15:44:45 Started by GitHub push by andreapoli 15:44:45 Running as SYSTEM 15:44:45 Building in workspace /var/lib/jenkins/workspace/GovWay 15:44:45 [WS-CLEANUP] Clean-up disabled, skipping workspace deletion. 15:44:45 The recommended git tool is: NONE 15:44:45 No credentials specified 15:44:45 > /usr/bin/git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/GovWay/.git # timeout=10 15:44:45 Fetching changes from the remote Git repository 15:44:45 > /usr/bin/git config remote.origin.url https://github.com/link-it/govway.git # timeout=10 15:44:45 Fetching upstream changes from https://github.com/link-it/govway.git 15:44:45 > /usr/bin/git --version # timeout=10 15:44:45 > git --version # 'git version 2.23.1' 15:44:45 > /usr/bin/git fetch --tags --force --progress -- https://github.com/link-it/govway.git +refs/heads/*:refs/remotes/origin/* # timeout=10 15:44:46 > /usr/bin/git rev-parse origin/master^{commit} # timeout=10 15:44:46 Checking out Revision 19bb6e60a832b3b4330c640e5d93e8acd8e2b1d8 (origin/master) 15:44:46 > /usr/bin/git config core.sparsecheckout # timeout=10 15:44:46 > /usr/bin/git checkout -f 19bb6e60a832b3b4330c640e5d93e8acd8e2b1d8 # timeout=10 15:44:46 Commit message: "[InstallerVersioneBinaria] Impostato valore di default per le nuove proprietà introdotte nel precedente commit" 15:44:46 > /usr/bin/git rev-list --no-walk a18de88c532b51b1bead69dada11048089de9d65 # timeout=10 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 15:44:46 [GovWay] $ /bin/bash /tmp/jenkins16563645437492642633.sh 15:44:46 ============================= 15:44:46 General Info 15:44:46 Workspace: /var/lib/jenkins/workspace/GovWay 15:44:46 Build: true 15:44:46 Deploy: true 15:44:46 Test: true 15:44:46 Test Integrazione: true 15:44:46 ============================= 15:44:46 15:44:46 ============================= 15:44:46 Environment Info 15:44:46 HOME: /var/lib/jenkins 15:44:46 ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 15:44:46 MAVEN_OPTS: 15:44:46 SOFTHSM2_CONF: /home/ec2-user/lib/softhsm/softhsm2.conf 15:44:46 SONAR_SCANNER_OPTS: 15:44:46 ============================= 15:44:46 15:44:46 ============================= 15:44:46 Java 15:44:46 openjdk version "11.0.12" 2021-07-20 15:44:46 OpenJDK Runtime Environment 18.9 (build 11.0.12+7) 15:44:46 OpenJDK 64-Bit Server VM 18.9 (build 11.0.12+7, mixed mode) 15:44:46 ============================= 15:44:46 15:44:46 ============================= 15:44:46 Git Info 15:44:46 Url: https://github.com/link-it/govway.git 15:44:46 branch: origin/master 15:44:46 commit: 19bb6e60a832b3b4330c640e5d93e8acd8e2b1d8 15:44:46 previuos commit: a18de88c532b51b1bead69dada11048089de9d65 15:44:46 previuos successful commit: c97f06351efc4bf140728e63505b47e5d0eed96b 15:44:46 commit message: [InstallerVersioneBinaria] 15:44:46 Impostato valore di default per le nuove proprietà introdotte nel precedente commit 15:44:46 ============================= 15:44:46 15:44:46 ============================= 15:44:46 NODEjs Info 15:44:46 v22.14.0 15:44:46 { 15:44:46 npm: '10.9.2', 15:44:46 node: '22.14.0', 15:44:46 acorn: '8.14.0', 15:44:46 ada: '2.9.2', 15:44:46 amaro: '0.3.0', 15:44:46 ares: '1.34.4', 15:44:46 brotli: '1.1.0', 15:44:46 cjs_module_lexer: '1.4.1', 15:44:46 cldr: '46.0', 15:44:46 icu: '76.1', 15:44:46 llhttp: '9.2.1', 15:44:46 modules: '127', 15:44:46 napi: '10', 15:44:46 nbytes: '0.1.1', 15:44:46 ncrypto: '0.0.1', 15:44:46 nghttp2: '1.64.0', 15:44:46 nghttp3: '1.6.0', 15:44:46 ngtcp2: '1.10.0', 15:44:46 openssl: '3.0.15+quic', 15:44:46 simdjson: '3.10.1', 15:44:46 simdutf: '6.0.3', 15:44:46 sqlite: '3.47.2', 15:44:46 tz: '2024b', 15:44:46 undici: '6.21.1', 15:44:46 unicode: '16.0', 15:44:46 uv: '1.49.2', 15:44:46 uvwasi: '0.0.21', 15:44:46 v8: '12.4.254.21-node.22', 15:44:46 zlib: '1.3.0.1-motley-82a5fec' 15:44:46 } 15:44:46 ============================= 15:44:46 15:44:46 ============================= 15:44:46 OWASP ZAP Info 'ZAP_2.16.0' 15:44:46 Associo diritti di esecuzione agli script zap ... 15:44:46 Associati diritti di esecuzione agli script zap 15:44:46 Update ... 15:44:46 Execute: /opt/openjdk-17.0.14+7/bin/java -classpath /opt/zaproxy/ZAP_2.16.0/*:/opt/zaproxy/ZAP_2.16.0/lib/* org.zaproxy.zap.ZAP -cmd -addonupdate -port 8280 -host 127.0.0.1 15:44:47 Defaulting ZAP install dir to /opt/zaproxy/ZAP_2.16.0 15:44:55 Add-on update check complete 15:45:01 Update effettuato 15:45:01 ============================= 15:45:01 15:45:01 15:45:01 15:45:01 Fermo application server ... 15:45:01 Stoping Tomcat 15:45:01 NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED 15:45:02 Pid Tomcat: 23511 15:45:02 15:45:03 waiting for processes to exit 15:45:04 waiting for processes to exit 15:45:05 waiting for processes to exit 15:45:06 waiting for processes to exit 15:45:07 waiting for processes to exit 15:45:08 waiting for processes to exitFermo application server effettuato 15:45:08 Ripulisco log application server ... 15:45:09 Ripulisco log application server effettuato 15:45:09 Predispongo dir testsuite ... 15:45:09 Predispongo dir testsuite ok 15:45:09 Ripulisco output jacoco ... 15:45:09 Ripulisco output jacoco effettuato 15:45:09 Fermo sonarqube ... 15:45:09 15:45:09 Gracefully stopping SonarQube... 15:45:09 SonarQube was not running. 15:45:09 Fermo sonarqube effettuato 15:45:09 Verifico che il workspace non esista ... 15:45:09 Non e' stata rilevata una corretta re-inizializzazione del Workspace 15:45:09 [Boolean condition] checking [true] against [^(1|y|yes|t|true|on|run)$] (origin token: ${GOVWAY_BUILD}) 15:45:09 Run condition [Boolean condition] enabling perform for step [BuilderChain] 15:45:09 [GovWay] $ /bin/sh -xe /tmp/jenkins8702997880148053727.sh 15:45:09 + perl -pi -e s/log4bash.appender=ColorConsoleAppender/log4bash.appender=ConsoleAppender/g /var/lib/jenkins/workspace/GovWay/distrib/log4bash.properties 15:45:09 + sed -i -e 's#<module>swagger-codegen</module>#<!-- <module>swagger-codegen</module> -->#g' /var/lib/jenkins/workspace/GovWay/mvn/dependencies/pom.xml 15:45:09 + sed -i -e s#UPDATE_DOC=true#UPDATE_DOC=false#g /var/lib/jenkins/workspace/GovWay/distrib/distrib.sh 15:45:09 + sed -i -e s#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver,db2#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver#g /var/lib/jenkins/workspace/GovWay/ant/setup/prepare-build.properties 15:45:09 + sed -i -e 's#<dependencies.soapbox>false</dependencies.soapbox>#<dependencies.soapbox>true</dependencies.soapbox>#g' /var/lib/jenkins/workspace/GovWay/pom.xml 15:45:09 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Ddependencies.soapbox=true initialize 15:45:11 [INFO] Scanning for projects... 15:45:11 [INFO] ------------------------------------------------------------------------ 15:45:11 [INFO] Reactor Build Order: 15:45:11 [INFO] 15:45:11 [INFO] govway [pom] 15:45:11 [INFO] dependencies [pom] 15:45:11 [INFO] dependencies.ant [pom] 15:45:11 [INFO] dependencies.antinstaller [pom] 15:45:11 [INFO] dependencies.axiom [pom] 15:45:11 [INFO] dependencies.bean-validation [pom] 15:45:11 [INFO] dependencies.cxf [pom] 15:45:11 [INFO] dependencies.commons [pom] 15:45:11 [INFO] dependencies.faces [pom] 15:45:11 [INFO] dependencies.git [pom] 15:45:11 [INFO] dependencies.httpcore [pom] 15:45:11 [INFO] dependencies.jackson [pom] 15:45:11 [INFO] dependencies.javax [pom] 15:45:11 [INFO] dependencies.jax [pom] 15:45:11 [INFO] dependencies.jetty [pom] 15:45:11 [INFO] dependencies.jminix [pom] 15:45:11 [INFO] dependencies.json [pom] 15:45:11 [INFO] dependencies.log [pom] 15:45:11 [INFO] dependencies.lucene [pom] 15:45:11 [INFO] dependencies.openapi4j [pom] 15:45:11 [INFO] dependencies.opensaml [pom] 15:45:11 [INFO] dependencies.pdf [pom] 15:45:11 [INFO] dependencies.redis [pom] 15:45:11 [INFO] dependencies.reports [pom] 15:45:11 [INFO] dependencies.saaj [pom] 15:45:11 [INFO] dependencies.security [pom] 15:45:11 [INFO] dependencies.shared [pom] 15:45:11 [INFO] dependencies.spring [pom] 15:45:11 [INFO] dependencies.spring-ldap [pom] 15:45:11 [INFO] dependencies.spring-security [pom] 15:45:11 [INFO] dependencies.swagger [pom] 15:45:11 [INFO] dependencies.wadl [pom] 15:45:11 [INFO] dependencies.wss4j [pom] 15:45:11 [INFO] dependencies.testsuite [pom] 15:45:11 [INFO] dependencies.testsuite.axis14 [pom] 15:45:11 [INFO] dependencies.testsuite.as [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly9 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly10 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly11 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly12 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly13 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly14 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly15 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly16 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly17 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly18 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly19 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly20 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly21 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly22 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly23 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly24 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly25 [pom] 15:45:11 [INFO] dependencies.testsuite.as.wildfly26 [pom] 15:45:11 [INFO] dependencies.testsuite.as.tomcat9 [pom] 15:45:11 [INFO] dependencies.testsuite.test [pom] 15:45:11 [INFO] dependencies.testsuite.staticAnalysis [pom] 15:45:11 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 15:45:11 [INFO] dependencies.testsuite.coverage [pom] 15:45:11 [INFO] dependencies.soapbox [pom] 15:45:11 [INFO] compile [pom] 15:45:11 [INFO] package [pom] 15:45:11 [INFO] testsuite.utils [pom] 15:45:11 [INFO] testsuite.utils.sql [pom] 15:45:11 [INFO] testsuite.pdd.core [pom] 15:45:11 [INFO] testsuite.pdd.core.sql [pom] 15:45:11 [INFO] static_analysis.spotbugs [pom] 15:45:11 [INFO] static_analysis.sonarqube [pom] 15:45:11 [INFO] dynamic_analysis.zap [pom] 15:45:11 [INFO] coverage.jacoco [pom] 15:45:11 [INFO] 15:45:11 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 15:45:11 [INFO] Building govway 1.0 [1/70] 15:45:11 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:11 [INFO] 15:45:11 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 15:45:11 [INFO] Building dependencies 1.0 [2/70] 15:45:11 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:11 [INFO] 15:45:11 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 15:45:11 [INFO] Building dependencies.ant 1.0 [3/70] 15:45:11 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:11 [INFO] 15:45:11 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 15:45:11 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 15:45:11 [INFO] 15:45:11 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 15:45:12 [INFO] 15:45:12 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 15:45:12 [INFO] Building dependencies.antinstaller 1.0 [4/70] 15:45:12 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:12 [INFO] 15:45:12 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 15:45:12 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 15:45:12 [INFO] 15:45:12 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 15:45:12 [INFO] 15:45:12 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 15:45:12 [INFO] Building dependencies.axiom 1.0 [5/70] 15:45:12 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:13 [INFO] 15:45:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 15:45:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 15:45:13 [INFO] 15:45:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 15:45:13 [INFO] 15:45:13 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 15:45:13 [INFO] Executing tasks 15:45:13 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 15:45:13 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 15:45:13 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 15:45:13 [INFO] Executed tasks 15:45:13 [INFO] 15:45:13 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 15:45:13 [INFO] Building dependencies.bean-validation 1.0 [6/70] 15:45:13 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:13 [INFO] 15:45:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 15:45:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 15:45:13 [INFO] 15:45:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 15:45:13 [INFO] 15:45:13 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 15:45:13 [INFO] Building dependencies.cxf 1.0 [7/70] 15:45:13 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:13 [INFO] 15:45:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 15:45:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 15:45:13 [INFO] 15:45:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 15:45:13 [INFO] 15:45:13 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 15:45:13 [INFO] Executing tasks 15:45:13 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 15:45:13 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 15:45:13 [INFO] Executed tasks 15:45:13 [INFO] 15:45:13 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 15:45:13 [INFO] Building dependencies.commons 1.0 [8/70] 15:45:13 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 15:45:14 [INFO] 15:45:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 15:45:14 [INFO] Building dependencies.faces 1.0 [9/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 15:45:14 [INFO] 15:45:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 15:45:14 [INFO] Building dependencies.git 1.0 [10/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 15:45:14 [INFO] 15:45:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 15:45:14 [INFO] Building dependencies.httpcore 1.0 [11/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 15:45:14 [INFO] Executing tasks 15:45:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 15:45:14 [INFO] Executed tasks 15:45:14 [INFO] 15:45:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 15:45:14 [INFO] Building dependencies.jackson 1.0 [12/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 15:45:14 [INFO] 15:45:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 15:45:14 [INFO] Building dependencies.javax 1.0 [13/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 15:45:14 [INFO] 15:45:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 15:45:14 [INFO] Building dependencies.jax 1.0 [14/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 15:45:14 [INFO] 15:45:14 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 15:45:14 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 15:45:14 [INFO] 15:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 15:45:14 [INFO] Executing tasks 15:45:14 [INFO] Executed tasks 15:45:14 [INFO] 15:45:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 15:45:14 [INFO] Building dependencies.jetty 1.0 [15/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 15:45:14 [INFO] 15:45:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 15:45:14 [INFO] Building dependencies.jminix 1.0 [16/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 15:45:14 [INFO] Executing tasks 15:45:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 15:45:14 [INFO] Executed tasks 15:45:14 [INFO] 15:45:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 15:45:14 [INFO] Building dependencies.json 1.0 [17/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 15:45:14 [INFO] Executing tasks 15:45:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 15:45:14 [INFO] Executed tasks 15:45:14 [INFO] 15:45:14 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 15:45:14 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 15:45:14 [INFO] 15:45:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 15:45:14 [INFO] Building dependencies.log 1.0 [18/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 15:45:14 [INFO] Executing tasks 15:45:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 15:45:14 [INFO] Executed tasks 15:45:14 [INFO] 15:45:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 15:45:14 [INFO] Building dependencies.lucene 1.0 [19/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 15:45:14 [INFO] 15:45:14 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 15:45:14 [INFO] Building dependencies.openapi4j 1.0 [20/70] 15:45:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 15:45:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 15:45:14 [INFO] 15:45:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 15:45:14 [INFO] 15:45:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 15:45:15 [INFO] Building dependencies.opensaml 1.0 [21/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 15:45:15 [INFO] 15:45:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 15:45:15 [INFO] Building dependencies.pdf 1.0 [22/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 15:45:15 [INFO] 15:45:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 15:45:15 [INFO] Building dependencies.redis 1.0 [23/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 15:45:15 [INFO] 15:45:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 15:45:15 [INFO] Building dependencies.reports 1.0 [24/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 15:45:15 [INFO] 15:45:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 15:45:15 [INFO] Building dependencies.saaj 1.0 [25/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 15:45:15 [INFO] Building dependencies.security 1.0 [26/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 15:45:15 [INFO] Building dependencies.shared 1.0 [27/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 15:45:15 [INFO] Building dependencies.spring 1.0 [28/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 15:45:15 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 15:45:15 [INFO] 15:45:15 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 15:45:15 [INFO] Building dependencies.spring-security 1.0 [30/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 15:45:15 [INFO] Building dependencies.swagger 1.0 [31/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 15:45:15 [INFO] Building dependencies.wadl 1.0 [32/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 15:45:15 [INFO] 15:45:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 15:45:15 [INFO] Building dependencies.wss4j 1.0 [33/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 15:45:15 [INFO] Building dependencies.testsuite 1.0 [34/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 15:45:15 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 15:45:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 15:45:15 [INFO] Executing tasks 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 15:45:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 15:45:15 [INFO] Executed tasks 15:45:15 [INFO] 15:45:15 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 15:45:15 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 15:45:15 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:45:15 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 15:45:15 [INFO] 15:45:15 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 15:45:15 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:45:15 