:46:10 [INFO] Checking for updates 08:46:10 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:10 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:10 [INFO] Check for updates complete (72 ms) 08:46:10 [INFO] 08:46:10 08:46:10 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:10 08:46:10 08:46:10 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:10 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:10 08:46:10 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:10 08:46:10 08:46:10 [INFO] Analysis Started 08:46:10 [INFO] Finished File Name Analyzer (0 seconds) 08:46:10 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:10 [INFO] Finished Hint Analyzer (0 seconds) 08:46:10 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:12 [INFO] Created CPE Index (1 seconds) 08:46:12 [INFO] Finished CPE Analyzer (1 seconds) 08:46:12 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:12 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:12 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:12 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:12 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:12 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:12 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:12 [INFO] Analysis Complete (1 seconds) 08:46:12 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 08:46:12 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 08:46:12 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 08:46:12 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 08:46:12 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 08:46:12 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 08:46:12 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 08:46:12 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 08:46:12 [INFO] 08:46:12 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 08:46:12 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 08:46:12 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:12 [INFO] 08:46:12 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer --- 08:46:12 [INFO] Executing tasks 08:46:17 [INFO] Executed tasks 08:46:17 [INFO] 08:46:17 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer --- 08:46:17 [INFO] Checking for updates 08:46:17 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:17 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:17 [INFO] Check for updates complete (94 ms) 08:46:17 [INFO] 08:46:17 08:46:17 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:17 08:46:17 08:46:17 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:17 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:17 08:46:17 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:17 08:46:17 08:46:17 [INFO] Analysis Started 08:46:17 [INFO] Finished File Name Analyzer (0 seconds) 08:46:17 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:17 [INFO] Finished Hint Analyzer (0 seconds) 08:46:17 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:19 [INFO] Created CPE Index (1 seconds) 08:46:19 [INFO] Finished CPE Analyzer (1 seconds) 08:46:19 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:19 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:19 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:19 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:19 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:19 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:19 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:19 [INFO] Analysis Complete (1 seconds) 08:46:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 08:46:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 08:46:20 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 08:46:20 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 08:46:20 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 08:46:20 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 08:46:20 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 08:46:20 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 08:46:20 [INFO] 08:46:20 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 08:46:20 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 08:46:20 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:20 [INFO] 08:46:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:46:20 [INFO] 08:46:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:46:20 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 08:46:20 [INFO] 08:46:20 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:46:20 [INFO] Executing tasks 08:46:25 [INFO] Executed tasks 08:46:25 [INFO] 08:46:25 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:46:25 [INFO] Checking for updates 08:46:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:25 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:25 [INFO] Check for updates complete (68 ms) 08:46:25 [INFO] 08:46:25 08:46:25 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:25 08:46:25 08:46:25 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:25 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:25 08:46:25 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:25 08:46:25 08:46:25 [INFO] Analysis Started 08:46:25 [INFO] Finished File Name Analyzer (0 seconds) 08:46:25 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:25 [INFO] Finished Hint Analyzer (0 seconds) 08:46:25 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:26 [INFO] Created CPE Index (1 seconds) 08:46:26 [INFO] Finished CPE Analyzer (1 seconds) 08:46:26 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:26 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:26 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:26 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:26 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:26 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:26 [INFO] Analysis Complete (1 seconds) 08:46:26 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:46:26 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:46:26 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:46:26 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:46:26 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:46:26 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:46:26 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:46:26 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:46:27 [INFO] 08:46:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 08:46:27 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 08:46:27 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:27 [INFO] 08:46:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:46:27 [INFO] 08:46:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:46:27 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 08:46:27 [INFO] 08:46:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:46:27 [INFO] Executing tasks 08:46:32 [INFO] Executed tasks 08:46:32 [INFO] 08:46:32 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:46:32 [INFO] Checking for updates 08:46:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:32 [INFO] Check for updates complete (67 ms) 08:46:32 [INFO] 08:46:32 08:46:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:32 08:46:32 08:46:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:32 08:46:32 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:32 08:46:32 08:46:32 [INFO] Analysis Started 08:46:32 [INFO] Finished File Name Analyzer (0 seconds) 08:46:32 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:32 [INFO] Finished Hint Analyzer (0 seconds) 08:46:32 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:33 [INFO] Created CPE Index (1 seconds) 08:46:33 [INFO] Finished CPE Analyzer (1 seconds) 08:46:33 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:33 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:33 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:33 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:33 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:33 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:33 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:33 [INFO] Analysis Complete (1 seconds) 08:46:33 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:46:33 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:46:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:46:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:46:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:46:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:46:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:46:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:46:34 [INFO] 08:46:34 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 08:46:34 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 08:46:34 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:34 [INFO] 08:46:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:46:34 [INFO] 08:46:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:46:34 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 08:46:34 [INFO] 08:46:34 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:46:34 [INFO] Executing tasks 08:46:39 [INFO] Executed tasks 08:46:39 [INFO] 08:46:39 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:46:39 [INFO] Checking for updates 08:46:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:39 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:39 [INFO] Check for updates complete (69 ms) 08:46:39 [INFO] 08:46:39 08:46:39 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:39 08:46:39 08:46:39 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:39 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:39 08:46:39 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:39 08:46:39 08:46:39 [INFO] Analysis Started 08:46:39 [INFO] Finished File Name Analyzer (0 seconds) 08:46:39 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:39 [INFO] Finished Hint Analyzer (0 seconds) 08:46:39 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:40 [INFO] Created CPE Index (1 seconds) 08:46:40 [INFO] Finished CPE Analyzer (1 seconds) 08:46:40 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:40 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:40 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:40 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:40 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:40 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:40 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:40 [INFO] Analysis Complete (1 seconds) 08:46:40 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:46:40 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:46:41 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:46:41 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:46:41 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:46:41 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:46:41 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:46:41 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:46:41 [INFO] 08:46:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 08:46:41 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 08:46:41 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:41 [INFO] 08:46:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:46:41 [INFO] 08:46:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:46:41 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 08:46:41 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 08:46:41 [INFO] 08:46:41 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:46:41 [INFO] Executing tasks 08:46:46 [INFO] Executed tasks 08:46:46 [INFO] 08:46:46 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:46:46 [INFO] Checking for updates 08:46:46 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:46 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:46 [INFO] Check for updates complete (65 ms) 08:46:46 [INFO] 08:46:46 08:46:46 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:46 08:46:46 08:46:46 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:46 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:46 08:46:46 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:46 08:46:46 08:46:46 [INFO] Analysis Started 08:46:46 [INFO] Finished File Name Analyzer (0 seconds) 08:46:46 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:46 [INFO] Finished Hint Analyzer (0 seconds) 08:46:46 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:47 [INFO] Created CPE Index (1 seconds) 08:46:47 [INFO] Finished CPE Analyzer (1 seconds) 08:46:47 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:47 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:47 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:47 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:47 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:47 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:47 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:47 [INFO] Analysis Complete (1 seconds) 08:46:47 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:46:47 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:46:47 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:46:47 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:46:47 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:46:47 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:46:47 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:46:47 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:46:47 [INFO] 08:46:47 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 08:46:47 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 08:46:47 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:47 [INFO] 08:46:47 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:46:47 [INFO] 08:46:47 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:46:47 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 08:46:47 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 08:46:47 [INFO] 08:46:47 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:46:48 [INFO] Executing tasks 08:46:53 [INFO] Executed tasks 08:46:53 [INFO] 08:46:53 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:46:53 [INFO] Checking for updates 08:46:53 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:53 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:53 [INFO] Check for updates complete (66 ms) 08:46:53 [INFO] 08:46:53 08:46:53 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:46:53 08:46:53 08:46:53 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:46:53 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:46:53 08:46:53 💖 Sponsor: https://github.com/sponsors/jeremylong 08:46:53 08:46:53 08:46:53 [INFO] Analysis Started 08:46:53 [INFO] Finished File Name Analyzer (0 seconds) 08:46:53 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:46:53 [INFO] Finished Hint Analyzer (0 seconds) 08:46:53 [INFO] Finished Version Filter Analyzer (0 seconds) 08:46:54 [INFO] Created CPE Index (1 seconds) 08:46:54 [INFO] Finished CPE Analyzer (1 seconds) 08:46:54 [INFO] Finished False Positive Analyzer (0 seconds) 08:46:54 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:46:54 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:46:54 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:46:54 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:46:54 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:46:54 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:46:54 [INFO] Analysis Complete (1 seconds) 08:46:54 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:46:54 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:46:54 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:46:54 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:46:54 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:46:54 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:46:54 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:46:54 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:46:54 [INFO] 08:46:54 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 08:46:54 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 08:46:54 [INFO] --------------------------------[ pom ]--------------------------------- 08:46:54 [INFO] 08:46:54 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:46:54 [INFO] 08:46:54 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:46:54 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 08:46:54 [INFO] 08:46:54 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:46:54 [INFO] Executing tasks 08:46:59 [INFO] Executed tasks 08:46:59 [INFO] 08:46:59 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:46:59 [INFO] Checking for updates 08:46:59 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:46:59 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:46:59 [INFO] Check for updates complete (70 ms) 08:47:00 [INFO] 08:47:00 08:47:00 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:00 08:47:00 08:47:00 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:00 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:00 08:47:00 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:00 08:47:00 08:47:00 [INFO] Analysis Started 08:47:00 [INFO] Finished File Name Analyzer (0 seconds) 08:47:00 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:00 [INFO] Finished Hint Analyzer (0 seconds) 08:47:00 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:01 [INFO] Created CPE Index (1 seconds) 08:47:01 [INFO] Finished CPE Analyzer (1 seconds) 08:47:01 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:01 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:01 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:01 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:01 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:01 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:01 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:01 [INFO] Analysis Complete (1 seconds) 08:47:01 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:01 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:01 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:01 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:01 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:01 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:01 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:01 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:01 [INFO] 08:47:01 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 08:47:01 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 08:47:01 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:01 [INFO] 08:47:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:47:01 [INFO] 08:47:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:47:01 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 08:47:01 [INFO] 08:47:01 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:47:01 [INFO] Executing tasks 08:47:06 [INFO] Executed tasks 08:47:06 [INFO] 08:47:06 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:47:06 [INFO] Checking for updates 08:47:06 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:06 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:06 [INFO] Check for updates complete (65 ms) 08:47:07 [INFO] 08:47:07 08:47:07 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:07 08:47:07 08:47:07 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:07 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:07 08:47:07 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:07 08:47:07 08:47:07 [INFO] Analysis Started 08:47:07 [INFO] Finished File Name Analyzer (0 seconds) 08:47:07 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:07 [INFO] Finished Hint Analyzer (0 seconds) 08:47:07 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:08 [INFO] Created CPE Index (1 seconds) 08:47:08 [INFO] Finished CPE Analyzer (1 seconds) 08:47:08 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:08 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:08 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:08 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:08 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:08 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:08 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:08 [INFO] Analysis Complete (1 seconds) 08:47:08 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:08 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:08 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:08 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:08 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:08 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:08 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:08 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:08 [INFO] 08:47:08 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 08:47:08 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 08:47:08 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:08 [INFO] 08:47:08 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:47:08 [INFO] 08:47:08 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:47:08 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 08:47:08 [INFO] 08:47:08 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:47:08 [INFO] Executing tasks 08:47:13 [INFO] Executed tasks 08:47:13 [INFO] 08:47:13 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:47:13 [INFO] Checking for updates 08:47:13 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:13 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:13 [INFO] Check for updates complete (66 ms) 08:47:13 [INFO] 08:47:13 08:47:13 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:13 08:47:13 08:47:13 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:13 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:13 08:47:13 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:13 08:47:13 08:47:13 [INFO] Analysis Started 08:47:13 [INFO] Finished File Name Analyzer (0 seconds) 08:47:13 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:13 [INFO] Finished Hint Analyzer (0 seconds) 08:47:13 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:15 [INFO] Created CPE Index (1 seconds) 08:47:15 [INFO] Finished CPE Analyzer (1 seconds) 08:47:15 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:15 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:15 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:15 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:15 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:15 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:15 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:15 [INFO] Analysis Complete (1 seconds) 08:47:15 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:15 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:15 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:15 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:15 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:15 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:15 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:15 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:15 [INFO] 08:47:15 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 08:47:15 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 08:47:15 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:15 [INFO] 08:47:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:47:15 [INFO] 08:47:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:47:15 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 08:47:15 [INFO] 08:47:15 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:47:15 [INFO] Executing tasks 08:47:20 [INFO] Executed tasks 08:47:20 [INFO] 08:47:20 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:47:20 [INFO] Checking for updates 08:47:20 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:20 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:20 [INFO] Check for updates complete (68 ms) 08:47:20 [INFO] 08:47:20 08:47:20 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:20 08:47:20 08:47:20 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:20 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:20 08:47:20 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:20 08:47:20 08:47:20 [INFO] Analysis Started 08:47:20 [INFO] Finished File Name Analyzer (0 seconds) 08:47:20 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:20 [INFO] Finished Hint Analyzer (0 seconds) 08:47:20 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:22 [INFO] Created CPE Index (1 seconds) 08:47:22 [INFO] Finished CPE Analyzer (1 seconds) 08:47:22 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:22 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:22 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:22 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:22 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:22 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:22 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:22 [INFO] Analysis Complete (1 seconds) 08:47:22 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:22 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:22 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:22 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:22 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:22 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:22 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:22 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:22 [INFO] 08:47:22 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 08:47:22 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 08:47:22 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:22 [INFO] 08:47:22 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:47:22 [INFO] 08:47:22 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:47:22 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 08:47:22 [INFO] 08:47:22 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:47:22 [INFO] Executing tasks 08:47:27 [INFO] Executed tasks 08:47:27 [INFO] 08:47:27 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:47:27 [INFO] Checking for updates 08:47:27 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:27 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:27 [INFO] Check for updates complete (67 ms) 08:47:27 [INFO] 08:47:27 08:47:27 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:27 08:47:27 08:47:27 