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 15:45:15 [INFO] 15:45:15 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 15:45:15 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 15:45:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:15 [INFO] 15:45:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 15:45:16 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 15:45:16 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:45:16 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 15:45:16 [INFO] 15:45:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 15:45:16 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:45:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:45:16 [INFO] 15:45:16 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 15:45:16 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 15:45:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 15:45:16 [INFO] Executing tasks 15:45:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 15:45:16 [INFO] Executed tasks 15:45:16 [INFO] 15:45:16 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 15:45:16 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 15:45:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 15:45:16 [INFO] 15:45:16 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 15:45:16 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:45:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:45:16 [INFO] 15:45:16 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 15:45:16 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 15:45:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 15:45:16 [INFO] 15:45:16 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 15:45:16 [INFO] Building dependencies.soapbox 1.0 [60/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 15:45:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 15:45:16 [INFO] 15:45:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 15:45:16 [INFO] 15:45:16 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 15:45:16 [INFO] Building compile 1.0 [61/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 15:45:16 [INFO] Building package 1.0 [62/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 15:45:16 [INFO] Building testsuite.utils 1.0 [63/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 15:45:16 [INFO] Building testsuite.utils.sql 1.0 [64/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 15:45:16 [INFO] Building testsuite.pdd.core 1.0 [65/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 15:45:16 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 15:45:16 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 15:45:16 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 15:45:16 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] 15:45:16 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 15:45:16 [INFO] Building coverage.jacoco 1.0 [70/70] 15:45:16 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:16 [INFO] ------------------------------------------------------------------------ 15:45:16 [INFO] Reactor Summary for govway 1.0: 15:45:16 [INFO] 15:45:16 [INFO] govway ............................................. SUCCESS [ 0.005 s] 15:45:16 [INFO] dependencies ....................................... SUCCESS [ 0.001 s] 15:45:16 [INFO] dependencies.ant ................................... SUCCESS [ 1.287 s] 15:45:16 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.038 s] 15:45:16 [INFO] dependencies.axiom ................................. SUCCESS [ 0.578 s] 15:45:16 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.056 s] 15:45:16 [INFO] dependencies.cxf ................................... SUCCESS [ 0.357 s] 15:45:16 [INFO] dependencies.commons ............................... SUCCESS [ 0.134 s] 15:45:16 [INFO] dependencies.faces ................................. SUCCESS [ 0.052 s] 15:45:16 [INFO] dependencies.git ................................... SUCCESS [ 0.017 s] 15:45:16 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.112 s] 15:45:16 [INFO] dependencies.jackson ............................... SUCCESS [ 0.059 s] 15:45:16 [INFO] dependencies.javax ................................. SUCCESS [ 0.043 s] 15:45:16 [INFO] dependencies.jax ................................... SUCCESS [ 0.181 s] 15:45:16 [INFO] dependencies.jetty ................................. SUCCESS [ 0.041 s] 15:45:16 [INFO] dependencies.jminix ................................ SUCCESS [ 0.070 s] 15:45:16 [INFO] dependencies.json .................................. SUCCESS [ 0.094 s] 15:45:16 [INFO] dependencies.log ................................... SUCCESS [ 0.142 s] 15:45:16 [INFO] dependencies.lucene ................................ SUCCESS [ 0.018 s] 15:45:16 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.068 s] 15:45:16 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.062 s] 15:45:16 [INFO] dependencies.pdf ................................... SUCCESS [ 0.026 s] 15:45:16 [INFO] dependencies.redis ................................. SUCCESS [ 0.060 s] 15:45:16 [INFO] dependencies.reports ............................... SUCCESS [ 0.045 s] 15:45:16 [INFO] dependencies.saaj .................................. SUCCESS [ 0.063 s] 15:45:16 [INFO] dependencies.security .............................. SUCCESS [ 0.084 s] 15:45:16 [INFO] dependencies.shared ................................ SUCCESS [ 0.203 s] 15:45:16 [INFO] dependencies.spring ................................ SUCCESS [ 0.083 s] 15:45:16 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 15:45:16 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.055 s] 15:45:16 [INFO] dependencies.swagger ............................... SUCCESS [ 0.089 s] 15:45:16 [INFO] dependencies.wadl .................................. SUCCESS [ 0.011 s] 15:45:16 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.068 s] 15:45:16 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 15:45:16 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.058 s] 15:45:16 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.025 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.027 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.028 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.024 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.023 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.027 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.027 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.025 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.029 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.030 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.030 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.030 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.081 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.031 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.018 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.018 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.019 s] 15:45:16 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.019 s] 15:45:16 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.008 s] 15:45:16 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.083 s] 15:45:16 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.009 s] 15:45:16 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.006 s] 15:45:16 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.014 s] 15:45:16 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.011 s] 15:45:16 [INFO] compile ............................................ SUCCESS [ 0.001 s] 15:45:16 [INFO] package ............................................ SUCCESS [ 0.000 s] 15:45:16 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 15:45:16 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 15:45:16 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 15:45:16 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 15:45:16 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 15:45:16 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 15:45:16 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 15:45:16 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 15:45:16 [INFO] ------------------------------------------------------------------------ 15:45:16 [INFO] BUILD SUCCESS 15:45:16 [INFO] ------------------------------------------------------------------------ 15:45:16 [INFO] Total time: 5.561 s 15:45:16 [INFO] Finished at: 2025-12-06T15:45:16+01:00 15:45:16 [INFO] ------------------------------------------------------------------------ 15:45:16 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dowasp.plugin.autoUpdate=true -Dpackage=none -DossIndexUsername=andrea.poli@link.it -Dcompile=none -Dowasp=verify -Dtestsuite=none -DossIndexPassword=6b31d4937d57ec65ccb3aed4ff8461107c8eeb5a -DnvdApiKey=f8281fbf-3d81-4e4a-9f03-ab68856b336d -Dowasp.plugin.failBuildOnAnyVulnerability=false verify 15:45:18 [INFO] Scanning for projects... 15:45:18 [INFO] ------------------------------------------------------------------------ 15:45:18 [INFO] Reactor Build Order: 15:45:18 [INFO] 15:45:18 [INFO] govway [pom] 15:45:18 [INFO] dependencies [pom] 15:45:18 [INFO] dependencies.ant [pom] 15:45:18 [INFO] dependencies.antinstaller [pom] 15:45:18 [INFO] dependencies.axiom [pom] 15:45:18 [INFO] dependencies.bean-validation [pom] 15:45:18 [INFO] dependencies.cxf [pom] 15:45:18 [INFO] dependencies.commons [pom] 15:45:18 [INFO] dependencies.faces [pom] 15:45:18 [INFO] dependencies.git [pom] 15:45:18 [INFO] dependencies.httpcore [pom] 15:45:18 [INFO] dependencies.jackson [pom] 15:45:18 [INFO] dependencies.javax [pom] 15:45:18 [INFO] dependencies.jax [pom] 15:45:18 [INFO] dependencies.jetty [pom] 15:45:18 [INFO] dependencies.jminix [pom] 15:45:18 [INFO] dependencies.json [pom] 15:45:18 [INFO] dependencies.log [pom] 15:45:18 [INFO] dependencies.lucene [pom] 15:45:18 [INFO] dependencies.openapi4j [pom] 15:45:18 [INFO] dependencies.opensaml [pom] 15:45:18 [INFO] dependencies.pdf [pom] 15:45:18 [INFO] dependencies.redis [pom] 15:45:18 [INFO] dependencies.reports [pom] 15:45:18 [INFO] dependencies.saaj [pom] 15:45:18 [INFO] dependencies.security [pom] 15:45:18 [INFO] dependencies.shared [pom] 15:45:18 [INFO] dependencies.spring [pom] 15:45:18 [INFO] dependencies.spring-ldap [pom] 15:45:18 [INFO] dependencies.spring-security [pom] 15:45:18 [INFO] dependencies.swagger [pom] 15:45:18 [INFO] dependencies.wadl [pom] 15:45:18 [INFO] dependencies.wss4j [pom] 15:45:18 [INFO] dependencies.testsuite [pom] 15:45:18 [INFO] dependencies.testsuite.axis14 [pom] 15:45:18 [INFO] dependencies.testsuite.as [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly9 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly10 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly11 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly12 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly13 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly14 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly15 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly16 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly17 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly18 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly19 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly20 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly21 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly22 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly23 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly24 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly25 [pom] 15:45:18 [INFO] dependencies.testsuite.as.wildfly26 [pom] 15:45:18 [INFO] dependencies.testsuite.as.tomcat9 [pom] 15:45:18 [INFO] dependencies.testsuite.test [pom] 15:45:18 [INFO] dependencies.testsuite.staticAnalysis [pom] 15:45:18 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 15:45:18 [INFO] dependencies.testsuite.coverage [pom] 15:45:18 [INFO] compile [pom] 15:45:18 [INFO] package [pom] 15:45:18 [INFO] testsuite.utils [pom] 15:45:18 [INFO] testsuite.utils.sql [pom] 15:45:18 [INFO] testsuite.pdd.core [pom] 15:45:18 [INFO] testsuite.pdd.core.sql [pom] 15:45:18 [INFO] static_analysis.spotbugs [pom] 15:45:18 [INFO] static_analysis.sonarqube [pom] 15:45:18 [INFO] dynamic_analysis.zap [pom] 15:45:18 [INFO] coverage.jacoco [pom] 15:45:18 [INFO] 15:45:18 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 15:45:18 [INFO] Building govway 1.0 [1/69] 15:45:18 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:18 [INFO] 15:45:18 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 15:45:18 [INFO] Building dependencies 1.0 [2/69] 15:45:18 [INFO] --------------------------------[ pom ]--------------------------------- 15:45:19 [INFO] 15:45:19 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.dependencies --- 15:45:19 [INFO] Executing tasks 15:45:24 [INFO] Executed tasks 15:45:26 [INFO] 15:45:26 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.dependencies --- 15:45:31 [INFO] Checking for updates 15:45:32 [WARNING] NVD API request failures are occurring; retrying request for the 1st time 15:45:32 [INFO] NVD API has 9 records in this update 15:45:32 [INFO] Downloaded 9/9 (100%) 15:45:32 [INFO] Completed processing batch 1/1 (100%) in 178ms 15:45:33 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:45:33 [INFO] Begin database defrag 15:45:43 [INFO] End database defrag (10647 ms) 15:45:43 [INFO] Check for updates complete (12716 ms) 15:45:44 [INFO] 15:45:44 15:45:44 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:45:44 15:45:44 15:45:44 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:45:44 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:45:44 15:45:44 💖 Sponsor: https://github.com/sponsors/jeremylong 15:45:44 15:45:44 15:45:44 [INFO] Analysis Started 15:45:47 [INFO] Finished Archive Analyzer (3 seconds) 15:45:47 [INFO] Finished File Name Analyzer (0 seconds) 15:45:50 [INFO] Finished Jar Analyzer (2 seconds) 15:45:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:45:51 [INFO] Finished Hint Analyzer (0 seconds) 15:45:51 [INFO] Finished Version Filter Analyzer (0 seconds) 15:45:55 [INFO] Created CPE Index (4 seconds) 15:46:04 [INFO] Finished CPE Analyzer (13 seconds) 15:46:04 [INFO] Finished False Positive Analyzer (0 seconds) 15:46:04 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:46:23 [INFO] Finished RetireJS Analyzer (18 seconds) 15:46:24 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:46:24 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:46:24 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:46:25 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:46:25 15:46:25 15:46:25 ## Recommendation 15:46:25 15:46:25 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:46:25 15:46:25 The following template can be used to demonstrate the vulnerability: 15:46:25 ```{{#with "constructor"}} 15:46:25 {{#with split as |a|}} 15:46:25 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:46:25 {{#with (concat (lookup join (slice 0 1)))}} 15:46:25 {{#each (slice 2 3)}} 15:46:25 {{#with (apply 0 a)}} 15:46:25 {{.}} 15:46:25 {{/with}} 15:46:25 {{/each}} 15:46:25 {{/with}} 15:46:25 {{/with}} 15:46:25 {{/with}}``` 15:46:25 15:46:25 15:46:25 ## Recommendation 15:46:25 15:46:25 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:25 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:46:25 [INFO] Analysis Complete (41 seconds) 15:46:25 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 15:46:27 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.html 15:46:27 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.json 15:46:28 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.csv 15:46:28 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.sarif 15:46:28 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-jenkins.html 15:46:28 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-junit.xml 15:46:28 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-gitlab.json 15:46:28 [WARNING] 15:46:28 15:46:28 One or more dependencies were identified with known vulnerabilities in dependencies: 15:46:28 15:46:28 commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 15:46:28 rhino-1.7.14.jar (pkg:maven/org.mozilla/rhino@1.7.14) : CVE-2025-66453 15:46:28 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 15:46:28 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:web_project:web:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 15:46:28 15:46:28 15:46:28 See the dependency-check report for more details. 15:46:28 15:46:28 15:46:28 [INFO] 15:46:28 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 15:46:28 [INFO] Building dependencies.ant 1.0 [3/69] 15:46:28 [INFO] --------------------------------[ pom ]--------------------------------- 15:46:29 [INFO] 15:46:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 15:46:29 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 15:46:29 [INFO] 15:46:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 15:46:29 [INFO] 15:46:29 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.ant --- 15:46:29 [INFO] Executing tasks 15:46:34 [INFO] Executed tasks 15:46:34 [INFO] 15:46:34 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.ant --- 15:46:34 [INFO] Checking for updates 15:46:34 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:46:35 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:46:35 [INFO] Check for updates complete (85 ms) 15:46:35 [INFO] 15:46:35 15:46:35 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:46:35 15:46:35 15:46:35 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:46:35 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:46:35 15:46:35 💖 Sponsor: https://github.com/sponsors/jeremylong 15:46:35 15:46:35 15:46:35 [INFO] Analysis Started 15:46:35 [INFO] Finished Archive Analyzer (0 seconds) 15:46:35 [INFO] Finished File Name Analyzer (0 seconds) 15:46:35 [INFO] Finished Jar Analyzer (0 seconds) 15:46:35 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:46:35 [INFO] Finished Hint Analyzer (0 seconds) 15:46:35 [INFO] Finished Version Filter Analyzer (0 seconds) 15:46:37 [INFO] Created CPE Index (2 seconds) 15:46:37 [INFO] Finished CPE Analyzer (2 seconds) 15:46:37 [INFO] Finished False Positive Analyzer (0 seconds) 15:46:37 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:46:37 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:46:37 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:46:37 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:46:37 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:46:37 15:46:37 15:46:37 ## Recommendation 15:46:37 15:46:37 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:46:37 15:46:37 The following template can be used to demonstrate the vulnerability: 15:46:37 ```{{#with "constructor"}} 15:46:37 {{#with split as |a|}} 15:46:37 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:46:37 {{#with (concat (lookup join (slice 0 1)))}} 15:46:37 {{#each (slice 2 3)}} 15:46:37 {{#with (apply 0 a)}} 15:46:37 {{.