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:27 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:27 08:47:27 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:27 08:47:27 08:47:27 [INFO] Analysis Started 08:47:27 [INFO] Finished File Name Analyzer (0 seconds) 08:47:27 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:27 [INFO] Finished Hint Analyzer (0 seconds) 08:47:27 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:28 [INFO] Created CPE Index (1 seconds) 08:47:29 [INFO] Finished CPE Analyzer (1 seconds) 08:47:29 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:29 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:29 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:29 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:29 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:29 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:29 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:29 [INFO] Analysis Complete (1 seconds) 08:47:29 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:29 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:29 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:29 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:29 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:29 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:29 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:29 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:29 [INFO] 08:47:29 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 08:47:29 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 08:47:29 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:29 [INFO] 08:47:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:47:29 [INFO] 08:47:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:47:29 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 08:47:29 [INFO] 08:47:29 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:47:29 [INFO] Executing tasks 08:47:34 [INFO] Executed tasks 08:47:34 [INFO] 08:47:34 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:47:34 [INFO] Checking for updates 08:47:34 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:34 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:34 [INFO] Check for updates complete (82 ms) 08:47:34 [INFO] 08:47:34 08:47:34 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:34 08:47:34 08:47:34 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:34 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:34 08:47:34 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:34 08:47:34 08:47:34 [INFO] Analysis Started 08:47:34 [INFO] Finished File Name Analyzer (0 seconds) 08:47:34 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:34 [INFO] Finished Hint Analyzer (0 seconds) 08:47:34 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:36 [INFO] Created CPE Index (1 seconds) 08:47:36 [INFO] Finished CPE Analyzer (1 seconds) 08:47:36 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:36 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:36 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:36 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:36 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:36 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:36 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:36 [INFO] Analysis Complete (1 seconds) 08:47:36 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:36 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:36 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:36 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:36 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:36 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:36 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:36 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:36 [INFO] 08:47:36 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 08:47:36 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 08:47:36 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:36 [INFO] 08:47:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:47:36 [INFO] 08:47:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:47:36 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 08:47:36 [INFO] 08:47:36 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:47:36 [INFO] Executing tasks 08:47:41 [INFO] Executed tasks 08:47:41 [INFO] 08:47:41 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:47:41 [INFO] Checking for updates 08:47:41 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:41 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:41 [INFO] Check for updates complete (66 ms) 08:47:41 [INFO] 08:47:41 08:47:41 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:41 08:47:41 08:47:41 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:41 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:41 08:47:41 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:41 08:47:41 08:47:41 [INFO] Analysis Started 08:47:41 [INFO] Finished File Name Analyzer (0 seconds) 08:47:41 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:41 [INFO] Finished Hint Analyzer (0 seconds) 08:47:41 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:43 [INFO] Created CPE Index (1 seconds) 08:47:43 [INFO] Finished CPE Analyzer (1 seconds) 08:47:43 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:43 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:43 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:43 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:43 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:43 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:43 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:43 [INFO] Analysis Complete (1 seconds) 08:47:43 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:43 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:43 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:43 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:43 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:43 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:43 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:43 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:43 [INFO] 08:47:43 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 08:47:43 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 08:47:43 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:43 [INFO] 08:47:43 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:47:43 [INFO] 08:47:43 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:47:43 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 08:47:43 [INFO] 08:47:43 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:47:43 [INFO] Executing tasks 08:47:48 [INFO] Executed tasks 08:47:48 [INFO] 08:47:48 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:47:48 [INFO] Checking for updates 08:47:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:48 [INFO] Check for updates complete (66 ms) 08:47:48 [INFO] 08:47:48 08:47:48 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:48 08:47:48 08:47:48 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:48 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:48 08:47:48 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:48 08:47:48 08:47:48 [INFO] Analysis Started 08:47:48 [INFO] Finished File Name Analyzer (0 seconds) 08:47:48 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:48 [INFO] Finished Hint Analyzer (0 seconds) 08:47:48 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:49 [INFO] Created CPE Index (1 seconds) 08:47:49 [INFO] Finished CPE Analyzer (1 seconds) 08:47:49 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:49 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:49 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:49 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:49 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:49 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:49 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:49 [INFO] Analysis Complete (1 seconds) 08:47:49 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:49 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:49 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:49 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:49 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:49 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:50 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:50 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:50 [INFO] 08:47:50 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 08:47:50 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 08:47:50 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:50 [INFO] 08:47:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:47:50 [INFO] 08:47:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:47:50 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 08:47:50 [INFO] 08:47:50 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:47:50 [INFO] Executing tasks 08:47:55 [INFO] Executed tasks 08:47:55 [INFO] 08:47:55 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:47:55 [INFO] Checking for updates 08:47:55 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:47:55 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:47:55 [INFO] Check for updates complete (64 ms) 08:47:55 [INFO] 08:47:55 08:47:55 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:47:55 08:47:55 08:47:55 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:47:55 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:47:55 08:47:55 💖 Sponsor: https://github.com/sponsors/jeremylong 08:47:55 08:47:55 08:47:55 [INFO] Analysis Started 08:47:55 [INFO] Finished File Name Analyzer (0 seconds) 08:47:55 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:47:55 [INFO] Finished Hint Analyzer (0 seconds) 08:47:55 [INFO] Finished Version Filter Analyzer (0 seconds) 08:47:56 [INFO] Created CPE Index (1 seconds) 08:47:56 [INFO] Finished CPE Analyzer (1 seconds) 08:47:56 [INFO] Finished False Positive Analyzer (0 seconds) 08:47:56 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:47:56 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:47:56 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:47:56 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:47:56 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:47:56 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:47:56 [INFO] Analysis Complete (1 seconds) 08:47:56 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:47:56 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:47:56 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:47:56 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:47:56 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:47:56 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:47:56 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:47:56 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:47:56 [INFO] 08:47:56 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 08:47:56 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 08:47:56 [INFO] --------------------------------[ pom ]--------------------------------- 08:47:56 [INFO] 08:47:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:47:56 [INFO] 08:47:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:47:56 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 08:47:56 [INFO] 08:47:56 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:47:56 [INFO] Executing tasks 08:48:01 [INFO] Executed tasks 08:48:01 [INFO] 08:48:01 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:48:01 [INFO] Checking for updates 08:48:01 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:02 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:02 [INFO] Check for updates complete (72 ms) 08:48:02 [INFO] 08:48:02 08:48:02 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:02 08:48:02 08:48:02 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:02 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:02 08:48:02 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:02 08:48:02 08:48:02 [INFO] Analysis Started 08:48:02 [INFO] Finished File Name Analyzer (0 seconds) 08:48:02 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:02 [INFO] Finished Hint Analyzer (0 seconds) 08:48:02 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:03 [INFO] Created CPE Index (1 seconds) 08:48:03 [INFO] Finished CPE Analyzer (1 seconds) 08:48:03 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:03 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:03 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:03 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:03 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:03 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:03 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:03 [INFO] Analysis Complete (1 seconds) 08:48:03 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:48:03 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:48:03 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:48:03 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:48:03 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:48:03 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:48:03 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:48:03 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:48:03 [INFO] 08:48:03 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 08:48:03 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 08:48:03 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:03 [INFO] 08:48:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:48:03 [INFO] 08:48:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:48:03 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 08:48:03 [INFO] 08:48:03 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:48:03 [INFO] Executing tasks 08:48:08 [INFO] Executed tasks 08:48:08 [INFO] 08:48:08 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:48:08 [INFO] Checking for updates 08:48:08 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:08 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:08 [INFO] Check for updates complete (68 ms) 08:48:09 [INFO] 08:48:09 08:48:09 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:09 08:48:09 08:48:09 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:09 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:09 08:48:09 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:09 08:48:09 08:48:09 [INFO] Analysis Started 08:48:09 [INFO] Finished File Name Analyzer (0 seconds) 08:48:09 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:09 [INFO] Finished Hint Analyzer (0 seconds) 08:48:09 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:10 [INFO] Created CPE Index (1 seconds) 08:48:10 [INFO] Finished CPE Analyzer (1 seconds) 08:48:10 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:10 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:10 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:10 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:10 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:10 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:10 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:10 [INFO] Analysis Complete (1 seconds) 08:48:10 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:48:10 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:48:10 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:48:10 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:48:10 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:48:10 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:48:10 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:48:10 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:48:10 [INFO] 08:48:10 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 08:48:10 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 08:48:10 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:10 [INFO] 08:48:10 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:48:10 [INFO] 08:48:10 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:48:10 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 08:48:10 [INFO] 08:48:10 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:48:10 [INFO] Executing tasks 08:48:15 [INFO] Executed tasks 08:48:15 [INFO] 08:48:15 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:48:15 [INFO] Checking for updates 08:48:15 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:15 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:15 [INFO] Check for updates complete (67 ms) 08:48:15 [INFO] 08:48:15 08:48:15 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:15 08:48:15 08:48:15 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:15 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:15 08:48:15 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:15 08:48:15 08:48:15 [INFO] Analysis Started 08:48:15 [INFO] Finished File Name Analyzer (0 seconds) 08:48:15 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:15 [INFO] Finished Hint Analyzer (0 seconds) 08:48:15 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:17 [INFO] Created CPE Index (1 seconds) 08:48:17 [INFO] Finished CPE Analyzer (1 seconds) 08:48:17 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:17 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:17 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:17 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:17 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:17 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:17 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:17 [INFO] Analysis Complete (1 seconds) 08:48:17 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:48:17 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:48:17 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:48:17 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:48:17 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:48:17 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:48:17 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:48:17 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:48:17 [INFO] 08:48:17 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 08:48:17 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 08:48:17 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:17 [INFO] 08:48:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:48:17 [INFO] 08:48:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:48:17 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 08:48:17 [INFO] 08:48:17 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:48:17 [INFO] Executing tasks 08:48:22 [INFO] Executed tasks 08:48:22 [INFO] 08:48:22 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:48:22 [INFO] Checking for updates 08:48:22 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:22 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:22 [INFO] Check for updates complete (67 ms) 08:48:22 [INFO] 08:48:22 08:48:22 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:22 08:48:22 08:48:22 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:22 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:22 08:48:22 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:22 08:48:22 08:48:22 [INFO] Analysis Started 08:48:22 [INFO] Finished File Name Analyzer (0 seconds) 08:48:22 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:22 [INFO] Finished Hint Analyzer (0 seconds) 08:48:22 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:24 [INFO] Created CPE Index (1 seconds) 08:48:24 [INFO] Finished CPE Analyzer (1 seconds) 08:48:24 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:24 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:24 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:24 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:24 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:24 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:24 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:24 [INFO] Analysis Complete (1 seconds) 08:48:24 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:48:24 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:48:24 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:48:24 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:48:24 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:48:24 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:48:24 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:48:24 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:48:24 [INFO] 08:48:24 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 08:48:24 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 08:48:24 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:24 [INFO] 08:48:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:48:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 08:48:24 [INFO] 08:48:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:48:24 [INFO] 08:48:24 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:48:24 [INFO] Executing tasks 08:48:29 [INFO] Executed tasks 08:48:29 [INFO] 08:48:29 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:48:29 [INFO] Checking for updates 08:48:29 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:29 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:29 [INFO] Check for updates complete (66 ms) 08:48:29 [INFO] 08:48:29 08:48:29 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:29 08:48:29 08:48:29 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:29 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:29 08:48:29 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:29 08:48:29 08:48:29 [INFO] Analysis Started 08:48:29 [INFO] Finished File Name Analyzer (0 seconds) 08:48:29 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:29 [INFO] Finished Hint Analyzer (0 seconds) 08:48:29 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:31 [INFO] Created CPE Index (1 seconds) 08:48:31 [INFO] Finished CPE Analyzer (1 seconds) 08:48:31 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:31 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:31 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:31 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:31 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:31 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:31 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:31 [INFO] Analysis Complete (1 seconds) 08:48:31 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 08:48:31 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 08:48:31 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 08:48:31 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 08:48:31 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 08:48:31 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 08:48:31 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 08:48:31 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 08:48:31 [INFO] 08:48:31 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 08:48:31 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 08:48:31 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:31 [INFO] 08:48:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 08:48:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 08:48:31 [INFO] 08:48:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 08:48:31 [INFO] 08:48:31 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 08:48:31 [INFO] Executing tasks 08:48:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 08:48:31 [INFO] Executed tasks 08:48:31 [INFO] 08:48:31 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.test --- 08:48:31 [INFO] Executing tasks 08:48:36 [INFO] Executed tasks 08:48:36 [INFO] 08:48:36 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.test --- 08:48:36 [INFO] Checking for updates 08:48:36 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:36 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:36 [INFO] Check for updates complete (77 ms) 08:48:36 [INFO] 08:48:36 08:48:36 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:36 08:48:36 08:48:36 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:36 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:36 08:48:36 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:36 08:48:36 08:48:36 [INFO] Analysis Started 08:48:36 [INFO] Finished File Name Analyzer (0 seconds) 08:48:36 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:36 [INFO] Finished Hint Analyzer (0 seconds) 08:48:36 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:38 [INFO] Created CPE Index (1 seconds) 08:48:38 [INFO] Finished CPE Analyzer (1 seconds) 08:48:38 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:38 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:38 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:38 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:38 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:38 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:38 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:38 [INFO] Analysis Complete (1 seconds) 08:48:38 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 08:48:38 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 08:48:38 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 08:48:38 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 08:48:38 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 08:48:38 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 08:48:38 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 08:48:38 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 08:48:38 [INFO] 08:48:38 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 08:48:38 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 08:48:38 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:38 [INFO] 08:48:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 08:48:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 08:48:38 [INFO] 08:48:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 08:48:38 [INFO] 08:48:38 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.staticAnalysis --- 08:48:38 [INFO] Executing tasks 08:48:43 [INFO] Executed tasks 08:48:43 [INFO] 08:48:43 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.staticAnalysis --- 08:48:43 [INFO] Checking for updates 08:48:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:43 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:43 [INFO] Check for updates complete (63 ms) 08:48:43 [INFO] 08:48:43 08:48:43 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:43 08:48:43 08:48:43 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:43 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:43 08:48:43 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:43 08:48:43 08:48:43 [INFO] Analysis Started 08:48:43 [INFO] Finished File Name Analyzer (0 seconds) 08:48:43 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:43 [INFO] Finished Hint Analyzer (0 seconds) 08:48:43 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:45 [INFO] Created CPE Index (1 seconds) 08:48:45 [INFO] Finished CPE Analyzer (1 seconds) 08:48:45 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:45 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:45 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:45 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:45 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:45 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:45 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:45 [INFO] Analysis Complete (1 seconds) 08:48:45 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 08:48:45 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 08:48:45 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 08:48:45 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 08:48:45 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 08:48:45 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 08:48:45 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 08:48:45 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 08:48:45 [INFO] 08:48:45 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 08:48:45 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 08:48:45 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:45 [INFO] 08:48:45 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:48:45 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 08:48:45 [INFO] 08:48:45 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:48:45 [INFO] 08:48:45 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:48:45 [INFO] Executing tasks 08:48:50 [INFO] Executed tasks 08:48:50 [INFO] 08:48:50 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:48:50 [INFO] Checking for updates 08:48:50 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:50 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:50 [INFO] Check for updates complete (65 ms) 08:48:50 [INFO] 08:48:50 08:48:50 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:50 08:48:50 08:48:50 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:50 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:50 08:48:50 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:50 08:48:50 08:48:50 [INFO] Analysis Started 08:48:50 [INFO] Finished File Name Analyzer (0 seconds) 08:48:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:50 [INFO] Finished Hint Analyzer (0 seconds) 08:48:50 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:51 [INFO] Created CPE Index (1 seconds) 08:48:51 [INFO] Finished CPE Analyzer (1 seconds) 08:48:51 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:51 [INFO] Analysis Complete (1 seconds) 08:48:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 08:48:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 08:48:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 08:48:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 08:48:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 08:48:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 08:48:52 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 08:48:52 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 08:48:52 [INFO] 08:48:52 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 08:48:52 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 08:48:52 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:52 [INFO] 08:48:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 08:48:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 08:48:52 [INFO] 08:48:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 08:48:52 [INFO] 08:48:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.coverage --- 08:48:52 [INFO] Executing tasks 08:48:57 [INFO] Executed tasks 08:48:57 [INFO] 08:48:57 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.coverage --- 08:48:57 [INFO] Checking for updates 08:48:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 08:48:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 08:48:57 [INFO] Check for updates complete (64 ms) 08:48:57 [INFO] 08:48:57 08:48:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 08:48:57 08:48:57 08:48:57 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 08:48:57 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 08:48:57 08:48:57 💖 Sponsor: https://github.com/sponsors/jeremylong 08:48:57 08:48:57 08:48:57 [INFO] Analysis Started 08:48:57 [INFO] Finished File Name Analyzer (0 seconds) 08:48:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 08:48:57 [INFO] Finished Hint Analyzer (0 seconds) 08:48:57 [INFO] Finished Version Filter Analyzer (0 seconds) 08:48:58 [INFO] Created CPE Index (1 seconds) 08:48:58 [INFO] Finished CPE Analyzer (1 seconds) 08:48:58 [INFO] Finished False Positive Analyzer (0 seconds) 08:48:58 [INFO] Finished NVD CVE Analyzer (0 seconds) 08:48:58 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 08:48:58 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 08:48:58 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 08:48:58 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 08:48:58 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 08:48:58 [INFO] Analysis Complete (1 seconds) 08:48:58 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 08:48:58 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 08:48:58 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 08:48:58 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 08:48:58 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 08:48:58 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 08:48:58 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 08:48:58 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 08:48:58 [INFO] 08:48:58 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 08:48:58 [INFO] Building compile 1.0 [60/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 08:48:58 [INFO] Building package 1.0 [61/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 08:48:58 [INFO] Building testsuite.utils 1.0 [62/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 08:48:58 [INFO] Building testsuite.utils.sql 1.0 [63/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 08:48:58 [INFO] Building testsuite.pdd.core 1.0 [64/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 08:48:58 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 08:48:58 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 08:48:58 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 08:48:58 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] 08:48:58 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 08:48:58 [INFO] Building coverage.jacoco 1.0 [69/69] 08:48:58 [INFO] --------------------------------[ pom ]--------------------------------- 08:48:58 [INFO] ------------------------------------------------------------------------ 08:48:58 [INFO] Reactor Summary for govway 1.0: 08:48:58 [INFO] 08:48:58 [INFO] govway ............................................. SUCCESS [ 0.004 s] 08:48:58 [INFO] dependencies ....................................... SUCCESS [01:12 min] 08:48:58 [INFO] dependencies.ant ................................... SUCCESS [ 8.768 s] 08:48:58 [INFO] dependencies.antinstaller .......................... SUCCESS [ 7.882 s] 08:48:58 [INFO] dependencies.axiom ................................. SUCCESS [ 7.733 s] 08:48:58 [INFO] dependencies.bean-validation ....................... SUCCESS [ 7.470 s] 08:48:58 [INFO] dependencies.cxf ................................... SUCCESS [ 8.256 s] 08:48:58 [INFO] dependencies.commons ............................... SUCCESS [ 7.953 s] 08:48:58 [INFO] dependencies.faces ................................. SUCCESS [ 18.315 s] 08:48:58 [INFO] dependencies.git ................................... SUCCESS [ 7.292 s] 08:48:58 [INFO] dependencies.httpcore .............................. SUCCESS [ 7.614 s] 08:48:58 [INFO] dependencies.jackson ............................... SUCCESS [ 7.342 s] 08:48:58 [INFO] dependencies.javax ................................. SUCCESS [ 7.619 s] 08:48:58 [INFO] dependencies.jax ................................... SUCCESS [ 7.677 s] 08:48:58 [INFO] dependencies.jetty ................................. SUCCESS [ 7.318 s] 08:48:58 [INFO] dependencies.jminix ................................ SUCCESS [ 8.764 s] 08:48:58 [INFO] dependencies.json .................................. SUCCESS [ 7.513 s] 08:48:58 [INFO] dependencies.log ................................... SUCCESS [ 7.321 s] 08:48:58 [INFO] dependencies.lucene ................................ SUCCESS [ 7.216 s] 08:48:58 [INFO] dependencies.openapi4j ............................. SUCCESS [ 7.262 s] 08:48:58 [INFO] dependencies.opensaml .............................. SUCCESS [ 7.301 s] 08:48:58 [INFO] dependencies.pdf ................................... SUCCESS [ 7.174 s] 08:48:58 [INFO] dependencies.redis ................................. SUCCESS [ 7.742 s] 08:48:58 [INFO] dependencies.reports ............................... SUCCESS [ 7.482 s] 08:48:58 [INFO] dependencies.saaj .................................. SUCCESS [ 7.186 s] 08:48:58 [INFO] dependencies.security .............................. SUCCESS [ 7.620 s] 08:48:58 [INFO] dependencies.shared ................................ SUCCESS [ 9.833 s] 08:48:58 [INFO] dependencies.spring ................................ SUCCESS [ 7.570 s] 08:48:58 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 6.946 s] 08:48:58 [INFO] dependencies.spring-security ....................... SUCCESS [ 7.300 s] 08:48:58 [INFO] dependencies.swagger ............................... SUCCESS [ 16.019 s] 08:48:58 [INFO] dependencies.wadl .................................. SUCCESS [ 7.066 s] 08:48:58 [INFO] dependencies.wss4j ................................. SUCCESS [ 7.185 s] 08:48:58 [INFO] dependencies.testsuite ............................. SUCCESS [ 6.929 s] 08:48:58 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 6.915 s] 08:48:58 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 7.624 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 6.904 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 7.099 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 6.974 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 6.892 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 6.824 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 6.902 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 6.856 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 6.849 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 6.904 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 6.867 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 7.165 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 6.879 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 6.823 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 6.818 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 6.851 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 6.855 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 6.913 s] 08:48:58 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 6.923 s] 08:48:58 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 6.943 s] 08:48:58 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 7.040 s] 08:48:58 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 6.829 s] 08:48:58 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 6.825 s] 08:48:58 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 6.829 s] 08:48:58 [INFO] compile ............................................ SUCCESS [ 0.001 s] 08:48:58 [INFO] package ............................................ SUCCESS [ 0.001 s] 08:48:58 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 08:48:58 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 08:48:58 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 08:48:58 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 08:48:58 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 08:48:58 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 08:48:58 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 08:48:58 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 08:48:58 [INFO] ------------------------------------------------------------------------ 08:48:58 [INFO] BUILD SUCCESS 08:48:58 [INFO] ------------------------------------------------------------------------ 08:48:58 [INFO] Total time: 08:29 min 08:48:58 [INFO] Finished at: 2025-12-06T08:48:58+01:00 08:48:58 [INFO] ------------------------------------------------------------------------ 08:48:59 [GovWay] $ /bin/bash /tmp/jenkins12278567508647001448.sh 08:48:59 Pubblicazione risultati dependency check ... 08:48:59 cp: cannot create directory ‘/opt/apache-tomcat-9.0.91/webapps/dependency-check/result’: No such file or directory 08:48:59 Pubblicazione risultati dependency check effettuata 08:48:59 Pubblicazione installer su risultati testsuite ... 08:48:59 Pubblicazione installer su risultati testsuite effettuata 08:48:59 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=compile -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true compile 08:49:01 [INFO] Scanning for projects... 08:49:01 [INFO] ------------------------------------------------------------------------ 08:49:01 [INFO] Reactor Build Order: 08:49:01 [INFO] 08:49:01 [INFO] govway [pom] 08:49:01 [INFO] dependencies [pom] 08:49:01 [INFO] dependencies.ant [pom] 08:49:01 [INFO] dependencies.antinstaller [pom] 08:49:01 [INFO] dependencies.axiom [pom] 08:49:01 [INFO] dependencies.bean-validation [pom] 08:49:01 [INFO] dependencies.cxf [pom] 08:49:01 [INFO] dependencies.commons [pom] 08:49:01 [INFO] dependencies.faces [pom] 08:49:01 [INFO] dependencies.git [pom] 08:49:01 [INFO] dependencies.httpcore [pom] 08:49:01 [INFO] dependencies.jackson [pom] 08:49:01 [INFO] dependencies.javax [pom] 08:49:01 [INFO] dependencies.jax [pom] 08:49:01 [INFO] dependencies.jetty [pom] 08:49:01 [INFO] dependencies.jminix [pom] 08:49:01 [INFO] dependencies.json [pom] 08:49:01 [INFO] dependencies.log [pom] 08:49:01 [INFO] dependencies.lucene [pom] 08:49:01 [INFO] dependencies.openapi4j [pom] 08:49:01 [INFO] dependencies.opensaml [pom] 08:49:01 [INFO] dependencies.pdf [pom] 08:49:01 [INFO] dependencies.redis [pom] 08:49:01 [INFO] dependencies.reports [pom] 08:49:01 [INFO] dependencies.saaj [pom] 08:49:01 [INFO] dependencies.security [pom] 08:49:01 [INFO] dependencies.shared [pom] 08:49:01 [INFO] dependencies.spring [pom] 08:49:01 [INFO] dependencies.spring-ldap [pom] 08:49:01 [INFO] dependencies.spring-security [pom] 08:49:01 [INFO] dependencies.swagger [pom] 08:49:01 [INFO] dependencies.wadl [pom] 08:49:01 [INFO] dependencies.wss4j [pom] 08:49:01 [INFO] dependencies.testsuite [pom] 08:49:01 [INFO] dependencies.testsuite.axis14 [pom] 08:49:01 [INFO] dependencies.testsuite.as [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly9 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly10 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly11 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly12 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly13 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly14 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly15 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly16 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly17 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly18 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly19 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly20 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly21 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly22 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly23 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly24 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly25 [pom] 08:49:01 [INFO] dependencies.testsuite.as.wildfly26 [pom] 08:49:01 [INFO] dependencies.testsuite.as.tomcat9 [pom] 08:49:01 [INFO] dependencies.testsuite.test [pom] 08:49:01 [INFO] dependencies.testsuite.staticAnalysis [pom] 08:49:01 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 08:49:01 [INFO] dependencies.testsuite.coverage [pom] 08:49:01 [INFO] dependencies.soapbox [pom] 08:49:01 [INFO] compile [pom] 08:49:01 [INFO] package [pom] 08:49:01 [INFO] testsuite.utils [pom] 08:49:01 [INFO] testsuite.utils.sql [pom] 08:49:01 [INFO] testsuite.pdd.core [pom] 08:49:01 [INFO] testsuite.pdd.core.sql [pom] 08:49:01 [INFO] static_analysis.spotbugs [pom] 08:49:01 [INFO] static_analysis.sonarqube [pom] 08:49:01 [INFO] dynamic_analysis.zap [pom] 08:49:01 [INFO] coverage.jacoco [pom] 08:49:01 [INFO] 08:49:01 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 08:49:01 [INFO] Building govway 1.0 [1/70] 08:49:01 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:01 [INFO] 08:49:01 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 08:49:01 [INFO] Building dependencies 1.0 [2/70] 08:49:01 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:01 [INFO] 08:49:01 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 08:49:01 [INFO] Building dependencies.ant 1.0 [3/70] 08:49:01 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:01 [INFO] 08:49:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 08:49:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 08:49:01 [INFO] 08:49:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 08:49:02 [INFO] 08:49:02 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 08:49:02 [INFO] Building dependencies.antinstaller 1.0 [4/70] 08:49:02 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:02 [INFO] 08:49:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 08:49:02 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 08:49:02 [INFO] 08:49:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 08:49:02 [INFO] 08:49:02 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 08:49:02 [INFO] Building dependencies.axiom 1.0 [5/70] 08:49:02 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:03 [INFO] 08:49:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 08:49:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 08:49:03 [INFO] 08:49:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 08:49:03 [INFO] 08:49:03 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 08:49:03 [INFO] Executing tasks 08:49:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 08:49:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 08:49:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 08:49:03 [INFO] Executed tasks 08:49:03 [INFO] 08:49:03 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 08:49:03 [INFO] Building dependencies.bean-validation 1.0 [6/70] 08:49:03 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:03 [INFO] 08:49:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 08:49:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 08:49:03 [INFO] 08:49:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 08:49:03 [INFO] 08:49:03 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 08:49:03 [INFO] Building dependencies.cxf 1.0 [7/70] 08:49:03 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:03 [INFO] 08:49:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 08:49:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 08:49:03 [INFO] 08:49:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 08:49:03 [INFO] 08:49:03 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 08:49:03 [INFO] Executing tasks 08:49:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 08:49:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 08:49:03 [INFO] Executed tasks 08:49:03 [INFO] 08:49:03 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 08:49:03 [INFO] Building dependencies.commons 1.0 [8/70] 08:49:03 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:03 [INFO] 08:49:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 08:49:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 08:49:03 [INFO] 08:49:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 08:49:03 [INFO] 08:49:03 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 08:49:03 [INFO] Building dependencies.faces 1.0 [9/70] 08:49:03 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 08:49:04 [INFO] 08:49:04 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 08:49:04 [INFO] Building dependencies.git 1.0 [10/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 08:49:04 [INFO] 08:49:04 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 08:49:04 [INFO] Building dependencies.httpcore 1.0 [11/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 08:49:04 [INFO] Executing tasks 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 08:49:04 [INFO] Executed tasks 08:49:04 [INFO] 08:49:04 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 08:49:04 [INFO] Building dependencies.jackson 1.0 [12/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 08:49:04 [INFO] 08:49:04 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 08:49:04 [INFO] Building dependencies.javax 1.0 [13/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 08:49:04 [INFO] 08:49:04 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 08:49:04 [INFO] Building dependencies.jax 1.0 [14/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 08:49:04 [INFO] 08:49:04 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 08:49:04 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 08:49:04 [INFO] 08:49:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 08:49:04 [INFO] Executing tasks 08:49:04 [INFO] Executed tasks 08:49:04 [INFO] 08:49:04 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 08:49:04 [INFO] Building dependencies.jetty 1.0 [15/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 08:49:04 [INFO] 08:49:04 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 08:49:04 [INFO] Building dependencies.jminix 1.0 [16/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 08:49:04 [INFO] Executing tasks 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 08:49:04 [INFO] Executed tasks 08:49:04 [INFO] 08:49:04 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 08:49:04 [INFO] Building dependencies.json 1.0 [17/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 08:49:04 [INFO] Executing tasks 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 08:49:04 [INFO] Executed tasks 08:49:04 [INFO] 08:49:04 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 08:49:04 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 08:49:04 [INFO] 08:49:04 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 08:49:04 [INFO] Building dependencies.log 1.0 [18/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 08:49:04 [INFO] Executing tasks 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 08:49:04 [INFO] Executed tasks 08:49:04 [INFO] 08:49:04 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 08:49:04 [INFO] Building dependencies.lucene 1.0 [19/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 08:49:04 [INFO] 08:49:04 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 08:49:04 [INFO] Building dependencies.openapi4j 1.0 [20/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 08:49:04 [INFO] Executing tasks 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 08:49:04 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 08:49:04 [INFO] Executed tasks 08:49:04 [INFO] 08:49:04 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 08:49:04 [INFO] Building dependencies.opensaml 1.0 [21/70] 08:49:04 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:04 [INFO] 08:49:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 08:49:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 08:49:04 [INFO] 08:49:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 08:49:05 [INFO] 08:49:05 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 08:49:05 [INFO] Building dependencies.pdf 1.0 [22/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 08:49:05 [INFO] 08:49:05 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 08:49:05 [INFO] Building dependencies.redis 1.0 [23/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 08:49:05 [INFO] 08:49:05 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 08:49:05 [INFO] Building dependencies.reports 1.0 [24/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 08:49:05 [INFO] 08:49:05 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 08:49:05 [INFO] Building dependencies.saaj 1.0 [25/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 08:49:05 [INFO] Building dependencies.security 1.0 [26/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 08:49:05 [INFO] Building dependencies.shared 1.0 [27/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 08:49:05 [INFO] Building dependencies.spring 1.0 [28/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 08:49:05 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 08:49:05 [INFO] 08:49:05 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 08:49:05 [INFO] Building dependencies.spring-security 1.0 [30/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 08:49:05 [INFO] Building dependencies.swagger 1.0 [31/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 08:49:05 [INFO] Building dependencies.wadl 1.0 [32/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 08:49:05 [INFO] 08:49:05 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 08:49:05 [INFO] Building dependencies.wss4j 1.0 [33/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 08:49:05 [INFO] Building dependencies.testsuite 1.0 [34/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 08:49:05 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 08:49:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 08:49:05 [INFO] Executing tasks 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 08:49:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 08:49:05 [INFO] Executed tasks 08:49:05 [INFO] 08:49:05 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 08:49:05 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 