}} 15:46:37 {{/with}} 15:46:37 {{/each}} 15:46:37 {{/with}} 15:46:37 {{/with}} 15:46:37 {{/with}}``` 15:46:37 15:46:37 15:46:37 ## Recommendation 15:46:37 15:46:37 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:46:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:46:37 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:46:37 [INFO] Analysis Complete (2 seconds) 15:46:37 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:46:37 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:46:38 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:46:38 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:46:38 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:46:38 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:46:38 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:46:38 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:46:38 [INFO] 15:46:38 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 15:46:38 [INFO] Building dependencies.antinstaller 1.0 [4/69] 15:46:38 [INFO] --------------------------------[ pom ]--------------------------------- 15:46:38 [INFO] 15:46:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 15:46:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 15:46:38 [INFO] 15:46:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 15:46:38 [INFO] 15:46:38 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.antinstaller --- 15:46:38 [INFO] Executing tasks 15:46:43 [INFO] Executed tasks 15:46:43 [INFO] 15:46:43 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.antinstaller --- 15:46:43 [INFO] Checking for updates 15:46:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:46:43 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:46:43 [INFO] Check for updates complete (75 ms) 15:46:43 [INFO] 15:46:43 15:46:43 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:46:43 15:46:43 15:46:43 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:46:43 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:46:43 15:46:43 💖 Sponsor: https://github.com/sponsors/jeremylong 15:46:43 15:46:43 15:46:43 [INFO] Analysis Started 15:46:43 [INFO] Finished Archive Analyzer (0 seconds) 15:46:43 [INFO] Finished File Name Analyzer (0 seconds) 15:46:43 [INFO] Finished Jar Analyzer (0 seconds) 15:46:43 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:46:43 [INFO] Finished Hint Analyzer (0 seconds) 15:46:43 [INFO] Finished Version Filter Analyzer (0 seconds) 15:46:45 [INFO] Created CPE Index (1 seconds) 15:46:45 [INFO] Finished CPE Analyzer (1 seconds) 15:46:45 [INFO] Finished False Positive Analyzer (0 seconds) 15:46:45 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:46:45 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:46:45 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:46:45 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:46:45 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:46:45 15:46:45 15:46:45 ## Recommendation 15:46:45 15:46:45 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:46:45 15:46:45 The following template can be used to demonstrate the vulnerability: 15:46:45 ```{{#with "constructor"}} 15:46:45 {{#with split as |a|}} 15:46:45 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:46:45 {{#with (concat (lookup join (slice 0 1)))}} 15:46:45 {{#each (slice 2 3)}} 15:46:45 {{#with (apply 0 a)}} 15:46:45 {{.}} 15:46:45 {{/with}} 15:46:45 {{/each}} 15:46:45 {{/with}} 15:46:45 {{/with}} 15:46:45 {{/with}}``` 15:46:45 15:46:45 15:46:45 ## Recommendation 15:46:45 15:46:45 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:46:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:46:45 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:46:45 [INFO] Analysis Complete (2 seconds) 15:46:45 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:46:45 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:46:45 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:46:45 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:46:45 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:46:45 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:46:45 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:46:45 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:46:46 [INFO] 15:46:46 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 15:46:46 [INFO] Building dependencies.axiom 1.0 [5/69] 15:46:46 [INFO] --------------------------------[ pom ]--------------------------------- 15:46:46 [INFO] 15:46:46 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 15:46:46 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 15:46:46 [INFO] 15:46:46 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 15:46:46 [INFO] 15:46:46 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 15:46:46 [INFO] Executing tasks 15:46:46 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 15:46:46 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 15:46:46 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 15:46:46 [INFO] Executed tasks 15:46:46 [INFO] 15:46:46 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.axiom --- 15:46:46 [INFO] Executing tasks 15:46:51 [INFO] Executed tasks 15:46:51 [INFO] 15:46:51 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.axiom --- 15:46:51 [INFO] Checking for updates 15:46:51 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:46:51 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:46:51 [INFO] Check for updates complete (184 ms) 15:46:51 [INFO] 15:46:51 15:46:51 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:46:51 15:46:51 15:46:51 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:46:51 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:46:51 15:46:51 💖 Sponsor: https://github.com/sponsors/jeremylong 15:46:51 15:46:51 15:46:51 [INFO] Analysis Started 15:46:51 [INFO] Finished Archive Analyzer (0 seconds) 15:46:51 [INFO] Finished File Name Analyzer (0 seconds) 15:46:51 [INFO] Finished Jar Analyzer (0 seconds) 15:46:51 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:46:51 [INFO] Finished Hint Analyzer (0 seconds) 15:46:51 [INFO] Finished Version Filter Analyzer (0 seconds) 15:46:53 [INFO] Created CPE Index (1 seconds) 15:46:53 [INFO] Finished CPE Analyzer (2 seconds) 15:46:53 [INFO] Finished False Positive Analyzer (0 seconds) 15:46:53 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:46:53 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:46:53 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:46:53 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:46:53 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:46:53 15:46:53 15:46:53 ## Recommendation 15:46:53 15:46:53 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:46:53 15:46:53 The following template can be used to demonstrate the vulnerability: 15:46:53 ```{{#with "constructor"}} 15:46:53 {{#with split as |a|}} 15:46:53 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:46:53 {{#with (concat (lookup join (slice 0 1)))}} 15:46:53 {{#each (slice 2 3)}} 15:46:53 {{#with (apply 0 a)}} 15:46:53 {{.}} 15:46:53 {{/with}} 15:46:53 {{/each}} 15:46:53 {{/with}} 15:46:53 {{/with}} 15:46:53 {{/with}}``` 15:46:53 15:46:53 15:46:53 ## Recommendation 15:46:53 15:46:53 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:46:53 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:46:53 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:46:53 [INFO] Analysis Complete (2 seconds) 15:46:53 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:46:53 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:46:53 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:46:53 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:46:53 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:46:53 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:46:53 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:46:53 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:46:54 [INFO] 15:46:54 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 15:46:54 [INFO] Building dependencies.bean-validation 1.0 [6/69] 15:46:54 [INFO] --------------------------------[ pom ]--------------------------------- 15:46:54 [INFO] 15:46:54 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 15:46:54 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 15:46:54 [INFO] 15:46:54 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 15:46:54 [INFO] 15:46:54 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.bean-validation --- 15:46:54 [INFO] Executing tasks 15:46:59 [INFO] Executed tasks 15:46:59 [INFO] 15:46:59 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.bean-validation --- 15:46:59 [INFO] Checking for updates 15:46:59 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:46:59 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:46:59 [INFO] Check for updates complete (74 ms) 15:46:59 [INFO] 15:46:59 15:46:59 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:46:59 15:46:59 15:46:59 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:46:59 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:46:59 15:46:59 💖 Sponsor: https://github.com/sponsors/jeremylong 15:46:59 15:46:59 15:46:59 [INFO] Analysis Started 15:46:59 [INFO] Finished Archive Analyzer (0 seconds) 15:46:59 [INFO] Finished File Name Analyzer (0 seconds) 15:46:59 [INFO] Finished Jar Analyzer (0 seconds) 15:46:59 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:46:59 [INFO] Finished Hint Analyzer (0 seconds) 15:46:59 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:01 [INFO] Created CPE Index (1 seconds) 15:47:01 [INFO] Finished CPE Analyzer (1 seconds) 15:47:01 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:01 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:01 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:01 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:01 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:01 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:01 15:47:01 15:47:01 ## Recommendation 15:47:01 15:47:01 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:01 15:47:01 The following template can be used to demonstrate the vulnerability: 15:47:01 ```{{#with "constructor"}} 15:47:01 {{#with split as |a|}} 15:47:01 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:01 {{#with (concat (lookup join (slice 0 1)))}} 15:47:01 {{#each (slice 2 3)}} 15:47:01 {{#with (apply 0 a)}} 15:47:01 {{.}} 15:47:01 {{/with}} 15:47:01 {{/each}} 15:47:01 {{/with}} 15:47:01 {{/with}} 15:47:01 {{/with}}``` 15:47:01 15:47:01 15:47:01 ## Recommendation 15:47:01 15:47:01 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:01 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:01 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:01 [INFO] Analysis Complete (2 seconds) 15:47:01 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:01 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:01 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:01 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:01 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:01 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:01 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:01 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:01 [INFO] 15:47:01 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 15:47:01 [INFO] Building dependencies.cxf 1.0 [7/69] 15:47:01 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:01 [INFO] 15:47:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 15:47:01 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 15:47:01 [INFO] 15:47:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 15:47:01 [INFO] 15:47:01 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 15:47:01 [INFO] Executing tasks 15:47:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 15:47:01 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 15:47:01 [INFO] Executed tasks 15:47:01 [INFO] 15:47:01 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.cxf --- 15:47:01 [INFO] Executing tasks 15:47:06 [INFO] Executed tasks 15:47:06 [INFO] 15:47:06 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.cxf --- 15:47:06 [INFO] Checking for updates 15:47:06 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:47:07 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:47:07 [INFO] Check for updates complete (73 ms) 15:47:07 [INFO] 15:47:07 15:47:07 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:47:07 15:47:07 15:47:07 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:47:07 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:47:07 15:47:07 💖 Sponsor: https://github.com/sponsors/jeremylong 15:47:07 15:47:07 15:47:07 [INFO] Analysis Started 15:47:07 [INFO] Finished Archive Analyzer (0 seconds) 15:47:07 [INFO] Finished File Name Analyzer (0 seconds) 15:47:07 [INFO] Finished Jar Analyzer (0 seconds) 15:47:07 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:47:07 [INFO] Finished Hint Analyzer (0 seconds) 15:47:07 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:09 [INFO] Created CPE Index (1 seconds) 15:47:09 [INFO] Finished CPE Analyzer (1 seconds) 15:47:09 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:09 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:09 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:09 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:09 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:09 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:09 15:47:09 15:47:09 ## Recommendation 15:47:09 15:47:09 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:09 15:47:09 The following template can be used to demonstrate the vulnerability: 15:47:09 ```{{#with "constructor"}} 15:47:09 {{#with split as |a|}} 15:47:09 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:09 {{#with (concat (lookup join (slice 0 1)))}} 15:47:09 {{#each (slice 2 3)}} 15:47:09 {{#with (apply 0 a)}} 15:47:09 {{.}} 15:47:09 {{/with}} 15:47:09 {{/each}} 15:47:09 {{/with}} 15:47:09 {{/with}} 15:47:09 {{/with}}``` 15:47:09 15:47:09 15:47:09 ## Recommendation 15:47:09 15:47:09 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:09 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:09 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:09 [INFO] Analysis Complete (2 seconds) 15:47:09 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:09 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:09 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:09 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:09 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:09 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:09 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:09 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:09 [INFO] 15:47:09 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 15:47:09 [INFO] Building dependencies.commons 1.0 [8/69] 15:47:09 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:09 [INFO] 15:47:09 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 15:47:09 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 15:47:09 [INFO] 15:47:09 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 15:47:09 [INFO] 15:47:09 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.commons --- 15:47:09 [INFO] Executing tasks 15:47:14 [INFO] Executed tasks 15:47:14 [INFO] 15:47:14 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.commons --- 15:47:15 [INFO] Checking for updates 15:47:15 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:47:15 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:47:15 [INFO] Check for updates complete (67 ms) 15:47:15 [INFO] 15:47:15 15:47:15 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:47:15 15:47:15 15:47:15 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:47:15 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:47:15 15:47:15 💖 Sponsor: https://github.com/sponsors/jeremylong 15:47:15 15:47:15 15:47:15 [INFO] Analysis Started 15:47:15 [INFO] Finished Archive Analyzer (0 seconds) 15:47:15 [INFO] Finished File Name Analyzer (0 seconds) 15:47:15 [INFO] Finished Jar Analyzer (0 seconds) 15:47:15 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:47:15 [INFO] Finished Hint Analyzer (0 seconds) 15:47:15 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:17 [INFO] Created CPE Index (1 seconds) 15:47:17 [INFO] Finished CPE Analyzer (2 seconds) 15:47:17 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:17 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:17 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:17 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:17 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:17 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:17 15:47:17 15:47:17 ## Recommendation 15:47:17 15:47:17 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:17 15:47:17 The following template can be used to demonstrate the vulnerability: 15:47:17 ```{{#with "constructor"}} 15:47:17 {{#with split as |a|}} 15:47:17 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:17 {{#with (concat (lookup join (slice 0 1)))}} 15:47:17 {{#each (slice 2 3)}} 15:47:17 {{#with (apply 0 a)}} 15:47:17 {{.}} 15:47:17 {{/with}} 15:47:17 {{/each}} 15:47:17 {{/with}} 15:47:17 {{/with}} 15:47:17 {{/with}}``` 15:47:17 15:47:17 15:47:17 ## Recommendation 15:47:17 15:47:17 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:17 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:17 [INFO] Analysis Complete (2 seconds) 15:47:17 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:17 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:17 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:17 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:17 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:17 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:17 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:18 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:18 [WARNING] 15:47:18 15:47:18 One or more dependencies were identified with known vulnerabilities in dependencies.commons: 15:47:18 15:47:18 commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 15:47:18 15:47:18 15:47:18 See the dependency-check report for more details. 15:47:18 15:47:18 15:47:18 [INFO] 15:47:18 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 15:47:18 [INFO] Building dependencies.faces 1.0 [9/69] 15:47:18 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:18 [INFO] 15:47:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 15:47:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 15:47:18 [INFO] 15:47:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 15:47:18 [INFO] 15:47:18 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.faces --- 15:47:18 [INFO] Executing tasks 15:47:23 [INFO] Executed tasks 15:47:23 [INFO] 15:47:23 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.faces --- 15:47:23 [INFO] Checking for updates 15:47:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:47:23 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:47:23 [INFO] Check for updates complete (68 ms) 15:47:23 [INFO] 15:47:23 15:47:23 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:47:23 15:47:23 15:47:23 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:47:23 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:47:23 15:47:23 💖 Sponsor: https://github.com/sponsors/jeremylong 15:47:23 15:47:23 15:47:23 [INFO] Analysis Started 15:47:24 [INFO] Finished Archive Analyzer (0 seconds) 15:47:24 [INFO] Finished File Name Analyzer (0 seconds) 15:47:24 [INFO] Finished Jar Analyzer (0 seconds) 15:47:24 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:47:24 [INFO] Finished Hint Analyzer (0 seconds) 15:47:24 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:25 [INFO] Created CPE Index (1 seconds) 15:47:26 [INFO] Finished CPE Analyzer (1 seconds) 15:47:26 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:35 [INFO] Finished RetireJS Analyzer (8 seconds) 15:47:35 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:35 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:35 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:35 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:35 15:47:35 15:47:35 ## Recommendation 15:47:35 15:47:35 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:35 15:47:35 The following template can be used to demonstrate the vulnerability: 15:47:35 ```{{#with "constructor"}} 15:47:35 {{#with split as |a|}} 15:47:35 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:35 {{#with (concat (lookup join (slice 0 1)))}} 15:47:35 {{#each (slice 2 3)}} 15:47:35 {{#with (apply 0 a)}} 15:47:35 {{.