08:49:05 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 08:49:05 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 08:49:05 [INFO] 08:49:05 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 08:49:05 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 08:49:05 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 08:49:05 [INFO] 08:49:05 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 08:49:05 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 08:49:05 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 08:49:05 [INFO] 08:49:05 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 08:49:05 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 08:49:05 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 08:49:05 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 08:49:05 [INFO] 08:49:05 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 08:49:05 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:49:05 [INFO] 08:49:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 08:49:05 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 08:49:05 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 08:49:05 [INFO] 08:49:05 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 08:49:05 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 08:49:05 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 08:49:06 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 08:49:06 [INFO] 08:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 08:49:06 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 08:49:06 [INFO] 08:49:06 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 08:49:06 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 08:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 08:49:06 [INFO] Executing tasks 08:49:06 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 08:49:06 [INFO] Executed tasks 08:49:06 [INFO] 08:49:06 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 08:49:06 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 08:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 08:49:06 [INFO] 08:49:06 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 08:49:06 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 08:49:06 [INFO] 08:49:06 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 08:49:06 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 08:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 08:49:06 [INFO] 08:49:06 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 08:49:06 [INFO] Building dependencies.soapbox 1.0 [60/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 08:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 08:49:06 [INFO] 08:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 08:49:06 [INFO] 08:49:06 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 08:49:06 [INFO] Building compile 1.0 [61/70] 08:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 08:49:06 [INFO] 08:49:06 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.compile --- 08:49:06 [INFO] Executing tasks 08:49:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist 08:49:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build 08:49:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/tmp 08:49:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 08:49:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:18 [WARNING] [echo] **************************************** 08:49:18 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:18 [WARNING] [echo] **************************************** 08:49:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils 08:49:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils] 08:49:18 [INFO] [javac] Compiling 37 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils_RELEASE.jar 08:49:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:26 [WARNING] [echo] **************************************** 08:49:26 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:26 [WARNING] [echo] **************************************** 08:49:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/instrument] 08:49:26 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-instrument_RELEASE.jar 08:49:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:30 [WARNING] [echo] **************************************** 08:49:30 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:30 [WARNING] [echo] **************************************** 08:49:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/resources] 08:49:30 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-resources_RELEASE.jar 08:49:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:35 [WARNING] [echo] **************************************** 08:49:35 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:35 [WARNING] [echo] **************************************** 08:49:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mime] 08:49:35 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mime_RELEASE.jar 08:49:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:39 [WARNING] [echo] **************************************** 08:49:39 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:39 [WARNING] [echo] **************************************** 08:49:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/date] 08:49:39 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-date_RELEASE.jar 08:49:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:43 [WARNING] [echo] **************************************** 08:49:43 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:43 [WARNING] [echo] **************************************** 08:49:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/io] 08:49:43 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-io_RELEASE.jar 08:49:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:47 [WARNING] [echo] **************************************** 08:49:47 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:47 [WARNING] [echo] **************************************** 08:49:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/random] 08:49:47 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-random_RELEASE.jar 08:49:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:51 [WARNING] [echo] **************************************** 08:49:51 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:51 [WARNING] [echo] **************************************** 08:49:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/properties] 08:49:51 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-properties_RELEASE.jar 08:49:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:55 [WARNING] [echo] **************************************** 08:49:55 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:55 [WARNING] [echo] **************************************** 08:49:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxb] 08:49:55 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:49:55 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxb_RELEASE.jar 08:49:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:49:58 [WARNING] [echo] **************************************** 08:49:58 [WARNING] [echo] **** DEBUG MODE ON ***** 08:49:58 [WARNING] [echo] **************************************** 08:49:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:49:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxrs] 08:49:58 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:49:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxrs_RELEASE.jar 08:49:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:02 [WARNING] [echo] **************************************** 08:50:02 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:02 [WARNING] [echo] **************************************** 08:50:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml] 08:50:02 [INFO] [javac] Compiling 41 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml_RELEASE.jar 08:50:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:07 [WARNING] [echo] **************************************** 08:50:07 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:07 [WARNING] [echo] **************************************** 08:50:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/json] 08:50:07 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-json_RELEASE.jar 08:50:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:12 [WARNING] [echo] **************************************** 08:50:12 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:12 [WARNING] [echo] **************************************** 08:50:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml2json] 08:50:12 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml2json_RELEASE.jar 08:50:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:15 [WARNING] [echo] **************************************** 08:50:15 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:15 [WARNING] [echo] **************************************** 08:50:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/digest] 08:50:15 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-digest_RELEASE.jar 08:50:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:19 [WARNING] [echo] **************************************** 08:50:19 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:19 [WARNING] [echo] **************************************** 08:50:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/regexp] 08:50:19 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-regexp_RELEASE.jar 08:50:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:23 [WARNING] [echo] **************************************** 08:50:23 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:23 [WARNING] [echo] **************************************** 08:50:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate] 08:50:23 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate_RELEASE.jar 08:50:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:28 [WARNING] [echo] **************************************** 08:50:28 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:28 [WARNING] [echo] **************************************** 08:50:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/transport] 08:50:28 [INFO] [javac] Compiling 65 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-transport_RELEASE.jar 08:50:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:33 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:33 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:33 [WARNING] [echo] **************************************** 08:50:33 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:33 [WARNING] [echo] **************************************** 08:50:33 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:33 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/ocsp] 08:50:33 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-ocsp_RELEASE.jar 08:50:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:37 [WARNING] [echo] **************************************** 08:50:37 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:37 [WARNING] [echo] **************************************** 08:50:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/remote] 08:50:37 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-remote_RELEASE.jar 08:50:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:41 [WARNING] [echo] **************************************** 08:50:41 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:41 [WARNING] [echo] **************************************** 08:50:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/byok] 08:50:41 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-byok_RELEASE.jar 08:50:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:44 [WARNING] [echo] **************************************** 08:50:44 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:44 [WARNING] [echo] **************************************** 08:50:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jmx] 08:50:44 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jmx_RELEASE.jar 08:50:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:48 [WARNING] [echo] **************************************** 08:50:48 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:48 [WARNING] [echo] **************************************** 08:50:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:48 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/cache] 08:50:48 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-cache_RELEASE.jar 08:50:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:52 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:52 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:52 [WARNING] [echo] **************************************** 08:50:52 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:52 [WARNING] [echo] **************************************** 08:50:52 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:52 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/checksum] 08:50:52 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-checksum_RELEASE.jar 08:50:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:55 [WARNING] [echo] **************************************** 08:50:55 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:55 [WARNING] [echo] **************************************** 08:50:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/crypt] 08:50:55 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-crypt_RELEASE.jar 08:50:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:50:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:50:59 [WARNING] [echo] **************************************** 08:50:59 [WARNING] [echo] **** DEBUG MODE ON ***** 08:50:59 [WARNING] [echo] **************************************** 08:50:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:50:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/csv] 08:50:59 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-csv_RELEASE.jar 08:51:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:03 [WARNING] [echo] **************************************** 08:51:03 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:03 [WARNING] [echo] **************************************** 08:51:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/dch] 08:51:03 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-dch_RELEASE.jar 08:51:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:06 [WARNING] [echo] **************************************** 08:51:06 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:06 [WARNING] [echo] **************************************** 08:51:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sql] 08:51:06 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sql_RELEASE.jar 08:51:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:11 [WARNING] [echo] **************************************** 08:51:11 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:11 [WARNING] [echo] **************************************** 08:51:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jdbc] 08:51:11 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jdbc_RELEASE.jar 08:51:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:15 [WARNING] [echo] **************************************** 08:51:15 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:15 [WARNING] [echo] **************************************** 08:51:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/id] 08:51:15 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-id_RELEASE.jar 08:51:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:19 [WARNING] [echo] **************************************** 08:51:19 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:19 [WARNING] [echo] **************************************** 08:51:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/serialization] 08:51:19 [INFO] [javac] Compiling 26 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-serialization_RELEASE.jar 08:51:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:23 [WARNING] [echo] **************************************** 08:51:23 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:23 [WARNING] [echo] **************************************** 08:51:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/logger] 08:51:23 [INFO] [javac] Compiling 77 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-logger_RELEASE.jar 08:51:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:27 [WARNING] [echo] **************************************** 08:51:27 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:27 [WARNING] [echo] **************************************** 08:51:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/service] 08:51:27 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-service_RELEASE.jar 08:51:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:31 [WARNING] [echo] **************************************** 08:51:31 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:31 [WARNING] [echo] **************************************** 08:51:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/beans] 08:51:31 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-beans_RELEASE.jar 08:51:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:36 [WARNING] [echo] **************************************** 08:51:36 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:36 [WARNING] [echo] **************************************** 08:51:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/security] 08:51:36 [INFO] [javac] Compiling 41 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-security_RELEASE.jar 08:51:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:40 [WARNING] [echo] **************************************** 08:51:40 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:40 [WARNING] [echo] **************************************** 08:51:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/pdf] 08:51:40 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-pdf_RELEASE.jar 08:51:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:44 [WARNING] [echo] **************************************** 08:51:44 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:44 [WARNING] [echo] **************************************** 08:51:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wsdl] 08:51:44 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wsdl_RELEASE.jar 08:51:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:48 [WARNING] [echo] **************************************** 08:51:48 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:48 [WARNING] [echo] **************************************** 08:51:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:48 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/rest] 08:51:48 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-rest_RELEASE.jar 08:51:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:51 [WARNING] [echo] **************************************** 08:51:51 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:51 [WARNING] [echo] **************************************** 08:51:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wadl] 08:51:51 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wadl_RELEASE.jar 08:51:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:55 [WARNING] [echo] **************************************** 08:51:55 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:55 [WARNING] [echo] **************************************** 08:51:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/openapi] 08:51:55 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-openapi_RELEASE.jar 08:51:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:51:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:51:59 [WARNING] [echo] **************************************** 08:51:59 [WARNING] [echo] **** DEBUG MODE ON ***** 08:51:59 [WARNING] [echo] **************************************** 08:51:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:51:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xacml] 08:51:59 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xacml_RELEASE.jar 08:52:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:03 [WARNING] [echo] **************************************** 08:52:03 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:03 [WARNING] [echo] **************************************** 08:52:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mail] 08:52:03 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mail_RELEASE.jar 08:52:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:07 [WARNING] [echo] **************************************** 08:52:07 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:07 [WARNING] [echo] **************************************** 08:52:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/datasource] 08:52:07 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-datasource_RELEASE.jar 08:52:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:11 [WARNING] [echo] **************************************** 08:52:11 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:11 [WARNING] [echo] **************************************** 08:52:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sonde] 08:52:11 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sonde_RELEASE.jar 08:52:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:14 [WARNING] [echo] **************************************** 08:52:14 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:14 [WARNING] [echo] **************************************** 08:52:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/semaphore] 08:52:14 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-semaphore_RELEASE.jar 08:52:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:18 [WARNING] [echo] **************************************** 08:52:18 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:18 [WARNING] [echo] **************************************** 08:52:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/threads] 08:52:18 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-threads_RELEASE.jar 08:52:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:21 [WARNING] [echo] **************************************** 08:52:21 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:21 [WARNING] [echo] **************************************** 08:52:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/oauth2] 08:52:21 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-oauth2_RELEASE.jar 08:52:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:25 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:52:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils_RELEASE.jar 08:52:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:32 [WARNING] [echo] **************************************** 08:52:32 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:32 [WARNING] [echo] **************************************** 08:52:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils-test 08:52:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/test] 08:52:32 [INFO] [javac] Compiling 66 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils-test/openspcoop2_utils-test_RELEASE.jar 08:52:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:36 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:52:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils-test_RELEASE.jar 08:52:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:43 [WARNING] [echo] **************************************** 08:52:43 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:43 [WARNING] [echo] **************************************** 08:52:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/generic_project/src/] 08:52:43 [INFO] [javac] Compiling 211 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_generic-project_RELEASE.jar 08:52:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:54 [WARNING] [echo] **************************************** 08:52:54 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:54 [WARNING] [echo] **************************************** 08:52:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/schemi 08:52:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-openspcoop2_RELEASE.jar 08:52:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:52:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:52:57 [WARNING] [echo] **************************************** 08:52:57 [WARNING] [echo] **** DEBUG MODE ON ***** 08:52:57 [WARNING] [echo] **************************************** 08:52:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:52:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-standard_RELEASE.jar 08:53:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:00 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:53:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_schemi-xsd_RELEASE.jar 08:53:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:04 [WARNING] [echo] **************************************** 08:53:04 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:04 [WARNING] [echo] **************************************** 08:53:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/message 08:53:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/context] 08:53:04 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:53:04 [INFO] [javac] Compiling 42 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message-context_RELEASE.jar 08:53:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:08 [WARNING] [echo] **************************************** 08:53:08 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:08 [WARNING] [echo] **************************************** 08:53:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message] 08:53:08 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message_RELEASE.jar 08:53:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:13 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:53:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_message_RELEASE.jar 08:53:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:19 [WARNING] [echo] **************************************** 08:53:19 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:19 [WARNING] [echo] **************************************** 08:53:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/core 08:53:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core] 08:53:20 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core_RELEASE.jar 08:53:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:23 [WARNING] [echo] **************************************** 08:53:23 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:23 [WARNING] [echo] **************************************** 08:53:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/id] 08:53:23 [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-id_RELEASE.jar 08:53:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:27 [WARNING] [echo] **************************************** 08:53:27 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:27 [WARNING] [echo] **************************************** 08:53:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons] 08:53:27 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons_RELEASE.jar 08:53:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:31 [WARNING] [echo] **************************************** 08:53:31 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:31 [WARNING] [echo] **************************************** 08:53:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/byok] 08:53:31 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-byok_RELEASE.jar 08:53:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:35 [WARNING] [echo] **************************************** 08:53:35 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:35 [WARNING] [echo] **************************************** 08:53:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config] 08:53:35 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:53:35 [INFO] [javac] Compiling 346 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:42 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:53:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config_RELEASE.jar 08:53:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:45 [WARNING] [echo] **************************************** 08:53:45 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:45 [WARNING] [echo] **************************************** 08:53:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry] 08:53:45 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:53:45 [INFO] [javac] Compiling 139 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:53:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry_RELEASE.jar 08:53:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:50 [WARNING] [echo] **************************************** 08:53:50 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:50 [WARNING] [echo] **************************************** 08:53:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/tracciamento] 08:53:50 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:53:50 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:51 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:53:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-tracciamento_RELEASE.jar 08:53:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:54 [WARNING] [echo] **************************************** 08:53:54 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:54 [WARNING] [echo] **************************************** 08:53:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/diagnostica] 08:53:54 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:53:54 [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-diagnostica_RELEASE.jar 08:53:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:53:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:53:58 [WARNING] [echo] **************************************** 08:53:58 [WARNING] [echo] **** DEBUG MODE ON ***** 08:53:58 [WARNING] [echo] **************************************** 08:53:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:53:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/transazioni] 08:53:58 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:53:58 [INFO] [javac] Compiling 144 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:01 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-transazioni_RELEASE.jar 08:54:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:04 [WARNING] [echo] **************************************** 08:54:04 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:04 [WARNING] [echo] **************************************** 08:54:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eventi] 08:54:04 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:04 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:05 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eventi_RELEASE.jar 08:54:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:08 [WARNING] [echo] **************************************** 08:54:08 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:08 [WARNING] [echo] **************************************** 08:54:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/statistiche] 08:54:08 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:08 [INFO] [javac] Compiling 108 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:10 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-statistiche_RELEASE.jar 08:54:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:13 [WARNING] [echo] **************************************** 08:54:13 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:13 [WARNING] [echo] **************************************** 08:54:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/plugins] 08:54:13 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:13 [INFO] [javac] Compiling 94 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:15 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-plugins_RELEASE.jar 08:54:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:18 [WARNING] [echo] **************************************** 08:54:18 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:18 [WARNING] [echo] **************************************** 08:54:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/controllo_traffico] 08:54:18 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:18 [INFO] [javac] Compiling 128 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:20 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-controllo_traffico_RELEASE.jar 08:54:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:23 [WARNING] [echo] **************************************** 08:54:23 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:23 [WARNING] [echo] **************************************** 08:54:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/allarmi] 08:54:23 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:23 [INFO] [javac] Compiling 76 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:24 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-allarmi_RELEASE.jar 08:54:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:27 [WARNING] [echo] **************************************** 08:54:27 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:27 [WARNING] [echo] **************************************** 08:54:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mapping] 08:54:27 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mapping_RELEASE.jar 08:54:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:31 [WARNING] [echo] **************************************** 08:54:31 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:31 [WARNING] [echo] **************************************** 08:54:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/details] 08:54:31 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:31 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:32 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-details_RELEASE.jar 08:54:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:35 [WARNING] [echo] **************************************** 08:54:35 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:35 [WARNING] [echo] **************************************** 08:54:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/router_details] 08:54:35 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:35 [INFO] [javac] Compiling 25 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-router_details_RELEASE.jar 08:54:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:39 [WARNING] [echo] **************************************** 08:54:39 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:39 [WARNING] [echo] **************************************** 08:54:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/errore_applicativo] 08:54:39 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:39 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:39 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:54:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-errore_applicativo_RELEASE.jar 08:54:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:42 [WARNING] [echo] **************************************** 08:54:42 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:42 [WARNING] [echo] **************************************** 08:54:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/integrazione] 08:54:42 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:54:42 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-integrazione_RELEASE.jar 08:54:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:46 [WARNING] [echo] **************************************** 08:54:46 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:46 [WARNING] [echo] **************************************** 08:54:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver] 08:54:46 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver_RELEASE.jar 08:54:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:49 [WARNING] [echo] **************************************** 08:54:49 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:49 [WARNING] [echo] **************************************** 08:54:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/db] 08:54:49 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-db_RELEASE.jar 08:54:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:55 [WARNING] [echo] **************************************** 08:54:55 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:55 [WARNING] [echo] **************************************** 08:54:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/xml] 08:54:55 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-xml_RELEASE.jar 08:54:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:54:58 [WARNING] [echo] **************************************** 08:54:58 [WARNING] [echo] **** DEBUG MODE ON ***** 08:54:58 [WARNING] [echo] **************************************** 08:54:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:54:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/utils] 08:54:59 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:54:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-utils_RELEASE.jar 08:54:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:02 [WARNING] [echo] **************************************** 08:55:02 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:02 [WARNING] [echo] **************************************** 08:55:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver] 08:55:02 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver_RELEASE.jar 08:55:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:08 [WARNING] [echo] **************************************** 08:55:08 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:08 [WARNING] [echo] **************************************** 08:55:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/wsdl] 08:55:08 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-wsdl_RELEASE.jar 08:55:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:12 [WARNING] [echo] **************************************** 08:55:12 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:12 [WARNING] [echo] **************************************** 08:55:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/rest] 08:55:12 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-rest_RELEASE.jar 08:55:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:15 [WARNING] [echo] **************************************** 08:55:15 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:15 [WARNING] [echo] **************************************** 08:55:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/db] 08:55:15 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-db_RELEASE.jar 08:55:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:20 [WARNING] [echo] **************************************** 08:55:20 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:20 [WARNING] [echo] **************************************** 08:55:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/xml] 08:55:20 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-xml_RELEASE.jar 08:55:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:24 [WARNING] [echo] **************************************** 08:55:24 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:24 [WARNING] [echo] **************************************** 08:55:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/web] 08:55:24 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-web_RELEASE.jar 08:55:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:27 [WARNING] [echo] **************************************** 08:55:27 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:27 [WARNING] [echo] **************************************** 08:55:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/uddi] 08:55:27 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-uddi_RELEASE.jar 08:55:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:31 [WARNING] [echo] **************************************** 08:55:31 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:31 [WARNING] [echo] **************************************** 08:55:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/ws] 08:55:31 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-ws_RELEASE.jar 08:55:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:35 [WARNING] [echo] **************************************** 08:55:35 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:35 [WARNING] [echo] **************************************** 08:55:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/utils] 08:55:35 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-utils_RELEASE.jar 08:55:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:39 [WARNING] [echo] **************************************** 08:55:39 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:39 [WARNING] [echo] **************************************** 08:55:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/search] 08:55:39 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:55:39 [INFO] [javac] Compiling 184 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:42 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:55:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-search_RELEASE.jar 08:55:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:46 [WARNING] [echo] **************************************** 08:55:46 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:46 [WARNING] [echo] **************************************** 08:55:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/dao] 08:55:46 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-dao_RELEASE.jar 08:55:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:49 [WARNING] [echo] **************************************** 08:55:49 [WARNING] [echo] **** DEBUG MODE ON ***** 08:55:49 [WARNING] [echo] **************************************** 08:55:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mvc/properties] 08:55:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:55:49 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:50 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:55:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mvc_properties_RELEASE.jar 08:55:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:55:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:55:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:55:53 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:55:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_core_RELEASE.jar 08:56:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:00 [WARNING] [echo] **************************************** 08:56:00 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:00 [WARNING] [echo] **************************************** 08:56:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol-api 08:56:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/manifest] 08:56:00 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:56:00 [INFO] [javac] Compiling 131 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:02 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:56:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-manifest_RELEASE.jar 08:56:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:05 [WARNING] [echo] **************************************** 08:56:05 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:05 [WARNING] [echo] **************************************** 08:56:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/information_missing] 08:56:05 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:56:05 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:06 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:56:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-information_missing_RELEASE.jar 08:56:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:09 [WARNING] [echo] **************************************** 08:56:09 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:09 [WARNING] [echo] **************************************** 08:56:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/sdk] 08:56:09 [INFO] [javac] Compiling 226 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-sdk_RELEASE.jar 08:56:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:13 [WARNING] [echo] **************************************** 08:56:13 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:13 [WARNING] [echo] **************************************** 08:56:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/utils] 08:56:13 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-utils_RELEASE.jar 08:56:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:17 [WARNING] [echo] **************************************** 08:56:17 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:17 [WARNING] [echo] **************************************** 08:56:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/registry] 08:56:17 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-registry_RELEASE.jar 08:56:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:21 [WARNING] [echo] **************************************** 08:56:21 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:21 [WARNING] [echo] **************************************** 08:56:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/abstraction] 08:56:21 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:56:21 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:21 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:56:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-abstraction_RELEASE.jar 08:56:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:24 [WARNING] [echo] **************************************** 08:56:24 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:24 [WARNING] [echo] **************************************** 08:56:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/basic] 08:56:25 [INFO] [javac] Compiling 63 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-basic_RELEASE.jar 08:56:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:29 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:56:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol-api_RELEASE.jar 08:56:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:37 [WARNING] [echo] **************************************** 08:56:37 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:37 [WARNING] [echo] **************************************** 08:56:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor-api 08:56:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/sdk] 08:56:37 [INFO] [javac] Compiling 69 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor-api/openspcoop2_monitor-sdk_RELEASE.jar 08:56:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:41 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:56:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor-api_RELEASE.jar 08:56:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:47 [WARNING] [echo] **************************************** 08:56:47 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:47 [WARNING] [echo] **************************************** 08:56:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/security 08:56:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security] 08:56:47 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-core_RELEASE.jar 08:56:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:51 [WARNING] [echo] **************************************** 08:56:51 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:51 [WARNING] [echo] **************************************** 08:56:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message] 08:56:51 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message_RELEASE.jar 08:56:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:55 [WARNING] [echo] **************************************** 08:56:55 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:55 [WARNING] [echo] **************************************** 08:56:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/engine] 08:56:55 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-engine_RELEASE.jar 08:56:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:56:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:56:59 [WARNING] [echo] **************************************** 08:56:59 [WARNING] [echo] **** DEBUG MODE ON ***** 08:56:59 [WARNING] [echo] **************************************** 08:56:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:56:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/jose] 08:56:59 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-jose_RELEASE.jar 08:57:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:03 [WARNING] [echo] **************************************** 08:57:03 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:03 [WARNING] [echo] **************************************** 08:57:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/xml] 08:57:03 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-xml_RELEASE.jar 08:57:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:06 [WARNING] [echo] **************************************** 08:57:06 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:06 [WARNING] [echo] **************************************** 08:57:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/wss4j] 08:57:06 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:07 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-wss4j_RELEASE.jar 08:57:07 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:10 [WARNING] [echo] **************************************** 08:57:10 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:10 [WARNING] [echo] **************************************** 08:57:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/soapbox] 08:57:10 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-soapbox_RELEASE.jar 08:57:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:14 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:57:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_security_RELEASE.jar 08:57:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:20 [WARNING] [echo] **************************************** 08:57:20 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:20 [WARNING] [echo] **************************************** 08:57:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol 08:57:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/engine] 08:57:20 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol/openspcoop2_protocol_RELEASE.jar 08:57:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:26 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:57:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol_RELEASE.jar 08:57:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:32 [WARNING] [echo] **************************************** 08:57:32 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:32 [WARNING] [echo] **************************************** 08:57:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor 08:57:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/transazioni] 08:57:32 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:57:32 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:33 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:57:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-transazioni_RELEASE.jar 08:57:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:36 [WARNING] [echo] **************************************** 08:57:36 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:36 [WARNING] [echo] **************************************** 08:57:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/ricerche] 08:57:36 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:57:36 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-ricerche_RELEASE.jar 08:57:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:40 [WARNING] [echo] **************************************** 08:57:40 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:40 [WARNING] [echo] **************************************** 08:57:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/statistiche] 08:57:40 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:57:40 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-statistiche_RELEASE.jar 08:57:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:44 [WARNING] [echo] **************************************** 08:57:44 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:44 [WARNING] [echo] **************************************** 08:57:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine] 08:57:44 [INFO] [javac] Compiling 240 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/statistiche/package-info.class 08:57:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/ricerche/package-info.class 08:57:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/constants/package-info.class 08:57:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/package-info.class 08:57:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-engine_RELEASE.jar 08:57:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:50 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:57:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor_RELEASE.jar 08:57:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 08:57:53 [INFO] [copy] Copying 1121 files to /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 08:57:53 [WARNING] [echo] Raccolta informazioni git per impostazione versione... 