}} 15:47:35 {{/with}} 15:47:35 {{/each}} 15:47:35 {{/with}} 15:47:35 {{/with}} 15:47:35 {{/with}}``` 15:47:35 15:47:35 15:47:35 ## Recommendation 15:47:35 15:47:35 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:35 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:35 [INFO] Analysis Complete (12 seconds) 15:47:35 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:35 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:36 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:36 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:36 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:36 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:36 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:36 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:36 [INFO] 15:47:36 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 15:47:36 [INFO] Building dependencies.git 1.0 [10/69] 15:47:36 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:36 [INFO] 15:47:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 15:47:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 15:47:36 [INFO] 15:47:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 15:47:36 [INFO] 15:47:36 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.git --- 15:47:36 [INFO] Executing tasks 15:47:41 [INFO] Executed tasks 15:47:41 [INFO] 15:47:41 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.git --- 15:47:42 [INFO] Checking for updates 15:47:42 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:47:42 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:47:42 [INFO] Check for updates complete (68 ms) 15:47:42 [INFO] 15:47:42 15:47:42 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:47:42 15:47:42 15:47:42 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:47:42 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:47:42 15:47:42 💖 Sponsor: https://github.com/sponsors/jeremylong 15:47:42 15:47:42 15:47:42 [INFO] Analysis Started 15:47:42 [INFO] Finished Archive Analyzer (0 seconds) 15:47:42 [INFO] Finished File Name Analyzer (0 seconds) 15:47:42 [INFO] Finished Jar Analyzer (0 seconds) 15:47:42 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:47:42 [INFO] Finished Hint Analyzer (0 seconds) 15:47:42 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:43 [INFO] Created CPE Index (1 seconds) 15:47:43 [INFO] Finished CPE Analyzer (1 seconds) 15:47:43 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:43 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:43 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:43 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:43 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:43 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:43 15:47:43 15:47:43 ## Recommendation 15:47:43 15:47:43 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:43 15:47:43 The following template can be used to demonstrate the vulnerability: 15:47:43 ```{{#with "constructor"}} 15:47:43 {{#with split as |a|}} 15:47:43 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:43 {{#with (concat (lookup join (slice 0 1)))}} 15:47:43 {{#each (slice 2 3)}} 15:47:43 {{#with (apply 0 a)}} 15:47:43 {{.}} 15:47:43 {{/with}} 15:47:43 {{/each}} 15:47:43 {{/with}} 15:47:43 {{/with}} 15:47:43 {{/with}}``` 15:47:43 15:47:43 15:47:43 ## Recommendation 15:47:43 15:47:43 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:44 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:44 [INFO] Analysis Complete (1 seconds) 15:47:44 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:44 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:44 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:44 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:44 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:44 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:44 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:44 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:44 [INFO] 15:47:44 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 15:47:44 [INFO] Building dependencies.httpcore 1.0 [11/69] 15:47:44 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:44 [INFO] 15:47:44 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 15:47:44 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 15:47:44 [INFO] 15:47:44 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 15:47:44 [INFO] 15:47:44 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 15:47:44 [INFO] Executing tasks 15:47:44 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 15:47:44 [INFO] Executed tasks 15:47:44 [INFO] 15:47:44 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.httpcore --- 15:47:44 [INFO] Executing tasks 15:47:49 [INFO] Executed tasks 15:47:49 [INFO] 15:47:49 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.httpcore --- 15:47:49 [INFO] Checking for updates 15:47:49 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:47:49 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:47:49 [INFO] Check for updates complete (71 ms) 15:47:49 [INFO] 15:47:49 15:47:49 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:47:49 15:47:49 15:47:49 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:47:49 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:47:49 15:47:49 💖 Sponsor: https://github.com/sponsors/jeremylong 15:47:49 15:47:49 15:47:49 [INFO] Analysis Started 15:47:49 [INFO] Finished Archive Analyzer (0 seconds) 15:47:49 [INFO] Finished File Name Analyzer (0 seconds) 15:47:49 [INFO] Finished Jar Analyzer (0 seconds) 15:47:49 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:47:49 [INFO] Finished Hint Analyzer (0 seconds) 15:47:49 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:51 [INFO] Created CPE Index (1 seconds) 15:47:51 [INFO] Finished CPE Analyzer (1 seconds) 15:47:51 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:51 15:47:51 15:47:51 ## Recommendation 15:47:51 15:47:51 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:51 15:47:51 The following template can be used to demonstrate the vulnerability: 15:47:51 ```{{#with "constructor"}} 15:47:51 {{#with split as |a|}} 15:47:51 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:51 {{#with (concat (lookup join (slice 0 1)))}} 15:47:51 {{#each (slice 2 3)}} 15:47:51 {{#with (apply 0 a)}} 15:47:51 {{.}} 15:47:51 {{/with}} 15:47:51 {{/each}} 15:47:51 {{/with}} 15:47:51 {{/with}} 15:47:51 {{/with}}``` 15:47:51 15:47:51 15:47:51 ## Recommendation 15:47:51 15:47:51 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:51 [INFO] Analysis Complete (1 seconds) 15:47:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:51 [INFO] 15:47:51 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 15:47:51 [INFO] Building dependencies.jackson 1.0 [12/69] 15:47:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:51 [INFO] 15:47:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 15:47:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 15:47:51 [INFO] 15:47:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 15:47:51 [INFO] 15:47:51 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jackson --- 15:47:51 [INFO] Executing tasks 15:47:56 [INFO] Executed tasks 15:47:56 [INFO] 15:47:56 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jackson --- 15:47:56 [INFO] Checking for updates 15:47:56 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:47:56 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:47:56 [INFO] Check for updates complete (70 ms) 15:47:57 [INFO] 15:47:57 15:47:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:47:57 15:47:57 15:47:57 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:47:57 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:47:57 15:47:57 💖 Sponsor: https://github.com/sponsors/jeremylong 15:47:57 15:47:57 15:47:57 [INFO] Analysis Started 15:47:57 [INFO] Finished Archive Analyzer (0 seconds) 15:47:57 [INFO] Finished File Name Analyzer (0 seconds) 15:47:57 [INFO] Finished Jar Analyzer (0 seconds) 15:47:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:47:57 [INFO] Finished Hint Analyzer (0 seconds) 15:47:57 [INFO] Finished Version Filter Analyzer (0 seconds) 15:47:58 [INFO] Created CPE Index (1 seconds) 15:47:58 [INFO] Finished CPE Analyzer (1 seconds) 15:47:58 [INFO] Finished False Positive Analyzer (0 seconds) 15:47:58 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:47:58 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:47:58 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:47:58 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:47:58 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:47:58 15:47:58 15:47:58 ## Recommendation 15:47:58 15:47:58 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:47:58 15:47:58 The following template can be used to demonstrate the vulnerability: 15:47:58 ```{{#with "constructor"}} 15:47:58 {{#with split as |a|}} 15:47:58 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:47:58 {{#with (concat (lookup join (slice 0 1)))}} 15:47:58 {{#each (slice 2 3)}} 15:47:58 {{#with (apply 0 a)}} 15:47:58 {{.}} 15:47:58 {{/with}} 15:47:58 {{/each}} 15:47:58 {{/with}} 15:47:58 {{/with}} 15:47:58 {{/with}}``` 15:47:58 15:47:58 15:47:58 ## Recommendation 15:47:58 15:47:58 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:47:58 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:47:58 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:47:58 [INFO] Analysis Complete (1 seconds) 15:47:58 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:47:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:47:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:47:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:47:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:47:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:47:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:47:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:47:59 [INFO] 15:47:59 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 15:47:59 [INFO] Building dependencies.javax 1.0 [13/69] 15:47:59 [INFO] --------------------------------[ pom ]--------------------------------- 15:47:59 [INFO] 15:47:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 15:47:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 15:47:59 [INFO] 15:47:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 15:47:59 [INFO] 15:47:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.javax --- 15:47:59 [INFO] Executing tasks 15:48:04 [INFO] Executed tasks 15:48:04 [INFO] 15:48:04 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.javax --- 15:48:04 [INFO] Checking for updates 15:48:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:04 [INFO] Check for updates complete (76 ms) 15:48:04 [INFO] 15:48:04 15:48:04 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:04 15:48:04 15:48:04 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:04 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:04 15:48:04 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:04 15:48:04 15:48:04 [INFO] Analysis Started 15:48:04 [INFO] Finished Archive Analyzer (0 seconds) 15:48:04 [INFO] Finished File Name Analyzer (0 seconds) 15:48:04 [INFO] Finished Jar Analyzer (0 seconds) 15:48:04 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:04 [INFO] Finished Hint Analyzer (0 seconds) 15:48:04 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:06 [INFO] Created CPE Index (1 seconds) 15:48:06 [INFO] Finished CPE Analyzer (1 seconds) 15:48:06 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:06 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:06 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:06 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:06 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:06 15:48:06 15:48:06 ## Recommendation 15:48:06 15:48:06 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:06 15:48:06 The following template can be used to demonstrate the vulnerability: 15:48:06 ```{{#with "constructor"}} 15:48:06 {{#with split as |a|}} 15:48:06 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:06 {{#with (concat (lookup join (slice 0 1)))}} 15:48:06 {{#each (slice 2 3)}} 15:48:06 {{#with (apply 0 a)}} 15:48:06 {{.}} 15:48:06 {{/with}} 15:48:06 {{/each}} 15:48:06 {{/with}} 15:48:06 {{/with}} 15:48:06 {{/with}}``` 15:48:06 15:48:06 15:48:06 ## Recommendation 15:48:06 15:48:06 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:06 [INFO] Analysis Complete (1 seconds) 15:48:06 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:06 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:06 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:06 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:06 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:06 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:06 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:06 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:06 [INFO] 15:48:06 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 15:48:06 [INFO] Building dependencies.jax 1.0 [14/69] 15:48:06 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:06 [INFO] 15:48:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 15:48:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 15:48:06 [INFO] 15:48:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 15:48:06 [INFO] 15:48:06 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 15:48:06 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 15:48:06 [INFO] 15:48:06 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 15:48:06 [INFO] Executing tasks 15:48:06 [INFO] Executed tasks 15:48:06 [INFO] 15:48:06 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jax --- 15:48:06 [INFO] Executing tasks 15:48:11 [INFO] Executed tasks 15:48:11 [INFO] 15:48:11 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jax --- 15:48:11 [INFO] Checking for updates 15:48:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:11 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:11 [INFO] Check for updates complete (71 ms) 15:48:12 [INFO] 15:48:12 15:48:12 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:12 15:48:12 15:48:12 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:12 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:12 15:48:12 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:12 15:48:12 15:48:12 [INFO] Analysis Started 15:48:12 [INFO] Finished Archive Analyzer (0 seconds) 15:48:12 [INFO] Finished File Name Analyzer (0 seconds) 15:48:12 [INFO] Finished Jar Analyzer (0 seconds) 15:48:12 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:12 [INFO] Finished Hint Analyzer (0 seconds) 15:48:12 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:13 [INFO] Created CPE Index (1 seconds) 15:48:14 [INFO] Finished CPE Analyzer (1 seconds) 15:48:14 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:14 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:14 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:14 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:14 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:14 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:14 15:48:14 15:48:14 ## Recommendation 15:48:14 15:48:14 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:14 15:48:14 The following template can be used to demonstrate the vulnerability: 15:48:14 ```{{#with "constructor"}} 15:48:14 {{#with split as |a|}} 15:48:14 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:14 {{#with (concat (lookup join (slice 0 1)))}} 15:48:14 {{#each (slice 2 3)}} 15:48:14 {{#with (apply 0 a)}} 15:48:14 {{.