08:57:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:57:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:57:56 [WARNING] [echo] **************************************** 08:57:56 [WARNING] [echo] **** DEBUG MODE ON ***** 08:57:56 [WARNING] [echo] **************************************** 08:57:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd 08:57:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:57:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd] 08:57:56 [INFO] [javac] Compiling 1046 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:13 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/constants/package-info.class 08:58:13 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/package-info.class 08:58:13 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/services/skeleton/package-info.class 08:58:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd/openspcoop2_pdd_RELEASE.jar 08:58:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:17 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:58:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd_RELEASE.jar 08:58:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION 08:58:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:23 [WARNING] [echo] **************************************** 08:58:23 [WARNING] [echo] **** DEBUG MODE ON ***** 08:58:23 [WARNING] [echo] **************************************** 08:58:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd-test 08:58:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/pdd_test] 08:58:23 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd-test/openspcoop2_pdd-test_RELEASE.jar 08:58:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:26 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:58:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd-test_RELEASE.jar 08:58:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:35 [WARNING] [echo] **************************************** 08:58:35 [WARNING] [echo] **** DEBUG MODE ON ***** 08:58:35 [WARNING] [echo] **************************************** 08:58:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/modipa 08:58:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 08:58:35 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-plugin_RELEASE.jar 08:58:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:41 [WARNING] [echo] **************************************** 08:58:41 [WARNING] [echo] **** DEBUG MODE ON ***** 08:58:41 [WARNING] [echo] **************************************** 08:58:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 08:58:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-config_RELEASE.jar 08:58:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:44 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:58:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_modipa-protocol_RELEASE.jar 08:58:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:53 [WARNING] [echo] **************************************** 08:58:53 [WARNING] [echo] **** DEBUG MODE ON ***** 08:58:53 [WARNING] [echo] **************************************** 08:58:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/spcoop 08:58:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/manifest] 08:58:53 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:58:53 [INFO] [javac] Compiling 73 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:54 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:58:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-manifest_RELEASE.jar 08:58:54 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:58:57 [WARNING] [echo] **************************************** 08:58:57 [WARNING] [echo] **** DEBUG MODE ON ***** 08:58:57 [WARNING] [echo] **************************************** 08:58:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:58:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/collprofiles] 08:58:57 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:58:57 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:58:57 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:58:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipacollprofiles_RELEASE.jar 08:58:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:00 [WARNING] [echo] **************************************** 08:59:00 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:00 [WARNING] [echo] **************************************** 08:59:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/schemas/_2003/egovit/exception1_0] 08:59:00 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:59:00 [INFO] [javac] Compiling 24 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipaexception_RELEASE.jar 08:59:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:04 [WARNING] [echo] **************************************** 08:59:04 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:04 [WARNING] [echo] **************************************** 08:59:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wscp] 08:59:04 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:59:04 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:04 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:59:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wscp_RELEASE.jar 08:59:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:07 [WARNING] [echo] **************************************** 08:59:07 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:07 [WARNING] [echo] **************************************** 08:59:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 08:59:07 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica_RELEASE.jar 08:59:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:11 [WARNING] [echo] **************************************** 08:59:11 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:11 [WARNING] [echo] **************************************** 08:59:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wsbl] 08:59:11 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:59:11 [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:12 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 08:59:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wsbl_RELEASE.jar 08:59:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:15 [WARNING] [echo] **************************************** 08:59:15 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:15 [WARNING] [echo] **************************************** 08:59:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 08:59:15 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-plugin_RELEASE.jar 08:59:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:19 [WARNING] [echo] **************************************** 08:59:19 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:19 [WARNING] [echo] **************************************** 08:59:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 08:59:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-config_RELEASE.jar 08:59:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:21 [WARNING] [echo] **************************************** 08:59:21 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:21 [WARNING] [echo] **************************************** 08:59:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-schemi_RELEASE.jar 08:59:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:24 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:59:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_spcoop-protocol_RELEASE.jar 08:59:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:34 [WARNING] [echo] **************************************** 08:59:34 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:34 [WARNING] [echo] **************************************** 08:59:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/trasparente 08:59:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 08:59:34 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-plugin_RELEASE.jar 08:59:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:38 [WARNING] [echo] **************************************** 08:59:38 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:38 [WARNING] [echo] **************************************** 08:59:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 08:59:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-config_RELEASE.jar 08:59:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:41 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 08:59:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_trasparente-protocol_RELEASE.jar 08:59:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:50 [WARNING] [echo] **************************************** 08:59:50 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:50 [WARNING] [echo] **************************************** 08:59:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/sdi 08:59:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_0] 08:59:50 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:59:50 [INFO] [javac] Compiling 111 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v10_RELEASE.jar 08:59:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:55 [WARNING] [echo] **************************************** 08:59:55 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:55 [WARNING] [echo] **************************************** 08:59:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_1] 08:59:55 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:59:55 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v11_RELEASE.jar 08:59:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 08:59:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 08:59:59 [WARNING] [echo] **************************************** 08:59:59 [WARNING] [echo] **** DEBUG MODE ON ***** 08:59:59 [WARNING] [echo] **************************************** 08:59:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 08:59:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_0/] 08:59:59 [WARNING] [javac] anomalous package-info.java path: package-info.java 08:59:59 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturasemplificata-v10_RELEASE.jar 09:00:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:03 [WARNING] [echo] **************************************** 09:00:03 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:03 [WARNING] [echo] **************************************** 09:00:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_2/] 09:00:03 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:03 [INFO] [javac] Compiling 113 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v12_RELEASE.jar 09:00:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:07 [WARNING] [echo] **************************************** 09:00:07 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:07 [WARNING] [echo] **************************************** 09:00:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/messaggi/v1_0] 09:00:07 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:07 [INFO] [javac] Compiling 47 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-v10_RELEASE.jar 09:00:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:11 [WARNING] [echo] **************************************** 09:00:11 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:11 [WARNING] [echo] **************************************** 09:00:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fattura/messaggi/v1_0] 09:00:11 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:11 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-fattura-v10_RELEASE.jar 09:00:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:14 [WARNING] [echo] **************************************** 09:00:14 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:14 [WARNING] [echo] **************************************** 09:00:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/ricezione/v1_0/types] 09:00:14 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:14 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wsricezione-v10_RELEASE.jar 09:00:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:18 [WARNING] [echo] **************************************** 09:00:18 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:18 [WARNING] [echo] **************************************** 09:00:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/trasmissione/v1_0/types] 09:00:18 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:18 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wstrasmissione-v10_RELEASE.jar 09:00:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:22 [WARNING] [echo] **************************************** 09:00:22 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:22 [WARNING] [echo] **************************************** 09:00:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/org/openspcoop2/protocol/sdi] 09:00:22 [INFO] [javac] Compiling 32 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-plugin_RELEASE.jar 09:00:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:25 [WARNING] [echo] **************************************** 09:00:25 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:25 [WARNING] [echo] **************************************** 09:00:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src] 09:00:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-config_RELEASE.jar 09:00:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:28 [WARNING] [echo] **************************************** 09:00:28 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:28 [WARNING] [echo] **************************************** 09:00:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-schemi_RELEASE.jar 09:00:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:31 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 09:00:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_sdi-protocol_RELEASE.jar 09:00:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:41 [WARNING] [echo] **************************************** 09:00:41 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:41 [WARNING] [echo] **************************************** 09:00:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/as4 09:00:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/org/oasis_open/docs/ebxml_msg/ebms/v3_0/ns/core/_200704] 09:00:41 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:41 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-ebms-v3_0_RELEASE.jar 09:00:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:45 [WARNING] [echo] **************************************** 09:00:45 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:45 [WARNING] [echo] **************************************** 09:00:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/backend/ecodex/org/_1_1] 09:00:45 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:45 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:46 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 09:00:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-backend-ecodex-v1_1_RELEASE.jar 09:00:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:49 [WARNING] [echo] **************************************** 09:00:49 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:49 [WARNING] [echo] **************************************** 09:00:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/eu/domibus/configuration] 09:00:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:00:49 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-eu-domibus-configuration_RELEASE.jar 09:00:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:53 [WARNING] [echo] **************************************** 09:00:53 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:53 [WARNING] [echo] **************************************** 09:00:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 09:00:53 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-plugin_RELEASE.jar 09:00:54 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:00:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:00:57 [WARNING] [echo] **************************************** 09:00:57 [WARNING] [echo] **** DEBUG MODE ON ***** 09:00:57 [WARNING] [echo] **************************************** 09:00:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:00:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 09:00:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-config_RELEASE.jar 09:00:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:01:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:01:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:00 [WARNING] [echo] **************************************** 09:01:00 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:00 [WARNING] [echo] **************************************** 09:01:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-schemi_RELEASE.jar 09:01:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:03 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 09:01:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_as4-protocol_RELEASE.jar 09:01:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users 09:01:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:12 [WARNING] [echo] **************************************** 09:01:12 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:12 [WARNING] [echo] **************************************** 09:01:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 09:01:12 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 09:01:13 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc 09:01:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:22 [WARNING] [echo] **************************************** 09:01:22 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:22 [WARNING] [echo] **************************************** 09:01:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 09:01:22 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 09:01:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:29 [WARNING] [echo] **************************************** 09:01:29 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:29 [WARNING] [echo] **************************************** 09:01:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc 09:01:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 09:01:29 [INFO] [javac] Compiling 39 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:30 warning: Implicitly compiled files were not subject to annotation processing. 09:01:30 Use -proc:none to disable annotation processing or -implicit to specify a policy for implicit compilation. 09:01:30 1 warning 09:01:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 09:01:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:34 [WARNING] [echo] **************************************** 09:01:34 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:34 [WARNING] [echo] **************************************** 09:01:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 09:01:34 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 09:01:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:38 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 09:01:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 09:01:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit 09:01:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:47 [WARNING] [echo] **************************************** 09:01:47 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:47 [WARNING] [echo] **************************************** 09:01:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 09:01:47 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 09:01:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 09:01:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:54 [WARNING] [echo] **************************************** 09:01:54 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:54 [WARNING] [echo] **************************************** 09:01:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 09:01:54 [INFO] [javac] Compiling 39 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 09:01:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:01:58 [WARNING] [echo] **************************************** 09:01:58 [WARNING] [echo] **** DEBUG MODE ON ***** 09:01:58 [WARNING] [echo] **************************************** 09:01:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:01:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 09:01:58 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:01:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 09:01:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 09:02:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:02 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 09:02:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 09:02:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:08 [WARNING] [echo] **************************************** 09:02:08 [WARNING] [echo] **** DEBUG MODE ON ***** 09:02:08 [WARNING] [echo] **************************************** 09:02:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/audit 09:02:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/costanti] 09:02:08 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-costanti_RELEASE.jar 09:02:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:12 [WARNING] [echo] **************************************** 09:02:12 [WARNING] [echo] **** DEBUG MODE ON ***** 09:02:12 [WARNING] [echo] **************************************** 09:02:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/log] 09:02:12 [WARNING] [javac] anomalous package-info.java path: package-info.java 09:02:12 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:12 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2/constants/package-info.class 09:02:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-log_RELEASE.jar 09:02:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:15 [WARNING] [echo] **************************************** 09:02:15 [WARNING] [echo] **** DEBUG MODE ON ***** 09:02:15 [WARNING] [echo] **************************************** 09:02:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/dao] 09:02:15 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-dao_RELEASE.jar 09:02:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:19 [WARNING] [echo] **************************************** 09:02:19 [WARNING] [echo] **** DEBUG MODE ON ***** 09:02:19 [WARNING] [echo] **************************************** 09:02:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src] 09:02:19 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit_RELEASE.jar 09:02:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 09:02:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:22 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 09:02:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-audit_RELEASE.jar 09:02:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue 09:02:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 09:02:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:32 [WARNING] [echo] **************************************** 09:02:32 [WARNING] [echo] **** DEBUG MODE ON ***** 09:02:32 [WARNING] [echo] **************************************** 09:02:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/queue/src] 09:02:32 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 09:02:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-queue_RELEASE.jar 09:02:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 09:02:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole 09:02:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 09:02:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:02:42 [WARNING] [echo] **************************************** 09:02:42 [WARNING] [echo] **** DEBUG MODE ON ***** 09:02:42 [WARNING] [echo] **************************************** 09:02:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:02:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/control_station/src] 09:02:42 [INFO] [javac] Compiling 766 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 09:02:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayConsole_RELEASE.jar 09:02:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 09:03:07 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/faces-config.xml 09:03:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor 09:03:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:03:10 [WARNING] [echo] **************************************** 09:03:10 [WARNING] [echo] **** DEBUG MODE ON ***** 09:03:10 [WARNING] [echo] **************************************** 09:03:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core 09:03:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:03:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/] 09:03:11 [INFO] [javac] Compiling 147 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core_RELEASE.jar 09:03:13 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:16 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:03:16 [WARNING] [echo] **************************************** 09:03:16 [WARNING] [echo] **** DEBUG MODE ON ***** 09:03:16 [WARNING] [echo] **************************************** 09:03:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:03:16 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/resources] 09:03:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core-resources_RELEASE.jar 09:03:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:03:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:03:19 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 09:03:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-core_RELEASE.jar 09:03:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/META-INF/faces-config.xml 09:03:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:03:28 [WARNING] [echo] **************************************** 09:03:28 [WARNING] [echo] **** DEBUG MODE ON ***** 09:03:28 [WARNING] [echo] **************************************** 09:03:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:03:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/] 09:03:28 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-transazioni_RELEASE.jar 09:03:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/META-INF/faces-config.xml 09:03:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:03:40 [WARNING] [echo] **************************************** 09:03:40 [WARNING] [echo] **** DEBUG MODE ON ***** 09:03:40 [WARNING] [echo] **************************************** 09:03:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:03:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/] 09:03:41 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-statistiche_RELEASE.jar 09:03:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:49 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/META-INF/faces-config.xml 09:03:52 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:52 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:03:52 [WARNING] [echo] **************************************** 09:03:52 [WARNING] [echo] **** DEBUG MODE ON ***** 09:03:52 [WARNING] [echo] **************************************** 09:03:52 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:03:52 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/] 09:03:52 [INFO] [javac] Compiling 6 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-eventi_RELEASE.jar 09:03:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:03:59 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml 09:03:59 [ERROR] [concat] /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml.application does not exist. 09:04:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:04:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:04:02 [WARNING] [echo] **************************************** 09:04:02 [WARNING] [echo] **** DEBUG MODE ON ***** 09:04:02 [WARNING] [echo] **************************************** 09:04:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:04:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/] 09:04:03 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:04:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-allarmi_RELEASE.jar 09:04:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:04:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole 09:04:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 09:04:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:04:13 [WARNING] [echo] **************************************** 09:04:13 [WARNING] [echo] **** DEBUG MODE ON ***** 09:04:13 [WARNING] [echo] **************************************** 09:04:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:04:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/loader/src] 09:04:13 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 09:04:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-loaderConsole_RELEASE.jar 09:04:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 09:04:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig 09:04:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 09:04:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:04:23 [WARNING] [echo] **************************************** 09:04:23 [WARNING] [echo] **** DEBUG MODE ON ***** 09:04:23 [WARNING] [echo] **************************************** 09:04:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:04:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/config/server/src/] 09:04:23 [INFO] [javac] Compiling 462 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 09:04:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-config-server_RELEASE.jar 09:04:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 09:04:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:04:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:04:40 [WARNING] [echo] **************************************** 09:04:40 [WARNING] [echo] **** DEBUG MODE ON ***** 09:04:40 [WARNING] [echo] **************************************** 09:04:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:04:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/src/] 09:04:40 [INFO] [javac] Compiling 126 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:04:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-monitor-server_RELEASE.jar 09:04:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 09:04:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:04:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:04:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:04:51 [WARNING] [echo] **************************************** 09:04:51 [WARNING] [echo] **** DEBUG MODE ON ***** 09:04:51 [WARNING] [echo] **************************************** 09:04:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:04:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/statistiche/src/] 09:04:51 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:04:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-statistiche_RELEASE.jar 09:04:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:05:01 [WARNING] [echo] **************************************** 09:05:01 [WARNING] [echo] **** DEBUG MODE ON ***** 09:05:01 [WARNING] [echo] **************************************** 09:05:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:05:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/runtime-repository/src/] 09:05:01 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-runtime-repository_RELEASE.jar 09:05:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:05:11 [WARNING] [echo] **************************************** 09:05:11 [WARNING] [echo] **** DEBUG MODE ON ***** 09:05:11 [WARNING] [echo] **************************************** 09:05:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:05:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/config_loader/src] 09:05:11 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-configLoader_RELEASE.jar 09:05:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 09:05:21 [WARNING] [echo] **************************************** 09:05:21 [WARNING] [echo] **** DEBUG MODE ON ***** 09:05:21 [WARNING] [echo] **************************************** 09:05:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 09:05:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/govway_vault/src] 09:05:21 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-vault_RELEASE.jar 09:05:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 09:05:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build 09:05:25 [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist.backup 09:05:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 09:05:25 [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist 09:05:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist.backup 09:05:25 [INFO] Executed tasks 09:05:25 [INFO] 09:05:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 09:05:25 [INFO] Building package 1.0 [62/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 09:05:25 [INFO] Building testsuite.utils 1.0 [63/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 09:05:25 [INFO] Building testsuite.utils.sql 1.0 [64/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 09:05:25 [INFO] Building testsuite.pdd.core 1.0 [65/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 09:05:25 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 09:05:25 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 09:05:25 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 09:05:25 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] 09:05:25 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 09:05:25 [INFO] Building coverage.jacoco 1.0 [70/70] 09:05:25 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:25 [INFO] ------------------------------------------------------------------------ 09:05:25 [INFO] Reactor Summary for govway 1.0: 09:05:25 [INFO] 09:05:25 [INFO] govway ............................................. SUCCESS [ 0.004 s] 09:05:25 [INFO] dependencies ....................................... SUCCESS [ 0.002 s] 09:05:25 [INFO] dependencies.ant ................................... SUCCESS [ 1.326 s] 09:05:25 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.035 s] 09:05:25 [INFO] dependencies.axiom ................................. SUCCESS [ 0.495 s] 09:05:25 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.056 s] 09:05:25 [INFO] dependencies.cxf ................................... SUCCESS [ 0.319 s] 09:05:25 [INFO] dependencies.commons ............................... SUCCESS [ 0.136 s] 09:05:25 [INFO] dependencies.faces ................................. SUCCESS [ 0.059 s] 09:05:25 [INFO] dependencies.git ................................... SUCCESS [ 0.019 s] 09:05:25 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.106 s] 09:05:25 [INFO] dependencies.jackson ............................... SUCCESS [ 0.111 s] 09:05:25 [INFO] dependencies.javax ................................. SUCCESS [ 0.049 s] 09:05:25 [INFO] dependencies.jax ................................... SUCCESS [ 0.198 s] 09:05:25 [INFO] dependencies.jetty ................................. SUCCESS [ 0.048 s] 09:05:25 [INFO] dependencies.jminix ................................ SUCCESS [ 0.072 s] 09:05:25 [INFO] dependencies.json .................................. SUCCESS [ 0.099 s] 09:05:25 [INFO] dependencies.log ................................... SUCCESS [ 0.107 s] 09:05:25 [INFO] dependencies.lucene ................................ SUCCESS [ 0.023 s] 09:05:25 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.069 s] 09:05:25 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.057 s] 09:05:25 [INFO] dependencies.pdf ................................... SUCCESS [ 0.024 s] 09:05:25 [INFO] dependencies.redis ................................. SUCCESS [ 0.068 s] 09:05:25 [INFO] dependencies.reports ............................... SUCCESS [ 0.107 s] 09:05:25 [INFO] dependencies.saaj .................................. SUCCESS [ 0.057 s] 09:05:25 [INFO] dependencies.security .............................. SUCCESS [ 0.077 s] 09:05:25 [INFO] dependencies.shared ................................ SUCCESS [ 0.190 s] 09:05:25 [INFO] dependencies.spring ................................ SUCCESS [ 0.081 s] 09:05:25 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 09:05:25 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.050 s] 09:05:25 [INFO] dependencies.swagger ............................... SUCCESS [ 0.080 s] 09:05:25 [INFO] dependencies.wadl .................................. SUCCESS [ 0.011 s] 09:05:25 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.060 s] 09:05:25 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.000 s] 09:05:25 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.062 s] 09:05:25 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.020 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.022 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.025 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.022 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.022 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.019 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.021 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.060 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.022 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.025 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.022 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.020 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.024 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.022 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.021 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.023 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.021 s] 09:05:25 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.021 s] 09:05:25 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.010 s] 09:05:25 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.102 s] 09:05:25 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.011 s] 09:05:25 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.007 s] 09:05:25 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.018 s] 09:05:25 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.012 s] 09:05:25 [INFO] compile ............................................ SUCCESS [16:18 min] 09:05:25 [INFO] package ............................................ SUCCESS [ 0.001 s] 09:05:25 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 09:05:25 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 09:05:25 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.000 s] 09:05:25 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 09:05:25 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 09:05:25 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 09:05:25 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 09:05:25 [INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s] 09:05:25 [INFO] ------------------------------------------------------------------------ 09:05:25 [INFO] BUILD SUCCESS 09:05:25 [INFO] ------------------------------------------------------------------------ 09:05:25 [INFO] Total time: 16:24 min 09:05:25 [INFO] Finished at: 2025-12-06T09:05:25+01:00 09:05:25 [INFO] ------------------------------------------------------------------------ 09:05:25 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage.git_info.generate=false -Dpackage=package -Dcompile=none -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true package 09:05:27 [INFO] Scanning for projects... 09:05:27 [INFO] ------------------------------------------------------------------------ 09:05:27 [INFO] Reactor Build Order: 09:05:27 [INFO] 09:05:27 [INFO] govway [pom] 09:05:27 [INFO] dependencies [pom] 09:05:27 [INFO] dependencies.ant [pom] 09:05:27 [INFO] dependencies.antinstaller [pom] 09:05:27 [INFO] dependencies.axiom [pom] 09:05:27 [INFO] dependencies.bean-validation [pom] 09:05:27 [INFO] dependencies.cxf [pom] 09:05:27 [INFO] dependencies.commons [pom] 09:05:27 [INFO] dependencies.faces [pom] 09:05:27 [INFO] dependencies.git [pom] 09:05:27 [INFO] dependencies.httpcore [pom] 09:05:27 [INFO] dependencies.jackson [pom] 09:05:27 [INFO] dependencies.javax [pom] 09:05:27 [INFO] dependencies.jax [pom] 09:05:27 [INFO] dependencies.jetty [pom] 09:05:27 [INFO] dependencies.jminix [pom] 09:05:27 [INFO] dependencies.json [pom] 09:05:27 [INFO] dependencies.log [pom] 09:05:27 [INFO] dependencies.lucene [pom] 09:05:27 [INFO] dependencies.openapi4j [pom] 09:05:27 [INFO] dependencies.opensaml [pom] 09:05:27 [INFO] dependencies.pdf [pom] 09:05:27 [INFO] dependencies.redis [pom] 09:05:27 [INFO] dependencies.reports [pom] 09:05:27 [INFO] dependencies.saaj [pom] 09:05:27 [INFO] dependencies.security [pom] 09:05:27 [INFO] dependencies.shared [pom] 09:05:27 [INFO] dependencies.spring [pom] 09:05:27 [INFO] dependencies.spring-ldap [pom] 09:05:27 [INFO] dependencies.spring-security [pom] 09:05:27 [INFO] dependencies.swagger [pom] 09:05:27 [INFO] dependencies.wadl [pom] 09:05:27 [INFO] dependencies.wss4j [pom] 09:05:27 [INFO] dependencies.testsuite [pom] 09:05:27 [INFO] dependencies.testsuite.axis14 [pom] 09:05:27 [INFO] dependencies.testsuite.as [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly9 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly10 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly11 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly12 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly13 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly14 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly15 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly16 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly17 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly18 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly19 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly20 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly21 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly22 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly23 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly24 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly25 [pom] 09:05:27 [INFO] dependencies.testsuite.as.wildfly26 [pom] 09:05:27 [INFO] dependencies.testsuite.as.tomcat9 [pom] 09:05:27 [INFO] dependencies.testsuite.test [pom] 09:05:27 [INFO] dependencies.testsuite.staticAnalysis [pom] 09:05:27 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 09:05:27 [INFO] dependencies.testsuite.coverage [pom] 09:05:27 [INFO] dependencies.soapbox [pom] 09:05:27 [INFO] compile [pom] 09:05:27 [INFO] package [pom] 09:05:27 [INFO] testsuite.utils [pom] 09:05:27 [INFO] testsuite.utils.sql [pom] 09:05:27 [INFO] testsuite.pdd.core [pom] 09:05:27 [INFO] testsuite.pdd.core.sql [pom] 09:05:27 [INFO] static_analysis.spotbugs [pom] 09:05:27 [INFO] static_analysis.sonarqube [pom] 09:05:27 [INFO] dynamic_analysis.zap [pom] 09:05:27 [INFO] coverage.jacoco [pom] 09:05:27 [INFO] 09:05:27 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 09:05:27 [INFO] Building govway 1.0 [1/70] 09:05:27 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:27 [INFO] 09:05:27 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 09:05:27 [INFO] Building dependencies 1.0 [2/70] 09:05:27 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:27 [INFO] 09:05:27 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 09:05:27 [INFO] Building dependencies.ant 1.0 [3/70] 09:05:27 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:28 [INFO] 09:05:28 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 09:05:28 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 09:05:28 [INFO] 09:05:28 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 09:05:29 [INFO] 09:05:29 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 09:05:29 [INFO] Building dependencies.antinstaller 1.0 [4/70] 09:05:29 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:29 [INFO] 09:05:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 09:05:29 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 09:05:29 [INFO] 09:05:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 09:05:29 [INFO] 09:05:29 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 09:05:29 [INFO] Building dependencies.axiom 1.0 [5/70] 09:05:29 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:29 [INFO] 09:05:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 09:05:29 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 09:05:29 [INFO] 09:05:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 09:05:29 [INFO] 09:05:29 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 09:05:29 [INFO] Executing tasks 09:05:29 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 09:05:29 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 09:05:29 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 09:05:29 [INFO] Executed tasks 09:05:29 [INFO] 09:05:29 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 09:05:29 [INFO] Building dependencies.bean-validation 1.0 [6/70] 09:05:29 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:29 [INFO] 09:05:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 09:05:29 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 09:05:29 [INFO] 09:05:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 09:05:29 [INFO] 09:05:29 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 09:05:29 [INFO] Building dependencies.cxf 1.0 [7/70] 09:05:29 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 09:05:30 [INFO] Executing tasks 09:05:30 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 09:05:30 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 09:05:30 [INFO] Executed tasks 09:05:30 [INFO] 09:05:30 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 09:05:30 [INFO] Building dependencies.commons 1.0 [8/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 09:05:30 [INFO] 09:05:30 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 09:05:30 [INFO] Building dependencies.faces 1.0 [9/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 09:05:30 [INFO] 09:05:30 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 09:05:30 [INFO] Building dependencies.git 1.0 [10/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 09:05:30 [INFO] 09:05:30 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 09:05:30 [INFO] Building dependencies.httpcore 1.0 [11/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 09:05:30 [INFO] Executing tasks 09:05:30 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 09:05:30 [INFO] Executed tasks 09:05:30 [INFO] 09:05:30 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 09:05:30 [INFO] Building dependencies.jackson 1.0 [12/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 09:05:30 [INFO] 09:05:30 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 09:05:30 [INFO] Building dependencies.javax 1.0 [13/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 09:05:30 [INFO] 09:05:30 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 09:05:30 [INFO] Building dependencies.jax 1.0 [14/70] 09:05:30 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:30 [INFO] 09:05:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 09:05:30 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 09:05:30 [INFO] 09:05:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 09:05:30 [INFO] 09:05:30 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 09:05:31 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 09:05:31 [INFO] 09:05:31 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 09:05:31 [INFO] Executing tasks 09:05:31 [INFO] Executed tasks 09:05:31 [INFO] 09:05:31 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 09:05:31 [INFO] Building dependencies.jetty 1.0 [15/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 09:05:31 [INFO] 09:05:31 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 09:05:31 [INFO] Building dependencies.jminix 1.0 [16/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 09:05:31 [INFO] Executing tasks 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 09:05:31 [INFO] Executed tasks 09:05:31 [INFO] 09:05:31 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 09:05:31 [INFO] Building dependencies.json 1.0 [17/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 09:05:31 [INFO] Executing tasks 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 09:05:31 [INFO] Executed tasks 09:05:31 [INFO] 09:05:31 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 09:05:31 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 09:05:31 [INFO] 09:05:31 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 09:05:31 [INFO] Building dependencies.log 1.0 [18/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 09:05:31 [INFO] Executing tasks 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 09:05:31 [INFO] Executed tasks 09:05:31 [INFO] 09:05:31 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 09:05:31 [INFO] Building dependencies.lucene 1.0 [19/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 09:05:31 [INFO] 09:05:31 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 09:05:31 [INFO] Building dependencies.openapi4j 1.0 [20/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 09:05:31 [INFO] Executing tasks 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 09:05:31 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 09:05:31 [INFO] Executed tasks 09:05:31 [INFO] 09:05:31 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 09:05:31 [INFO] Building dependencies.opensaml 1.0 [21/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 09:05:31 [INFO] 09:05:31 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 09:05:31 [INFO] Building dependencies.pdf 1.0 [22/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:31 [INFO] 09:05:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 09:05:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 09:05:31 [INFO] 09:05:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 09:05:31 [INFO] 09:05:31 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 09:05:31 [INFO] Building dependencies.redis 1.0 [23/70] 09:05:31 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 09:05:32 [INFO] 09:05:32 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 09:05:32 [INFO] Building dependencies.reports 1.0 [24/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 09:05:32 [INFO] 09:05:32 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 09:05:32 [INFO] Building dependencies.saaj 1.0 [25/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 09:05:32 [INFO] Executing tasks 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 09:05:32 [INFO] Executed tasks 09:05:32 [INFO] 09:05:32 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 09:05:32 [INFO] Building dependencies.security 1.0 [26/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 09:05:32 [INFO] Executing tasks 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 09:05:32 [INFO] Executed tasks 09:05:32 [INFO] 09:05:32 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 09:05:32 [INFO] Building dependencies.shared 1.0 [27/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 09:05:32 [INFO] Executing tasks 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 09:05:32 [INFO] Executed tasks 09:05:32 [INFO] 09:05:32 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 09:05:32 [INFO] Building dependencies.spring 1.0 [28/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 09:05:32 [INFO] Executing tasks 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 09:05:32 [INFO] Executed tasks 09:05:32 [INFO] 09:05:32 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 09:05:32 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 09:05:32 [INFO] 09:05:32 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 09:05:32 [INFO] Building dependencies.spring-security 1.0 [30/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 09:05:32 [INFO] Executing tasks 09:05:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 09:05:32 [INFO] Executed tasks 09:05:32 [INFO] 09:05:32 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 