}} 15:48:14 {{/with}} 15:48:14 {{/each}} 15:48:14 {{/with}} 15:48:14 {{/with}} 15:48:14 {{/with}}``` 15:48:14 15:48:14 15:48:14 ## Recommendation 15:48:14 15:48:14 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:14 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:14 [INFO] Analysis Complete (1 seconds) 15:48:14 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:14 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:14 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:14 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:14 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:14 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:14 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:14 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:14 [INFO] 15:48:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 15:48:14 [INFO] Building dependencies.jetty 1.0 [15/69] 15:48:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:14 [INFO] 15:48:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 15:48:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 15:48:14 [INFO] 15:48:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 15:48:14 [INFO] 15:48:14 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jetty --- 15:48:14 [INFO] Executing tasks 15:48:19 [INFO] Executed tasks 15:48:19 [INFO] 15:48:19 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jetty --- 15:48:19 [INFO] Checking for updates 15:48:19 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:19 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:19 [INFO] Check for updates complete (68 ms) 15:48:19 [INFO] 15:48:19 15:48:19 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:19 15:48:19 15:48:19 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:19 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:19 15:48:19 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:19 15:48:19 15:48:19 [INFO] Analysis Started 15:48:19 [INFO] Finished File Name Analyzer (0 seconds) 15:48:19 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:19 [INFO] Finished Hint Analyzer (0 seconds) 15:48:19 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:21 [INFO] Created CPE Index (1 seconds) 15:48:21 [INFO] Finished CPE Analyzer (1 seconds) 15:48:21 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:21 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:21 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:21 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:21 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:21 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:21 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:21 [INFO] Analysis Complete (1 seconds) 15:48:21 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:21 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:21 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:21 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:21 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:21 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:21 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:21 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:21 [INFO] 15:48:21 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 15:48:21 [INFO] Building dependencies.jminix 1.0 [16/69] 15:48:21 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:21 [INFO] 15:48:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 15:48:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 15:48:21 [INFO] 15:48:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 15:48:21 [INFO] 15:48:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 15:48:21 [INFO] Executing tasks 15:48:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 15:48:21 [INFO] Executed tasks 15:48:21 [INFO] 15:48:21 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jminix --- 15:48:21 [INFO] Executing tasks 15:48:26 [INFO] Executed tasks 15:48:26 [INFO] 15:48:26 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.jminix --- 15:48:26 [INFO] Checking for updates 15:48:26 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:26 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:26 [INFO] Check for updates complete (70 ms) 15:48:26 [INFO] 15:48:26 15:48:26 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:26 15:48:26 15:48:26 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:26 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:26 15:48:26 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:26 15:48:26 15:48:26 [INFO] Analysis Started 15:48:26 [INFO] Finished Archive Analyzer (0 seconds) 15:48:26 [INFO] Finished File Name Analyzer (0 seconds) 15:48:26 [INFO] Finished Jar Analyzer (0 seconds) 15:48:26 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:26 [INFO] Finished Hint Analyzer (0 seconds) 15:48:26 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:28 [INFO] Created CPE Index (1 seconds) 15:48:28 [INFO] Finished CPE Analyzer (1 seconds) 15:48:28 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:28 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:29 [INFO] Finished RetireJS Analyzer (1 seconds) 15:48:29 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:29 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:29 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:29 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:29 15:48:29 15:48:29 ## Recommendation 15:48:29 15:48:29 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:29 15:48:29 The following template can be used to demonstrate the vulnerability: 15:48:29 ```{{#with "constructor"}} 15:48:29 {{#with split as |a|}} 15:48:29 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:29 {{#with (concat (lookup join (slice 0 1)))}} 15:48:29 {{#each (slice 2 3)}} 15:48:29 {{#with (apply 0 a)}} 15:48:29 {{.}} 15:48:29 {{/with}} 15:48:29 {{/each}} 15:48:29 {{/with}} 15:48:29 {{/with}} 15:48:29 {{/with}}``` 15:48:29 15:48:29 15:48:29 ## Recommendation 15:48:29 15:48:29 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:29 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:29 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:29 [INFO] Analysis Complete (3 seconds) 15:48:29 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:29 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:29 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:29 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:29 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:29 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:29 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:29 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:29 [INFO] 15:48:29 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 15:48:29 [INFO] Building dependencies.json 1.0 [17/69] 15:48:29 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:29 [INFO] 15:48:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 15:48:29 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 15:48:29 [INFO] 15:48:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 15:48:29 [INFO] 15:48:29 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 15:48:29 [INFO] Executing tasks 15:48:29 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 15:48:29 [INFO] Executed tasks 15:48:29 [INFO] 15:48:29 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 15:48:29 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 15:48:29 [INFO] 15:48:29 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.json --- 15:48:29 [INFO] Executing tasks 15:48:34 [INFO] Executed tasks 15:48:34 [INFO] 15:48:34 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.json --- 15:48:35 [INFO] Checking for updates 15:48:35 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:35 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:35 [INFO] Check for updates complete (90 ms) 15:48:35 [INFO] 15:48:35 15:48:35 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:35 15:48:35 15:48:35 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:35 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:35 15:48:35 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:35 15:48:35 15:48:35 [INFO] Analysis Started 15:48:35 [INFO] Finished Archive Analyzer (0 seconds) 15:48:35 [INFO] Finished File Name Analyzer (0 seconds) 15:48:35 [INFO] Finished Jar Analyzer (0 seconds) 15:48:35 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:35 [INFO] Finished Hint Analyzer (0 seconds) 15:48:35 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:36 [INFO] Created CPE Index (1 seconds) 15:48:37 [INFO] Finished CPE Analyzer (1 seconds) 15:48:37 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:37 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:37 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:37 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:37 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:37 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:37 15:48:37 15:48:37 ## Recommendation 15:48:37 15:48:37 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:37 15:48:37 The following template can be used to demonstrate the vulnerability: 15:48:37 ```{{#with "constructor"}} 15:48:37 {{#with split as |a|}} 15:48:37 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:37 {{#with (concat (lookup join (slice 0 1)))}} 15:48:37 {{#each (slice 2 3)}} 15:48:37 {{#with (apply 0 a)}} 15:48:37 {{.}} 15:48:37 {{/with}} 15:48:37 {{/each}} 15:48:37 {{/with}} 15:48:37 {{/with}} 15:48:37 {{/with}}``` 15:48:37 15:48:37 15:48:37 ## Recommendation 15:48:37 15:48:37 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:37 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:37 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:37 [INFO] Analysis Complete (1 seconds) 15:48:37 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:37 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:37 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:37 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:37 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:37 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:37 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:37 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:37 [INFO] 15:48:37 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 15:48:37 [INFO] Building dependencies.log 1.0 [18/69] 15:48:37 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:37 [INFO] 15:48:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 15:48:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 15:48:37 [INFO] 15:48:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 15:48:37 [INFO] 15:48:37 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 15:48:37 [INFO] Executing tasks 15:48:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 15:48:37 [INFO] Executed tasks 15:48:37 [INFO] 15:48:37 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.log --- 15:48:37 [INFO] Executing tasks 15:48:42 [INFO] Executed tasks 15:48:42 [INFO] 15:48:42 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.log --- 15:48:42 [INFO] Checking for updates 15:48:42 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:42 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:42 [INFO] Check for updates complete (70 ms) 15:48:42 [INFO] 15:48:42 15:48:42 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:42 15:48:42 15:48:42 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:42 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:42 15:48:42 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:42 15:48:42 15:48:42 [INFO] Analysis Started 15:48:42 [INFO] Finished Archive Analyzer (0 seconds) 15:48:42 [INFO] Finished File Name Analyzer (0 seconds) 15:48:43 [INFO] Finished Jar Analyzer (0 seconds) 15:48:43 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:43 [INFO] Finished Hint Analyzer (0 seconds) 15:48:43 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:44 [INFO] Created CPE Index (1 seconds) 15:48:44 [INFO] Finished CPE Analyzer (1 seconds) 15:48:44 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:44 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:44 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:44 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:44 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:44 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:44 15:48:44 15:48:44 ## Recommendation 15:48:44 15:48:44 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:44 15:48:44 The following template can be used to demonstrate the vulnerability: 15:48:44 ```{{#with "constructor"}} 15:48:44 {{#with split as |a|}} 15:48:44 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:44 {{#with (concat (lookup join (slice 0 1)))}} 15:48:44 {{#each (slice 2 3)}} 15:48:44 {{#with (apply 0 a)}} 15:48:44 {{.}} 15:48:44 {{/with}} 15:48:44 {{/each}} 15:48:44 {{/with}} 15:48:44 {{/with}} 15:48:44 {{/with}}``` 15:48:44 15:48:44 15:48:44 ## Recommendation 15:48:44 15:48:44 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:44 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:44 [INFO] Analysis Complete (1 seconds) 15:48:44 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:44 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:44 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:44 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:44 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:44 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:44 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:44 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:44 [INFO] 15:48:44 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 15:48:44 [INFO] Building dependencies.lucene 1.0 [19/69] 15:48:44 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:44 [INFO] 15:48:44 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 15:48:44 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 15:48:44 [INFO] 15:48:44 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 15:48:44 [INFO] 15:48:44 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.lucene --- 15:48:44 [INFO] Executing tasks 15:48:49 [INFO] Executed tasks 15:48:49 [INFO] 15:48:49 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.lucene --- 15:48:49 [INFO] Checking for updates 15:48:49 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:49 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:50 [INFO] Check for updates complete (71 ms) 15:48:50 [INFO] 15:48:50 15:48:50 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:50 15:48:50 15:48:50 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:50 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:50 15:48:50 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:50 15:48:50 15:48:50 [INFO] Analysis Started 15:48:50 [INFO] Finished Archive Analyzer (0 seconds) 15:48:50 [INFO] Finished File Name Analyzer (0 seconds) 15:48:50 [INFO] Finished Jar Analyzer (0 seconds) 15:48:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:50 [INFO] Finished Hint Analyzer (0 seconds) 15:48:50 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:51 [INFO] Created CPE Index (1 seconds) 15:48:51 [INFO] Finished CPE Analyzer (1 seconds) 15:48:51 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:51 15:48:51 15:48:51 ## Recommendation 15:48:51 15:48:51 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:51 15:48:51 The following template can be used to demonstrate the vulnerability: 15:48:51 ```{{#with "constructor"}} 15:48:51 {{#with split as |a|}} 15:48:51 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:51 {{#with (concat (lookup join (slice 0 1)))}} 15:48:51 {{#each (slice 2 3)}} 15:48:51 {{#with (apply 0 a)}} 15:48:51 {{.}} 15:48:51 {{/with}} 15:48:51 {{/each}} 15:48:51 {{/with}} 15:48:51 {{/with}} 15:48:51 {{/with}}``` 15:48:51 15:48:51 15:48:51 ## Recommendation 15:48:51 15:48:51 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:51 [INFO] Analysis Complete (1 seconds) 15:48:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:52 [INFO] 15:48:52 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 15:48:52 [INFO] Building dependencies.openapi4j 1.0 [20/69] 15:48:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:52 [INFO] 15:48:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 15:48:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 15:48:52 [INFO] 15:48:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 15:48:52 [INFO] 15:48:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 15:48:52 [INFO] Executing tasks 15:48:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 15:48:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 15:48:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 15:48:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 15:48:52 [INFO] Executed tasks 15:48:52 [INFO] 15:48:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.openapi4j --- 15:48:52 [INFO] Executing tasks 15:48:57 [INFO] Executed tasks 15:48:57 [INFO] 15:48:57 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.openapi4j --- 15:48:57 [INFO] Checking for updates 15:48:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:48:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:48:57 [INFO] Check for updates complete (68 ms) 15:48:57 [INFO] 15:48:57 15:48:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:48:57 15:48:57 15:48:57 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:48:57 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:48:57 15:48:57 💖 Sponsor: https://github.com/sponsors/jeremylong 15:48:57 15:48:57 15:48:57 [INFO] Analysis Started 15:48:57 [INFO] Finished Archive Analyzer (0 seconds) 15:48:57 [INFO] Finished File Name Analyzer (0 seconds) 15:48:57 [INFO] Finished Jar Analyzer (0 seconds) 15:48:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:48:57 [INFO] Finished Hint Analyzer (0 seconds) 15:48:57 [INFO] Finished Version Filter Analyzer (0 seconds) 15:48:58 [INFO] Created CPE Index (1 seconds) 15:48:59 [INFO] Finished CPE Analyzer (1 seconds) 15:48:59 [INFO] Finished False Positive Analyzer (0 seconds) 15:48:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:48:59 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:48:59 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:48:59 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:48:59 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:48:59 15:48:59 15:48:59 ## Recommendation 15:48:59 15:48:59 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:48:59 15:48:59 The following template can be used to demonstrate the vulnerability: 15:48:59 ```{{#with "constructor"}} 15:48:59 {{#with split as |a|}} 15:48:59 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:48:59 {{#with (concat (lookup join (slice 0 1)))}} 15:48:59 {{#each (slice 2 3)}} 15:48:59 {{#with (apply 0 a)}} 15:48:59 {{.}} 15:48:59 {{/with}} 15:48:59 {{/each}} 15:48:59 {{/with}} 15:48:59 {{/with}} 15:48:59 {{/with}}``` 15:48:59 15:48:59 15:48:59 ## Recommendation 15:48:59 15:48:59 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:48:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:48:59 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:48:59 [INFO] Analysis Complete (1 seconds) 15:48:59 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:48:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:48:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:48:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:48:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:48:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:48:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:48:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:48:59 [INFO] 15:48:59 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 15:48:59 [INFO] Building dependencies.opensaml 1.0 [21/69] 15:48:59 [INFO] --------------------------------[ pom ]--------------------------------- 15:48:59 [INFO] 15:48:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 15:48:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 15:48:59 [INFO] 15:48:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 15:48:59 [INFO] 15:48:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.opensaml --- 15:48:59 [INFO] Executing tasks 15:49:04 [INFO] Executed tasks 15:49:04 [INFO] 15:49:04 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.opensaml --- 15:49:04 [INFO] Checking for updates 15:49:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:04 [INFO] Check for updates complete (68 ms) 15:49:04 [INFO] 15:49:04 15:49:04 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:04 15:49:04 15:49:04 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:04 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:04 15:49:04 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:04 15:49:04 15:49:04 [INFO] Analysis Started 15:49:04 [INFO] Finished Archive Analyzer (0 seconds) 15:49:04 [INFO] Finished File Name Analyzer (0 seconds) 15:49:04 [INFO] Finished Jar Analyzer (0 seconds) 15:49:04 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:04 [INFO] Finished Hint Analyzer (0 seconds) 15:49:04 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:05 [INFO] Created CPE Index (1 seconds) 15:49:06 [INFO] Finished CPE Analyzer (1 seconds) 15:49:06 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:06 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:06 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:06 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:06 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:06 15:49:06 15:49:06 ## Recommendation 15:49:06 15:49:06 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:06 15:49:06 The following template can be used to demonstrate the vulnerability: 15:49:06 ```{{#with "constructor"}} 15:49:06 {{#with split as |a|}} 15:49:06 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:06 {{#with (concat (lookup join (slice 0 1)))}} 15:49:06 {{#each (slice 2 3)}} 15:49:06 {{#with (apply 0 a)}} 15:49:06 {{.