09:05:32 [INFO] Building dependencies.swagger 1.0 [31/70] 09:05:32 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:32 [INFO] 09:05:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 09:05:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 09:05:32 [INFO] 09:05:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 09:05:33 [INFO] Executing tasks 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 09:05:33 [INFO] Executed tasks 09:05:33 [INFO] 09:05:33 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 09:05:33 [INFO] Building dependencies.wadl 1.0 [32/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 09:05:33 [INFO] 09:05:33 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 09:05:33 [INFO] Building dependencies.wss4j 1.0 [33/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 09:05:33 [INFO] Executing tasks 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 09:05:33 [INFO] Executed tasks 09:05:33 [INFO] 09:05:33 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 09:05:33 [INFO] Building dependencies.testsuite 1.0 [34/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 09:05:33 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 09:05:33 [INFO] Executing tasks 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 09:05:33 [INFO] Executed tasks 09:05:33 [INFO] 09:05:33 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 09:05:33 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 09:05:33 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 09:05:33 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 09:05:33 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 09:05:33 [INFO] 09:05:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 09:05:33 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 09:05:33 [INFO] 09:05:33 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 09:05:33 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 09:05:33 [INFO] Executing tasks 09:05:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 09:05:33 [INFO] Executed tasks 09:05:33 [INFO] 09:05:33 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 09:05:33 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 09:05:33 [INFO] 09:05:33 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 09:05:33 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 09:05:33 [INFO] 09:05:33 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 09:05:33 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 09:05:33 [INFO] 09:05:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 09:05:33 [INFO] Building dependencies.soapbox 1.0 [60/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 09:05:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 09:05:33 [INFO] 09:05:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 09:05:33 [INFO] 09:05:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 09:05:33 [INFO] Building compile 1.0 [61/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 09:05:33 [INFO] Building package 1.0 [62/70] 09:05:33 [INFO] --------------------------------[ pom ]--------------------------------- 09:05:33 [INFO] 09:05:33 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.package --- 09:05:34 [INFO] Executing tasks 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: --------------------------------------- 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: WORK_DIR: /var/lib/jenkins/workspace/GovWay/dist 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: LOG_DIR: /var/lib/jenkins/workspace/GovWay/log 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: TIPO: branches 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: BUILD-SETUP: true 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: BUILD-DOC: false 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: BUILD-LIB: false 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: READ_GIT_INFO: false 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: VERSION: 3.3.18.build-master 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: --------------------------------------- 09:05:34 [INFO] [exec] WARN <2025/12/06 09:05:34>: Generazione distribuzione sorgente non eseguita su richiesta utente. 09:05:34 [INFO] [exec] ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: Comincio produzione distribuzione binaria 09:05:34 [INFO] [exec] INFO <2025/12/06 09:05:34>: Generazione dei pacchetti software in corso (!!NOTA: questa operazione richiede parecchi minuti) ... 10:04:50 [INFO] [exec] INFO <2025/12/06 10:04:50>: Generazione dei pacchetti software terminata correttamente 10:04:50 [INFO] [exec] INFO <2025/12/06 10:04:50>: Generazione della documentazione (Questa operazione richiede qualche minuto) ... 10:04:50 [INFO] [exec] INFO <2025/12/06 10:04:50>: Generazione della documentazione terminata correttamente 10:04:50 [INFO] [exec] INFO <2025/12/06 10:04:50>: Generazione pacchetto installer ... 10:05:16 [INFO] [exec] /bin/rm -rf /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.18.build-master 10:05:16 [INFO] [exec] INFO <2025/12/06 10:05:16>: Generazione pacchetto installer terminata correttamente. 10:05:16 [INFO] [exec] INFO <2025/12/06 10:05:16>: Generazione distribuzione binaria terminata correttamente. Archivio generato: /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.18.build-master.tgz 10:05:16 [INFO] Executed tasks 10:05:16 [INFO] 10:05:16 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 10:05:16 [INFO] Building testsuite.utils 1.0 [63/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 10:05:16 [INFO] Building testsuite.utils.sql 1.0 [64/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 10:05:16 [INFO] Building testsuite.pdd.core 1.0 [65/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 10:05:16 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 10:05:16 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 10:05:16 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 10:05:16 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] 10:05:16 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 10:05:16 [INFO] Building coverage.jacoco 1.0 [70/70] 10:05:16 [INFO] --------------------------------[ pom ]--------------------------------- 10:05:16 [INFO] ------------------------------------------------------------------------ 10:05:16 [INFO] Reactor Summary for govway 1.0: 10:05:16 [INFO] 10:05:16 [INFO] govway ............................................. SUCCESS [ 0.004 s] 10:05:16 [INFO] dependencies ....................................... SUCCESS [ 0.001 s] 10:05:16 [INFO] dependencies.ant ................................... SUCCESS [ 1.346 s] 10:05:16 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.039 s] 10:05:16 [INFO] dependencies.axiom ................................. SUCCESS [ 0.510 s] 10:05:16 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.055 s] 10:05:16 [INFO] dependencies.cxf ................................... SUCCESS [ 0.329 s] 10:05:16 [INFO] dependencies.commons ............................... SUCCESS [ 0.204 s] 10:05:16 [INFO] dependencies.faces ................................. SUCCESS [ 0.094 s] 10:05:16 [INFO] dependencies.git ................................... SUCCESS [ 0.038 s] 10:05:16 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.151 s] 10:05:16 [INFO] dependencies.jackson ............................... SUCCESS [ 0.104 s] 10:05:16 [INFO] dependencies.javax ................................. SUCCESS [ 0.093 s] 10:05:16 [INFO] dependencies.jax ................................... SUCCESS [ 0.233 s] 10:05:16 [INFO] dependencies.jetty ................................. SUCCESS [ 0.048 s] 10:05:16 [INFO] dependencies.jminix ................................ SUCCESS [ 0.104 s] 10:05:16 [INFO] dependencies.json .................................. SUCCESS [ 0.106 s] 10:05:16 [INFO] dependencies.log ................................... SUCCESS [ 0.272 s] 10:05:16 [INFO] dependencies.lucene ................................ SUCCESS [ 0.021 s] 10:05:16 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.088 s] 10:05:16 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.093 s] 10:05:16 [INFO] dependencies.pdf ................................... SUCCESS [ 0.070 s] 10:05:16 [INFO] dependencies.redis ................................. SUCCESS [ 0.124 s] 10:05:16 [INFO] dependencies.reports ............................... SUCCESS [ 0.065 s] 10:05:16 [INFO] dependencies.saaj .................................. SUCCESS [ 0.089 s] 10:05:16 [INFO] dependencies.security .............................. SUCCESS [ 0.149 s] 10:05:16 [INFO] dependencies.shared ................................ SUCCESS [ 0.311 s] 10:05:16 [INFO] dependencies.spring ................................ SUCCESS [ 0.134 s] 10:05:16 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.015 s] 10:05:16 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.105 s] 10:05:16 [INFO] dependencies.swagger ............................... SUCCESS [ 0.151 s] 10:05:16 [INFO] dependencies.wadl .................................. SUCCESS [ 0.012 s] 10:05:16 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.070 s] 10:05:16 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 10:05:16 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.072 s] 10:05:16 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.000 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.025 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.029 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.034 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.029 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.030 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.029 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.030 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.027 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.034 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.096 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.025 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.026 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.029 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.026 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.026 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.027 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.025 s] 10:05:16 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.026 s] 10:05:16 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.011 s] 10:05:16 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.110 s] 10:05:16 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.013 s] 10:05:16 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.008 s] 10:05:16 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.023 s] 10:05:16 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.013 s] 10:05:16 [INFO] compile ............................................ SUCCESS [ 0.001 s] 10:05:16 [INFO] package ............................................ SUCCESS [59:42 min] 10:05:16 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 10:05:16 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 10:05:16 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 10:05:16 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s] 10:05:16 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 10:05:16 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 10:05:16 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 10:05:16 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 10:05:16 [INFO] ------------------------------------------------------------------------ 10:05:16 [INFO] BUILD SUCCESS 10:05:16 [INFO] ------------------------------------------------------------------------ 10:05:16 [INFO] Total time: 59:48 min 10:05:16 [INFO] Finished at: 2025-12-06T10:05:16+01:00 10:05:16 [INFO] ------------------------------------------------------------------------ 10:05:16 [GovWay] $ /bin/bash /tmp/jenkins4343305090069073711.sh 10:05:16 Sistemo dependency-check-result/dependency-check-report.xml ... 10:05:16 Sistemo dependency-check-result/dependency-check-report.xml ok 10:05:16 [GovWay] $ /bin/bash /tmp/jenkins1877096570818178914.sh 10:05:16 Archive Name [govway-installer-3.3.18.build-master.tgz] 10:05:20 Pubblicazione last distrib ... 10:05:21 Pubblicazione last distrib effettuata 10:05:21 Pubblicazione installer su risultati testsuite ... 10:05:21 Pubblicazione installer su risultati testsuite effettuata: scaricabile alla url 'https://jenkins.link.it/govway/govway-testsuite/installer/govway-installer-3.3.18.build-master.tgz' 10:05:21 Archive DIR [govway-installer-3.3.18.build-master] 10:05:21 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server ... 10:05:25 10:05:25 PLAY [instance_govway] ********************************************************* 10:05:25 10:05:25 TASK [Gathering Facts] ********************************************************* 10:05:26 ok: [127.0.0.1] 10:05:26 10:05:26 TASK [include_vars] ************************************************************ 10:05:26 ok: [127.0.0.1] 10:05:26 10:05:26 TASK [link.govway : Remove Old Jenkins Installer] ****************************** 10:05:27 [WARNING]: Consider using file module with state=absent rather than running rm 10:05:27 changed: [127.0.0.1] 10:05:27 10:05:27 TASK [link.govway : Load Jenkins Installer] ************************************ 10:05:42 changed: [127.0.0.1] 10:05:42 10:05:42 TASK [link.govway : Install the setup template] ******************************** 10:05:43 changed: [127.0.0.1] 10:05:43 10:05:43 TASK [link.govway : Fix the Govway installer to run non interactively] ********* 10:05:43 changed: [127.0.0.1] 10:05:43 10:05:43 TASK [link.govway : Fix the installer script to run non interactively] ********* 10:05:44 ok: [127.0.0.1] 10:05:44 10:05:44 TASK [link.govway : Fix the installer script template position] **************** 10:05:44 ok: [127.0.0.1] 10:05:44 10:05:44 TASK [link.govway : Verify JAVA_HOME and Run the Goway Setup] ****************** 10:07:35 changed: [127.0.0.1] 10:07:35 10:07:35 TASK [link.govway : Stop Tomcat 8] ********************************************* 10:07:51 [WARNING]: Consider using service module rather than running service 10:07:51 changed: [127.0.0.1] 10:07:51 10:07:51 TASK [link.govway : Drop Govway DB and Create new one] ************************* 10:08:06 changed: [127.0.0.1] 10:08:06 10:08:06 TASK [link.govway : Load GovWay.sql] ******************************************* 10:08:09 changed: [127.0.0.1] 10:08:09 10:08:09 TASK [link.govway : Load GovWay_init.sql] ************************************** 10:08:10 changed: [127.0.0.1] 10:08:10 10:08:10 TASK [link.govway : Create tomcat configuration backup directory] ************** 10:08:10 changed: [127.0.0.1] 10:08:10 10:08:10 TASK [link.govway : Backup Govway data sources] ******************************** 10:08:11 changed: [127.0.0.1] => (item=govwayConsole.xml) 10:08:11 changed: [127.0.0.1] => (item=govwayMonitor.xml) 10:08:11 changed: [127.0.0.1] => (item=govway.xml) 10:08:11 changed: [127.0.0.1] => (item=govwayAPIConfig.xml) 10:08:11 changed: [127.0.0.1] => (item=govwayAPIMonitor.xml) 10:08:11 10:08:11 TASK [link.govway : Backup Govway war files] *********************************** 10:08:12 changed: [127.0.0.1] => (item=govwayConsole.war) 10:08:13 changed: [127.0.0.1] => (item=govwayMonitor.war) 10:08:15 changed: [127.0.0.1] => (item=govway.war) 10:08:15 changed: [127.0.0.1] => (item=govwayAPIConfig.war) 10:08:16 changed: [127.0.0.1] => (item=govwayAPIMonitor.war) 10:08:16 10:08:16 TASK [link.govway : Remove archive] ******************************************** 10:08:17 changed: [127.0.0.1] 10:08:17 10:08:17 TASK [link.govway : Remove archive unpackaged] ********************************* 10:08:17 changed: [127.0.0.1] 10:08:17 10:08:17 TASK [link.govway : Backup Govway Properties files] **************************** 10:08:17 changed: [127.0.0.1] => (item=console_local.properties) 10:08:18 changed: [127.0.0.1] => (item=consolePassword.properties) 10:08:18 changed: [127.0.0.1] => (item=govway.fileTrace.log4j2.properties) 10:08:18 changed: [127.0.0.1] => (item=govway.fileTrace.properties) 10:08:18 changed: [127.0.0.1] => (item=govway_local.jcs.properties) 10:08:18 changed: [127.0.0.1] => (item=govway_local.properties) 10:08:18 changed: [127.0.0.1] => (item=monitor_local.properties) 10:08:19 changed: [127.0.0.1] => (item=spcoop_local.properties) 10:08:19 changed: [127.0.0.1] => (item=modipa_local.properties) 10:08:19 changed: [127.0.0.1] => (item=rs-api-config_local.properties) 10:08:19 changed: [127.0.0.1] => (item=rs-api-monitor_local.properties) 10:08:19 changed: [127.0.0.1] => (item=govway.map.properties) 10:08:20 changed: [127.0.0.1] => (item=byok.properties) 10:08:20 changed: [127.0.0.1] => (item=govway.secrets.properties) 10:08:20 changed: [127.0.0.1] => (item=govway.nodirun.properties) 10:08:20 10:08:20 TASK [link.govway : Remove tools] ********************************************** 10:08:20 changed: [127.0.0.1] 10:08:20 10:08:20 TASK [link.govway : Deploy the Govway data sources] **************************** 10:08:20 ok: [127.0.0.1] => (item=govwayConsole.xml) 10:08:21 ok: [127.0.0.1] => (item=govwayMonitor.xml) 10:08:21 ok: [127.0.0.1] => (item=govway.xml) 10:08:21 ok: [127.0.0.1] => (item=govwayAPIConfig.xml) 10:08:21 ok: [127.0.0.1] => (item=govwayAPIMonitor.xml) 10:08:21 10:08:21 TASK [link.govway : Deploy the Govway war files] ******************************* 10:08:22 changed: [127.0.0.1] => (item=govwayConsole.war) 10:08:22 changed: [127.0.0.1] => (item=govwayMonitor.war) 10:08:23 changed: [127.0.0.1] => (item=govway.war) 10:08:24 changed: [127.0.0.1] => (item=govwayAPIConfig.war) 10:08:24 changed: [127.0.0.1] => (item=govwayAPIMonitor.war) 10:08:24 10:08:24 TASK [link.govway : Deploy the Properties files] ******************************* 10:08:25 ok: [127.0.0.1] => (item=console_local.properties) 10:08:25 ok: [127.0.0.1] => (item=consolePassword.properties) 10:08:25 ok: [127.0.0.1] => (item=govway.fileTrace.log4j2.properties) 10:08:25 ok: [127.0.0.1] => (item=govway.fileTrace.properties) 10:08:25 ok: [127.0.0.1] => (item=govway_local.jcs.properties) 10:08:26 ok: [127.0.0.1] => (item=govway_local.properties) 10:08:26 ok: [127.0.0.1] => (item=monitor_local.properties) 10:08:26 ok: [127.0.0.1] => (item=spcoop_local.properties) 10:08:26 ok: [127.0.0.1] => (item=modipa_local.properties) 10:08:26 ok: [127.0.0.1] => (item=rs-api-config_local.properties) 10:08:27 ok: [127.0.0.1] => (item=rs-api-monitor_local.properties) 10:08:27 ok: [127.0.0.1] => (item=govway.map.properties) 10:08:27 ok: [127.0.0.1] => (item=byok.properties) 10:08:27 ok: [127.0.0.1] => (item=govway.secrets.properties) 10:08:27 ok: [127.0.0.1] => (item=govway.nodirun.properties) 10:08:27 10:08:27 TASK [link.govway : Set Govway Console Name] *********************************** 10:08:28 ok: [127.0.0.1] 10:08:28 10:08:28 TASK [link.govway : Set Govway Monitor Name] *********************************** 10:08:28 ok: [127.0.0.1] 10:08:28 10:08:28 TASK [link.govway : Deploy the tools dir] ************************************** 10:08:32 changed: [127.0.0.1] => (item=govway-config-loader) 10:08:36 changed: [127.0.0.1] => (item=govway-vault-cli) 10:08:36 10:08:36 TASK [link.govway : Change tomcat files ownership "/opt/apache-tomcat-9.0.91"] *** 10:08:58 changed: [127.0.0.1] 10:08:58 10:08:58 TASK [link.govway : Change tomcat files ownership "/etc/govway"] *************** 10:08:58 changed: [127.0.0.1] 10:08:58 10:08:58 TASK [link.govway : Change tomcat files ownership "/var/log/govway"] *********** 10:08:59 changed: [127.0.0.1] 10:08:59 10:08:59 TASK [link.govway : Start Tomcat 8] ******************************************** 10:09:00 changed: [127.0.0.1] 10:09:00 10:09:00 PLAY RECAP ********************************************************************* 10:09:00 127.0.0.1 : ok=30 changed=22 unreachable=0 failed=0 10:09:00 10:09:00 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server terminato 10:09:00 10:09:00 Attendo che GovWay sia completamente riavviato (timeout 120sec) 10:09:00 . 10:09:01 . 10:09:02 . 10:10:25 . 10:10:26 . 10:10:27 . 10:10:28 . 10:10:29 . 10:10:30 . 10:10:31 . 10:10:32 . 10:10:33 GovWay è tornato operativo 10:10:33 [GovWay] $ /bin/bash /tmp/jenkins1995695049331792090.sh 10:10:33 10:10:33 ********************************************** 10:10:33 10:10:33 Verifica Accesso Console 10:10:33 10:10:35 Accesso GovWay : Login effettuato con successo 10:10:35 10:10:35 Autorizzazioni: OK 10:10:35 10:10:35 Verifica Session Fixation (CWE-384) 10:10:35 10:10:35 Primo cookie (pre-auth): JSESSIONID_GW_CONSOLE=6B1EAB043E21751EF84A8407FD21AD28 10:10:35 10:10:35 Secondo cookie (after login): JSESSIONID_GW_CONSOLE=464365F31D97B5B8B0CAE88B9B2C7945 10:10:35 Verifica cookie pre-autenticazione con cookie dopo autenticazione: OK sono diversi 10:10:35 Rilevata problema di accesso dopo login 10:10:35 Atteso: http://127.0.0.1:8080/govwayConsole/messagePage.do?mpText=Console+ripristinata+con+successo.&mpType=info-sintetico 10:10:35 Ricevuto: messagePage.do?mpText=Console+ripristinata+con+successo.&mpType=info-sintetico 10:10:35 10:10:35 ********************************************** 10:10:35 10:10:35 ********************************************** 10:10:35 10:10:35 Verifica Accesso Console Monitoraggio 10:10:35 10:10:40 Accesso GovWay : Login effettuato con successo 10:10:40 10:10:40 Autorizzazioni: OK 10:10:40 10:10:40 Verifica Session Fixation (CWE-384) 10:10:40 10:10:40 Primo cookie (pre-auth): JSESSIONID_GW_MONITOR=6DB0525FCA794CFE208CBF64CFBDAF69 10:10:40 10:10:40 Secondo cookie (after login): JSESSIONID_GW_MONITOR=AAEA75BAE73591FC522EFFE03681ABCD 10:10:40 Verifica cookie pre-autenticazione con cookie dopo autenticazione: OK sono diversi 10:10:42 Verifica accesso dopo login: OK 10:10:42 10:10:42 Terzo cookie: JSESSIONID_GW_MONITOR=7A113E4FBD45A86771AE75E257AFC221 10:10:42 Verifica cookie post-autenticazione1 con cookie dopo nuova autenticazione: OK sono diversi 10:10:44 Verifica accesso dopo login: OK 10:10:44 10:10:44 Verifica Logout Console 10:10:44 10:10:44 HTTP Status 302: OK 10:10:44 Location redirect a login.jsf: OK 10:10:44 Cookie prima del logout: 10:10:44 Cookie dopo il logout: JSESSIONID_GW_MONITOR=C28CCE0675075D3852390982CF2AA413 10:10:44 Verifica cookie post-autenticazione con cookie dopo logout: OK sono diversi 10:10:44 10:10:44 Verifica Brute Force - CWE-307 10:10:44 10:10:44 Test 1: Blocco dopo 4 tentativi falliti 10:10:44 Tentativo fallito 1/4... 10:10:44 Tentativo fallito 2/4... 10:10:44 Tentativo fallito 3/4... 10:10:44 Tentativo fallito 4/4... 10:10:44 Tentativo 5/5 con password corretta (dovrebbe essere bloccato)... 10:10:44 OK: Utenza correttamente bloccata dopo 4 tentativi falliti 10:10:44 Verifica che l'utenza rimanga bloccata... 10:10:44 OK: Utenza ancora bloccata 10:10:44 Attesa di 16 secondi per sblocco automatico... 10:11:00 Tentativo di login dopo attesa... 10:11:01 OK: Login riuscito dopo attesa di 16 secondi 10:11:01 10:11:01 Test 2: 3 tentativi falliti + 1 corretto (deve funzionare) 10:11:03 Tentativo fallito 1/3... 10:11:03 Tentativo fallito 2/3... 10:11:03 Tentativo fallito 3/3... 10:11:03 Tentativo 4/4 con password corretta (dovrebbe funzionare)... 10:11:03 OK: Login riuscito al 4° tentativo (dopo 3 falliti) 10:11:03 10:11:03 ********************************************** 10:11:03 [GovWay] $ /bin/bash /tmp/jenkins3885558253573088334.sh 10:11:03 10:11:03 ********************************************** 10:11:03 Verifica Stato API Configurazione 10:11:03 10:11:04 ERROR: il servizio non è partito correttamente 10:11:04 PS:0 10:11:04 PS2:0 10:11:04 % Total % Received % Xferd Average Speed Time Time Time Current 10:11:04 Dload Upload Total Spent Left Speed 10:11:04 10:11:04 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 10:11:04 100 455 100 455 0 0 1213 0 --:--:-- --:--:-- --:--:-- 1213 10:11:04 100 455 100 455 0 0 1213 0 --:--:-- --:--:-- --:--:-- 1210 10:11:04 <!doctype html><html lang="en"><head><title>HTTP Status 500 – Internal Server Error</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1></body></html> 10:11:04 10:11:04 RETURNCODE:500 10:11:04 10:11:04 ********************************************** 10:11:04 10:11:04 ********************************************** 10:11:04 Verifica Stato API Monitoraggio 10:11:04 10:11:04 ERROR: il servizio non è partito correttamente 10:11:04 PS:0 10:11:04 PS2:0 10:11:04 % Total % Received % Xferd Average Speed Time Time Time Current 10:11:04 Dload Upload Total Spent Left Speed 10:11:04 10:11:04 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 10:11:04 100 455 100 455 0 0 1374 0 --:--:-- --:--:-- --:--:-- 1378 10:11:04 <!doctype html><html lang="en"><head><title>HTTP Status 500 – Internal Server Error</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1></body></html> 10:11:04 10:11:04 RETURNCODE:500 10:11:04 10:11:04 ********************************************** 10:11:04 Build step 'Execute shell' marked build as failure 10:11:04 INFO: Processing JUnit 10:11:04 INFO: [JUnit] - 2 test report file(s) were found with the pattern 'tools/rs/*/server/testsuite/risultati-testsuite/TEST-*.xml' relative to '/var/lib/jenkins/workspace/GovWay' for the testing framework 'JUnit'. 10:11:04 ERROR: Step ‘Publish xUnit test result report’ failed: Test reports were found but not all of them are new. Did all the tests run? 10:11:05 * /var/lib/jenkins/workspace/GovWay/tools/rs/config/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.config.rs.testsuite.ApiConfigTestSuite.xml is 3 days 11 hr old 10:11:05 * /var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.monitor.rs.testsuite.ApiMonitorTestSuite.xml is 3 days 10 hr old 10:11:05 10:11:05 TestNG Reports Processing: START 10:11:05 Looking for TestNG results report in workspace using pattern: **/testng-results.xml 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 testng-results.xml was last modified before this build started. Ignoring it. 10:11:05 Saving reports... 10:11:05 Found matching files but did not find any TestNG results. 10:11:05 Collecting Dependency-Check artifact 10:11:06 Parsing file /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 10:11:06 [analysis] Skipping execution of recorder since overall result is 'FAILURE' Started calculate disk usage of build Finished Calculation of disk usage of build in 0 seconds Started calculate disk usage of workspace Finished Calculation of disk usage of workspace in 0 seconds Finished: FAILURE