}} 15:49:06 {{/with}} 15:49:06 {{/each}} 15:49:06 {{/with}} 15:49:06 {{/with}} 15:49:06 {{/with}}``` 15:49:06 15:49:06 15:49:06 ## Recommendation 15:49:06 15:49:06 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:49:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:06 [INFO] Analysis Complete (1 seconds) 15:49:06 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:06 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:06 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:06 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:06 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:06 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:06 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:06 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:06 [INFO] 15:49:06 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 15:49:06 [INFO] Building dependencies.pdf 1.0 [22/69] 15:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:06 [INFO] 15:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 15:49:06 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 15:49:06 [INFO] 15:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 15:49:06 [INFO] 15:49:06 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.pdf --- 15:49:06 [INFO] Executing tasks 15:49:11 [INFO] Executed tasks 15:49:11 [INFO] 15:49:11 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.pdf --- 15:49:11 [INFO] Checking for updates 15:49:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:11 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:11 [INFO] Check for updates complete (69 ms) 15:49:11 [INFO] 15:49:11 15:49:11 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:11 15:49:11 15:49:11 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:11 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:11 15:49:11 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:11 15:49:11 15:49:11 [INFO] Analysis Started 15:49:11 [INFO] Finished Archive Analyzer (0 seconds) 15:49:11 [INFO] Finished File Name Analyzer (0 seconds) 15:49:11 [INFO] Finished Jar Analyzer (0 seconds) 15:49:11 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:11 [INFO] Finished Hint Analyzer (0 seconds) 15:49:11 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:13 [INFO] Created CPE Index (1 seconds) 15:49:13 [INFO] Finished CPE Analyzer (1 seconds) 15:49:13 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:13 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:13 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:13 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:13 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:13 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:13 15:49:13 15:49:13 ## Recommendation 15:49:13 15:49:13 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:13 15:49:13 The following template can be used to demonstrate the vulnerability: 15:49:13 ```{{#with "constructor"}} 15:49:13 {{#with split as |a|}} 15:49:13 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:13 {{#with (concat (lookup join (slice 0 1)))}} 15:49:13 {{#each (slice 2 3)}} 15:49:13 {{#with (apply 0 a)}} 15:49:13 {{.}} 15:49:13 {{/with}} 15:49:13 {{/each}} 15:49:13 {{/with}} 15:49:13 {{/with}} 15:49:13 {{/with}}``` 15:49:13 15:49:13 15:49:13 ## Recommendation 15:49:13 15:49:13 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:13 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:49:13 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:13 [INFO] Analysis Complete (1 seconds) 15:49:13 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:13 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:13 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:13 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:13 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:13 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:13 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:13 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:13 [INFO] 15:49:13 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 15:49:13 [INFO] Building dependencies.redis 1.0 [23/69] 15:49:13 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:13 [INFO] 15:49:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 15:49:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 15:49:13 [INFO] 15:49:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 15:49:13 [INFO] 15:49:13 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.redis --- 15:49:13 [INFO] Executing tasks 15:49:18 [INFO] Executed tasks 15:49:18 [INFO] 15:49:18 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.redis --- 15:49:18 [INFO] Checking for updates 15:49:18 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:18 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:18 [INFO] Check for updates complete (71 ms) 15:49:18 [INFO] 15:49:18 15:49:18 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:18 15:49:18 15:49:18 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:18 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:18 15:49:18 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:18 15:49:18 15:49:18 [INFO] Analysis Started 15:49:19 [INFO] Finished Archive Analyzer (0 seconds) 15:49:19 [INFO] Finished File Name Analyzer (0 seconds) 15:49:19 [INFO] Finished Jar Analyzer (0 seconds) 15:49:19 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:19 [INFO] Finished Hint Analyzer (0 seconds) 15:49:19 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:20 [INFO] Created CPE Index (1 seconds) 15:49:20 [INFO] Finished CPE Analyzer (1 seconds) 15:49:20 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:20 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:20 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:20 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:20 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:20 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:20 15:49:20 15:49:20 ## Recommendation 15:49:20 15:49:20 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:20 15:49:20 The following template can be used to demonstrate the vulnerability: 15:49:20 ```{{#with "constructor"}} 15:49:20 {{#with split as |a|}} 15:49:20 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:20 {{#with (concat (lookup join (slice 0 1)))}} 15:49:20 {{#each (slice 2 3)}} 15:49:20 {{#with (apply 0 a)}} 15:49:20 {{.}} 15:49:20 {{/with}} 15:49:20 {{/each}} 15:49:20 {{/with}} 15:49:20 {{/with}} 15:49:20 {{/with}}``` 15:49:20 15:49:20 15:49:20 ## Recommendation 15:49:20 15:49:20 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:49:20 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:20 [INFO] Analysis Complete (1 seconds) 15:49:20 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:20 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:20 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:20 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:20 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:20 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:20 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:20 [INFO] 15:49:20 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 15:49:20 [INFO] Building dependencies.reports 1.0 [24/69] 15:49:20 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:20 [INFO] 15:49:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 15:49:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 15:49:20 [INFO] 15:49:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 15:49:20 [INFO] 15:49:20 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.reports --- 15:49:20 [INFO] Executing tasks 15:49:25 [INFO] Executed tasks 15:49:25 [INFO] 15:49:25 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.reports --- 15:49:25 [INFO] Checking for updates 15:49:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:26 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:26 [INFO] Check for updates complete (66 ms) 15:49:26 [INFO] 15:49:26 15:49:26 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:26 15:49:26 15:49:26 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:26 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:26 15:49:26 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:26 15:49:26 15:49:26 [INFO] Analysis Started 15:49:26 [INFO] Finished Archive Analyzer (0 seconds) 15:49:26 [INFO] Finished File Name Analyzer (0 seconds) 15:49:26 [INFO] Finished Jar Analyzer (0 seconds) 15:49:26 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:26 [INFO] Finished Hint Analyzer (0 seconds) 15:49:26 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:27 [INFO] Created CPE Index (1 seconds) 15:49:27 [INFO] Finished CPE Analyzer (1 seconds) 15:49:27 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:28 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:28 [INFO] Finished RetireJS Analyzer (0 seconds) 15:49:28 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:28 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:28 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:28 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:28 15:49:28 15:49:28 ## Recommendation 15:49:28 15:49:28 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:28 15:49:28 The following template can be used to demonstrate the vulnerability: 15:49:28 ```{{#with "constructor"}} 15:49:28 {{#with split as |a|}} 15:49:28 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:28 {{#with (concat (lookup join (slice 0 1)))}} 15:49:28 {{#each (slice 2 3)}} 15:49:28 {{#with (apply 0 a)}} 15:49:28 {{.}} 15:49:28 {{/with}} 15:49:28 {{/each}} 15:49:28 {{/with}} 15:49:28 {{/with}} 15:49:28 {{/with}}``` 15:49:28 15:49:28 15:49:28 ## Recommendation 15:49:28 15:49:28 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:28 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:28 [INFO] Analysis Complete (1 seconds) 15:49:28 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:28 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:28 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:28 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:28 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:28 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:28 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:28 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:28 [INFO] 15:49:28 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 15:49:28 [INFO] Building dependencies.saaj 1.0 [25/69] 15:49:28 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:28 [INFO] 15:49:28 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 15:49:28 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 15:49:28 [INFO] 15:49:28 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 15:49:28 [INFO] 15:49:28 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 15:49:28 [INFO] Executing tasks 15:49:28 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 15:49:28 [INFO] Executed tasks 15:49:28 [INFO] 15:49:28 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.saaj --- 15:49:28 [INFO] Executing tasks 15:49:33 [INFO] Executed tasks 15:49:33 [INFO] 15:49:33 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.saaj --- 15:49:33 [INFO] Checking for updates 15:49:33 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:33 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:33 [INFO] Check for updates complete (69 ms) 15:49:33 [INFO] 15:49:33 15:49:33 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:33 15:49:33 15:49:33 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:33 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:33 15:49:33 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:33 15:49:33 15:49:33 [INFO] Analysis Started 15:49:33 [INFO] Finished Archive Analyzer (0 seconds) 15:49:33 [INFO] Finished File Name Analyzer (0 seconds) 15:49:33 [INFO] Finished Jar Analyzer (0 seconds) 15:49:33 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:33 [INFO] Finished Hint Analyzer (0 seconds) 15:49:33 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:35 [INFO] Created CPE Index (1 seconds) 15:49:35 [INFO] Finished CPE Analyzer (1 seconds) 15:49:35 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:35 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:35 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:35 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:35 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:35 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:35 15:49:35 15:49:35 ## Recommendation 15:49:35 15:49:35 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:35 15:49:35 The following template can be used to demonstrate the vulnerability: 15:49:35 ```{{#with "constructor"}} 15:49:35 {{#with split as |a|}} 15:49:35 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:35 {{#with (concat (lookup join (slice 0 1)))}} 15:49:35 {{#each (slice 2 3)}} 15:49:35 {{#with (apply 0 a)}} 15:49:35 {{.}} 15:49:35 {{/with}} 15:49:35 {{/each}} 15:49:35 {{/with}} 15:49:35 {{/with}} 15:49:35 {{/with}}``` 15:49:35 15:49:35 15:49:35 ## Recommendation 15:49:35 15:49:35 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:35 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:49:35 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:35 [INFO] Analysis Complete (1 seconds) 15:49:35 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:35 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:35 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:35 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:35 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:35 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:35 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:35 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:35 [INFO] 15:49:35 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 15:49:35 [INFO] Building dependencies.security 1.0 [26/69] 15:49:35 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:35 [INFO] 15:49:35 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 15:49:35 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 15:49:35 [INFO] 15:49:35 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 15:49:35 [INFO] 15:49:35 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 15:49:35 [INFO] Executing tasks 15:49:35 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 15:49:35 [INFO] Executed tasks 15:49:35 [INFO] 15:49:35 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.security --- 15:49:35 [INFO] Executing tasks 15:49:40 [INFO] Executed tasks 15:49:40 [INFO] 15:49:40 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.security --- 15:49:40 [INFO] Checking for updates 15:49:40 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:40 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:40 [INFO] Check for updates complete (69 ms) 15:49:41 [INFO] 15:49:41 15:49:41 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:41 15:49:41 15:49:41 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:41 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:41 15:49:41 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:41 15:49:41 15:49:41 [INFO] Analysis Started 15:49:41 [INFO] Finished Archive Analyzer (0 seconds) 15:49:41 [INFO] Finished File Name Analyzer (0 seconds) 15:49:41 [INFO] Finished Jar Analyzer (0 seconds) 15:49:41 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:41 [INFO] Finished Hint Analyzer (0 seconds) 15:49:41 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:42 [INFO] Created CPE Index (1 seconds) 15:49:42 [INFO] Finished CPE Analyzer (1 seconds) 15:49:43 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:43 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:43 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:43 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:43 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:43 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:43 15:49:43 15:49:43 ## Recommendation 15:49:43 15:49:43 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:43 15:49:43 The following template can be used to demonstrate the vulnerability: 15:49:43 ```{{#with "constructor"}} 15:49:43 {{#with split as |a|}} 15:49:43 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:43 {{#with (concat (lookup join (slice 0 1)))}} 15:49:43 {{#each (slice 2 3)}} 15:49:43 {{#with (apply 0 a)}} 15:49:43 {{.}} 15:49:43 {{/with}} 15:49:43 {{/each}} 15:49:43 {{/with}} 15:49:43 {{/with}} 15:49:43 {{/with}}``` 15:49:43 15:49:43 15:49:43 ## Recommendation 15:49:43 15:49:43 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:49:43 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:43 [INFO] Analysis Complete (2 seconds) 15:49:43 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:43 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:43 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:43 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:43 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:43 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:43 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:43 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:43 [INFO] 15:49:43 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 15:49:43 [INFO] Building dependencies.shared 1.0 [27/69] 15:49:43 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:43 [INFO] 15:49:43 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 15:49:43 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 15:49:43 [INFO] 15:49:43 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 15:49:43 [INFO] 15:49:43 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 15:49:43 [INFO] Executing tasks 15:49:43 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 15:49:43 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 15:49:43 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 15:49:43 [INFO] Executed tasks 15:49:43 [INFO] 15:49:43 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.shared --- 15:49:43 [INFO] Executing tasks 15:49:48 [INFO] Executed tasks 15:49:48 [INFO] 15:49:48 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.shared --- 15:49:48 [INFO] Checking for updates 15:49:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:48 [INFO] Check for updates complete (71 ms) 15:49:48 [INFO] 15:49:48 15:49:48 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:48 15:49:48 15:49:48 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:48 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:48 15:49:48 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:48 15:49:48 15:49:48 [INFO] Analysis Started 15:49:49 [INFO] Finished Archive Analyzer (1 seconds) 15:49:49 [INFO] Finished File Name Analyzer (0 seconds) 15:49:50 [INFO] Finished Jar Analyzer (0 seconds) 15:49:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:50 [INFO] Finished Hint Analyzer (0 seconds) 15:49:50 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:51 [INFO] Created CPE Index (1 seconds) 15:49:52 [INFO] Finished CPE Analyzer (2 seconds) 15:49:52 [INFO] Finished False Positive Analyzer (0 seconds) 15:49:52 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:49:52 [INFO] Finished RetireJS Analyzer (0 seconds) 15:49:52 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:49:52 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:49:52 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:49:52 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:49:52 15:49:52 15:49:52 ## Recommendation 15:49:52 15:49:52 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:49:52 15:49:52 The following template can be used to demonstrate the vulnerability: 15:49:52 ```{{#with "constructor"}} 15:49:52 {{#with split as |a|}} 15:49:52 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:49:52 {{#with (concat (lookup join (slice 0 1)))}} 15:49:52 {{#each (slice 2 3)}} 15:49:52 {{#with (apply 0 a)}} 15:49:52 {{.}} 15:49:52 {{/with}} 15:49:52 {{/each}} 15:49:52 {{/with}} 15:49:52 {{/with}} 15:49:52 {{/with}}``` 15:49:52 15:49:52 15:49:52 ## Recommendation 15:49:52 15:49:52 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:49:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:49:52 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:49:52 [INFO] Analysis Complete (3 seconds) 15:49:52 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:49:52 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:49:52 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:49:52 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:49:52 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:49:52 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:49:52 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:49:52 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:49:52 [WARNING] 15:49:52 15:49:52 One or more dependencies were identified with known vulnerabilities in dependencies.shared: 15:49:52 15:49:52 rhino-1.7.14.jar (pkg:maven/org.mozilla/rhino@1.7.14) : CVE-2025-66453 15:49:52 15:49:52 15:49:52 See the dependency-check report for more details. 15:49:52 15:49:52 15:49:52 [INFO] 15:49:52 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 15:49:52 [INFO] Building dependencies.spring 1.0 [28/69] 15:49:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:49:52 [INFO] 15:49:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 15:49:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 15:49:52 [INFO] 15:49:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 15:49:52 [INFO] 15:49:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 15:49:52 [INFO] Executing tasks 15:49:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 15:49:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 15:49:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 15:49:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 15:49:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 15:49:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 15:49:52 [INFO] Executed tasks 15:49:52 [INFO] 15:49:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring --- 15:49:52 [INFO] Executing tasks 15:49:57 [INFO] Executed tasks 15:49:57 [INFO] 15:49:57 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring --- 15:49:58 [INFO] Checking for updates 15:49:58 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:49:58 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:49:58 [INFO] Check for updates complete (67 ms) 15:49:58 [INFO] 15:49:58 15:49:58 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:49:58 15:49:58 15:49:58 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:49:58 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:49:58 15:49:58 💖 Sponsor: https://github.com/sponsors/jeremylong 15:49:58 15:49:58 15:49:58 [INFO] Analysis Started 15:49:58 [INFO] Finished Archive Analyzer (0 seconds) 15:49:58 [INFO] Finished File Name Analyzer (0 seconds) 15:49:58 [INFO] Finished Jar Analyzer (0 seconds) 15:49:58 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:49:58 [INFO] Finished Hint Analyzer (0 seconds) 15:49:58 [INFO] Finished Version Filter Analyzer (0 seconds) 15:49:59 [INFO] Created CPE Index (1 seconds) 15:50:00 [INFO] Finished CPE Analyzer (1 seconds) 15:50:00 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:00 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:00 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:00 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:00 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:00 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:50:00 15:50:00 15:50:00 ## Recommendation 15:50:00 15:50:00 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:50:00 15:50:00 The following template can be used to demonstrate the vulnerability: 15:50:00 ```{{#with "constructor"}} 15:50:00 {{#with split as |a|}} 15:50:00 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:50:00 {{#with (concat (lookup join (slice 0 1)))}} 15:50:00 {{#each (slice 2 3)}} 15:50:00 {{#with (apply 0 a)}} 15:50:00 {{.}} 15:50:00 {{/with}} 15:50:00 {{/each}} 15:50:00 {{/with}} 15:50:00 {{/with}} 15:50:00 {{/with}}``` 15:50:00 15:50:00 15:50:00 ## Recommendation 15:50:00 15:50:00 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:50:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:50:00 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:00 [INFO] Analysis Complete (1 seconds) 15:50:00 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:00 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:00 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:00 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:00 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:00 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:00 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:00 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:00 [WARNING] 15:50:00 15:50:00 One or more dependencies were identified with known vulnerabilities in dependencies.spring: 15:50:00 15:50:00 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 15:50:00 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:web_project:web:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 15:50:00 15:50:00 15:50:00 See the dependency-check report for more details. 15:50:00 15:50:00 15:50:00 [INFO] 15:50:00 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 15:50:00 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 15:50:00 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:00 [INFO] 15:50:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 15:50:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 15:50:00 [INFO] 15:50:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 15:50:00 [INFO] 15:50:00 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-ldap --- 15:50:00 [INFO] Executing tasks 15:50:05 [INFO] Executed tasks 15:50:05 [INFO] 15:50:05 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring-ldap --- 15:50:05 [INFO] Checking for updates 15:50:05 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:05 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:05 [INFO] Check for updates complete (69 ms) 15:50:05 [INFO] 15:50:05 15:50:05 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:05 15:50:05 15:50:05 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:05 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:05 15:50:05 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:05 15:50:05 15:50:05 [INFO] Analysis Started 15:50:05 [INFO] Finished Archive Analyzer (0 seconds) 15:50:05 [INFO] Finished File Name Analyzer (0 seconds) 15:50:05 [INFO] Finished Jar Analyzer (0 seconds) 15:50:05 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:05 [INFO] Finished Hint Analyzer (0 seconds) 15:50:05 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:07 [INFO] Created CPE Index (1 seconds) 15:50:07 [INFO] Finished CPE Analyzer (1 seconds) 15:50:07 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:07 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:07 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:07 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:07 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:07 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:50:07 15:50:07 15:50:07 ## Recommendation 15:50:07 15:50:07 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:50:07 15:50:07 The following template can be used to demonstrate the vulnerability: 15:50:07 ```{{#with "constructor"}} 15:50:07 {{#with split as |a|}} 15:50:07 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:50:07 {{#with (concat (lookup join (slice 0 1)))}} 15:50:07 {{#each (slice 2 3)}} 15:50:07 {{#with (apply 0 a)}} 15:50:07 {{.}} 15:50:07 {{/with}} 15:50:07 {{/each}} 15:50:07 {{/with}} 15:50:07 {{/with}} 15:50:07 {{/with}}``` 15:50:07 15:50:07 15:50:07 ## Recommendation 15:50:07 15:50:07 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:50:07 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:50:07 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:07 [INFO] Analysis Complete (1 seconds) 15:50:07 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:07 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:07 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:07 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:07 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:07 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:07 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:07 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:07 [INFO] 15:50:07 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 15:50:07 [INFO] Building dependencies.spring-security 1.0 [30/69] 15:50:07 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:07 [INFO] 15:50:07 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 15:50:07 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 15:50:07 [INFO] 15:50:07 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 15:50:07 [INFO] 15:50:07 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 15:50:07 [INFO] Executing tasks 15:50:07 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 15:50:07 [INFO] Executed tasks 15:50:07 [INFO] 15:50:07 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-security --- 15:50:07 [INFO] Executing tasks 15:50:12 [INFO] Executed tasks 15:50:12 [INFO] 15:50:12 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.spring-security --- 15:50:12 [INFO] Checking for updates 15:50:12 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:12 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:12 [INFO] Check for updates complete (66 ms) 15:50:12 [INFO] 15:50:12 15:50:12 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:12 15:50:12 15:50:12 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:12 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:12 15:50:12 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:12 15:50:12 15:50:12 [INFO] Analysis Started 15:50:12 [INFO] Finished Archive Analyzer (0 seconds) 15:50:12 [INFO] Finished File Name Analyzer (0 seconds) 15:50:12 [INFO] Finished Jar Analyzer (0 seconds) 15:50:12 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:12 [INFO] Finished Hint Analyzer (0 seconds) 15:50:12 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:14 [INFO] Created CPE Index (1 seconds) 15:50:14 [INFO] Finished CPE Analyzer (1 seconds) 15:50:14 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:14 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:14 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:14 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:14 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:14 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:50:14 15:50:14 15:50:14 ## Recommendation 15:50:14 15:50:14 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:50:14 15:50:14 The following template can be used to demonstrate the vulnerability: 15:50:14 ```{{#with "constructor"}} 15:50:14 {{#with split as |a|}} 15:50:14 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:50:14 {{#with (concat (lookup join (slice 0 1)))}} 15:50:14 {{#each (slice 2 3)}} 15:50:14 {{#with (apply 0 a)}} 15:50:14 {{.}} 15:50:14 {{/with}} 15:50:14 {{/each}} 15:50:14 {{/with}} 15:50:14 {{/with}} 15:50:14 {{/with}}``` 15:50:14 15:50:14 15:50:14 ## Recommendation 15:50:14 15:50:14 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:50:14 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:14 [INFO] Analysis Complete (1 seconds) 15:50:14 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:14 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:14 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:14 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:14 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:14 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:14 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:14 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:14 [INFO] 15:50:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 15:50:14 [INFO] Building dependencies.swagger 1.0 [31/69] 15:50:14 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:14 [INFO] 15:50:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 15:50:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 15:50:14 [INFO] 15:50:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 15:50:14 [INFO] 15:50:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 15:50:14 [INFO] Executing tasks 15:50:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 15:50:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 15:50:14 [INFO] Executed tasks 15:50:14 [INFO] 15:50:14 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.swagger --- 15:50:14 [INFO] Executing tasks 15:50:19 [INFO] Executed tasks 15:50:19 [INFO] 15:50:19 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.swagger --- 15:50:19 [INFO] Checking for updates 15:50:19 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:19 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:19 [INFO] Check for updates complete (70 ms) 15:50:20 [INFO] 15:50:20 15:50:20 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:20 15:50:20 15:50:20 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:20 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:20 15:50:20 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:20 15:50:20 15:50:20 [INFO] Analysis Started 15:50:20 [INFO] Finished Archive Analyzer (0 seconds) 15:50:20 [INFO] Finished File Name Analyzer (0 seconds) 15:50:20 [INFO] Finished Jar Analyzer (0 seconds) 15:50:20 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:20 [INFO] Finished Hint Analyzer (0 seconds) 15:50:20 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:21 [INFO] Created CPE Index (1 seconds) 15:50:21 [INFO] Finished CPE Analyzer (1 seconds) 15:50:21 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:21 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:31 [INFO] Finished RetireJS Analyzer (9 seconds) 15:50:31 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:31 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:31 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:31 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:50:31 15:50:31 15:50:31 ## Recommendation 15:50:31 15:50:31 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:50:31 15:50:31 The following template can be used to demonstrate the vulnerability: 15:50:31 ```{{#with "constructor"}} 15:50:31 {{#with split as |a|}} 15:50:31 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:50:31 {{#with (concat (lookup join (slice 0 1)))}} 15:50:31 {{#each (slice 2 3)}} 15:50:31 {{#with (apply 0 a)}} 15:50:31 {{.}} 15:50:31 {{/with}} 15:50:31 {{/each}} 15:50:31 {{/with}} 15:50:31 {{/with}} 15:50:31 {{/with}}``` 15:50:31 15:50:31 15:50:31 ## Recommendation 15:50:31 15:50:31 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:50:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:50:31 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:31 [INFO] Analysis Complete (11 seconds) 15:50:31 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:31 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:31 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:31 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:31 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:31 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:31 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:31 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:31 [INFO] 15:50:31 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 15:50:31 [INFO] Building dependencies.wadl 1.0 [32/69] 15:50:31 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:31 [INFO] 15:50:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 15:50:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 15:50:31 [INFO] 15:50:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 15:50:31 [INFO] 15:50:31 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wadl --- 15:50:31 [INFO] Executing tasks 15:50:36 [INFO] Executed tasks 15:50:36 [INFO] 15:50:36 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.wadl --- 15:50:36 [INFO] Checking for updates 15:50:36 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:36 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:36 [INFO] Check for updates complete (71 ms) 15:50:36 [INFO] 15:50:36 15:50:36 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:36 15:50:36 15:50:36 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:36 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:36 15:50:36 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:36 15:50:36 15:50:36 [INFO] Analysis Started 15:50:36 [INFO] Finished Archive Analyzer (0 seconds) 15:50:36 [INFO] Finished File Name Analyzer (0 seconds) 15:50:36 [INFO] Finished Jar Analyzer (0 seconds) 15:50:36 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:36 [INFO] Finished Hint Analyzer (0 seconds) 15:50:36 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:38 [INFO] Created CPE Index (1 seconds) 15:50:38 [INFO] Finished CPE Analyzer (1 seconds) 15:50:38 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:38 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:38 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:38 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:38 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:38 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:50:38 15:50:38 15:50:38 ## Recommendation 15:50:38 15:50:38 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:50:38 15:50:38 The following template can be used to demonstrate the vulnerability: 15:50:38 ```{{#with "constructor"}} 15:50:38 {{#with split as |a|}} 15:50:38 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:50:38 {{#with (concat (lookup join (slice 0 1)))}} 15:50:38 {{#each (slice 2 3)}} 15:50:38 {{#with (apply 0 a)}} 15:50:38 {{.}} 15:50:38 {{/with}} 15:50:38 {{/each}} 15:50:38 {{/with}} 15:50:38 {{/with}} 15:50:38 {{/with}}``` 15:50:38 15:50:38 15:50:38 ## Recommendation 15:50:38 15:50:38 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:50:38 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:50:38 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:38 [INFO] Analysis Complete (1 seconds) 15:50:38 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:38 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:38 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:38 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:38 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:38 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:38 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:38 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:38 [INFO] 15:50:38 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 15:50:38 [INFO] Building dependencies.wss4j 1.0 [33/69] 15:50:38 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:38 [INFO] 15:50:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 15:50:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 15:50:38 [INFO] 15:50:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 15:50:38 [INFO] 15:50:38 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 15:50:38 [INFO] Executing tasks 15:50:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 15:50:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 15:50:38 [INFO] Executed tasks 15:50:38 [INFO] 15:50:38 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wss4j --- 15:50:38 [INFO] Executing tasks 15:50:43 [INFO] Executed tasks 15:50:43 [INFO] 15:50:43 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.wss4j --- 15:50:43 [INFO] Checking for updates 15:50:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:43 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:43 [INFO] Check for updates complete (67 ms) 15:50:43 [INFO] 15:50:43 15:50:43 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:43 15:50:43 15:50:43 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:43 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:43 15:50:43 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:43 15:50:43 15:50:43 [INFO] Analysis Started 15:50:43 [INFO] Finished Archive Analyzer (0 seconds) 15:50:43 [INFO] Finished File Name Analyzer (0 seconds) 15:50:44 [INFO] Finished Jar Analyzer (0 seconds) 15:50:44 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:44 [INFO] Finished Hint Analyzer (0 seconds) 15:50:44 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:45 [INFO] Created CPE Index (1 seconds) 15:50:45 [INFO] Finished CPE Analyzer (1 seconds) 15:50:45 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:45 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:45 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:45 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:45 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:45 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 15:50:45 15:50:45 15:50:45 ## Recommendation 15:50:45 15:50:45 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 15:50:45 15:50:45 The following template can be used to demonstrate the vulnerability: 15:50:45 ```{{#with "constructor"}} 15:50:45 {{#with split as |a|}} 15:50:45 {{pop (push "alert('Vulnerable Handlebars JS');")}} 15:50:45 {{#with (concat (lookup join (slice 0 1)))}} 15:50:45 {{#each (slice 2 3)}} 15:50:45 {{#with (apply 0 a)}} 15:50:45 {{.}} 15:50:45 {{/with}} 15:50:45 {{/each}} 15:50:45 {{/with}} 15:50:45 {{/with}} 15:50:45 {{/with}}``` 15:50:45 15:50:45 15:50:45 ## Recommendation 15:50:45 15:50:45 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 15:50:45 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 15:50:45 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:45 [INFO] Analysis Complete (1 seconds) 15:50:45 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:45 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:45 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:45 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:45 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:45 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:45 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:45 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:45 [INFO] 15:50:45 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 15:50:45 [INFO] Building dependencies.testsuite 1.0 [34/69] 15:50:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:45 [INFO] 15:50:45 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite --- 15:50:45 [INFO] Executing tasks 15:50:50 [INFO] Executed tasks 15:50:50 [INFO] 15:50:50 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite --- 15:50:50 [INFO] Checking for updates 15:50:50 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:50 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:50 [INFO] Check for updates complete (70 ms) 15:50:51 [INFO] 15:50:51 15:50:51 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:51 15:50:51 15:50:51 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:51 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:51 15:50:51 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:51 15:50:51 15:50:51 [INFO] Analysis Started 15:50:51 [INFO] Finished File Name Analyzer (0 seconds) 15:50:51 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:51 [INFO] Finished Hint Analyzer (0 seconds) 15:50:51 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:52 [INFO] Created CPE Index (1 seconds) 15:50:52 [INFO] Finished CPE Analyzer (1 seconds) 15:50:52 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:52 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:52 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:52 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:52 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:52 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:52 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:52 [INFO] Analysis Complete (1 seconds) 15:50:52 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 15:50:52 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 15:50:52 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 15:50:52 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 15:50:52 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 15:50:52 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 15:50:52 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 15:50:52 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 15:50:52 [INFO] 15:50:52 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 15:50:52 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 15:50:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:52 [INFO] 15:50:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 15:50:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 15:50:52 [INFO] 15:50:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 15:50:52 [INFO] 15:50:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 15:50:52 [INFO] Executing tasks 15:50:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 15:50:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 15:50:52 [INFO] Executed tasks 15:50:52 [INFO] 15:50:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.axis14 --- 15:50:52 [INFO] Executing tasks 15:50:57 [INFO] Executed tasks 15:50:57 [INFO] 15:50:57 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.axis14 --- 15:50:57 [INFO] Checking for updates 15:50:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:50:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:50:57 [INFO] Check for updates complete (68 ms) 15:50:58 [INFO] 15:50:58 15:50:58 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:50:58 15:50:58 15:50:58 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:50:58 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:50:58 15:50:58 💖 Sponsor: https://github.com/sponsors/jeremylong 15:50:58 15:50:58 15:50:58 [INFO] Analysis Started 15:50:58 [INFO] Finished File Name Analyzer (0 seconds) 15:50:58 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:50:58 [INFO] Finished Hint Analyzer (0 seconds) 15:50:58 [INFO] Finished Version Filter Analyzer (0 seconds) 15:50:59 [INFO] Created CPE Index (1 seconds) 15:50:59 [INFO] Finished CPE Analyzer (1 seconds) 15:50:59 [INFO] Finished False Positive Analyzer (0 seconds) 15:50:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:50:59 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:50:59 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:50:59 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:50:59 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:50:59 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:50:59 [INFO] Analysis Complete (1 seconds) 15:50:59 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 15:50:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 15:50:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 15:50:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 15:50:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 15:50:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 15:50:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 15:50:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 15:50:59 [INFO] 15:50:59 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 15:50:59 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 15:50:59 [INFO] --------------------------------[ pom ]--------------------------------- 15:50:59 [INFO] 15:50:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer --- 15:50:59 [INFO] Executing tasks 15:51:04 [INFO] Executed tasks 15:51:04 [INFO] 15:51:04 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer --- 15:51:04 [INFO] Checking for updates 15:51:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:04 [INFO] Check for updates complete (66 ms) 15:51:04 [INFO] 15:51:04 15:51:04 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:04 15:51:04 15:51:04 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:04 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:04 15:51:04 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:04 15:51:04 15:51:04 [INFO] Analysis Started 15:51:04 [INFO] Finished File Name Analyzer (0 seconds) 15:51:04 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:04 [INFO] Finished Hint Analyzer (0 seconds) 15:51:04 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:06 [INFO] Created CPE Index (1 seconds) 15:51:06 [INFO] Finished CPE Analyzer (1 seconds) 15:51:06 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:06 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:06 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:06 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:06 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:06 [INFO] Analysis Complete (1 seconds) 15:51:06 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 15:51:06 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 15:51:06 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 15:51:06 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 15:51:06 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 15:51:06 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 15:51:06 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 15:51:06 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 15:51:06 [INFO] 15:51:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 15:51:06 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 15:51:06 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:06 [INFO] 15:51:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:51:06 [INFO] 15:51:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:51:06 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 15:51:06 [INFO] 15:51:06 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:51:06 [INFO] Executing tasks 15:51:11 [INFO] Executed tasks 15:51:11 [INFO] 15:51:11 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:51:11 [INFO] Checking for updates 15:51:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:11 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:11 [INFO] Check for updates complete (64 ms) 15:51:11 [INFO] 15:51:11 15:51:11 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:11 15:51:11 15:51:11 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:11 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:11 15:51:11 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:11 15:51:11 15:51:11 [INFO] Analysis Started 15:51:11 [INFO] Finished File Name Analyzer (0 seconds) 15:51:11 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:11 [INFO] Finished Hint Analyzer (0 seconds) 15:51:11 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:13 [INFO] Created CPE Index (1 seconds) 15:51:13 [INFO] Finished CPE Analyzer (1 seconds) 15:51:13 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:13 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:13 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:13 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:13 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:13 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:13 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:13 [INFO] Analysis Complete (1 seconds) 15:51:13 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:13 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:13 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:13 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:13 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:13 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:13 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:13 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:13 [INFO] 15:51:13 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 15:51:13 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 15:51:13 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:13 [INFO] 15:51:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:51:13 [INFO] 15:51:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:51:13 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 15:51:13 [INFO] 15:51:13 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:51:13 [INFO] Executing tasks 15:51:18 [INFO] Executed tasks 15:51:18 [INFO] 15:51:18 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:51:18 [INFO] Checking for updates 15:51:18 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:18 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:18 [INFO] Check for updates complete (65 ms) 15:51:18 [INFO] 15:51:18 15:51:18 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:18 15:51:18 15:51:18 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:18 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:18 15:51:18 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:18 15:51:18 15:51:18 [INFO] Analysis Started 15:51:18 [INFO] Finished File Name Analyzer (0 seconds) 15:51:18 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:18 [INFO] Finished Hint Analyzer (0 seconds) 15:51:18 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:19 [INFO] Created CPE Index (1 seconds) 15:51:20 [INFO] Finished CPE Analyzer (1 seconds) 15:51:20 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:20 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:20 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:20 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:20 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:20 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:20 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:20 [INFO] Analysis Complete (1 seconds) 15:51:20 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:20 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:20 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:20 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:20 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:20 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:20 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:20 [INFO] 15:51:20 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 15:51:20 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 15:51:20 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:20 [INFO] 15:51:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:51:20 [INFO] 15:51:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:51:20 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 15:51:20 [INFO] 15:51:20 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:51:20 [INFO] Executing tasks 15:51:25 [INFO] Executed tasks 15:51:25 [INFO] 15:51:25 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:51:25 [INFO] Checking for updates 15:51:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:25 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:25 [INFO] Check for updates complete (66 ms) 15:51:25 [INFO] 15:51:25 15:51:25 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:25 15:51:25 15:51:25 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:25 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:25 15:51:25 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:25 15:51:25 15:51:25 [INFO] Analysis Started 15:51:25 [INFO] Finished File Name Analyzer (0 seconds) 15:51:25 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:25 [INFO] Finished Hint Analyzer (0 seconds) 15:51:25 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:26 [INFO] Created CPE Index (1 seconds) 15:51:26 [INFO] Finished CPE Analyzer (1 seconds) 15:51:26 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:26 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:26 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:26 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:26 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:26 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:26 [INFO] Analysis Complete (1 seconds) 15:51:26 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:26 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:26 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:26 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:26 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:26 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:26 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:26 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:27 [INFO] 15:51:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 15:51:27 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 15:51:27 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:27 [INFO] 15:51:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:51:27 [INFO] 15:51:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:51:27 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 15:51:27 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 15:51:27 [INFO] 15:51:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:51:27 [INFO] Executing tasks 15:51:32 [INFO] Executed tasks 15:51:32 [INFO] 15:51:32 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:51:32 [INFO] Checking for updates 15:51:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:32 [INFO] Check for updates complete (67 ms) 15:51:32 [INFO] 15:51:32 15:51:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:32 15:51:32 15:51:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:32 15:51:32 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:32 15:51:32 15:51:32 [INFO] Analysis Started 15:51:32 [INFO] Finished File Name Analyzer (0 seconds) 15:51:32 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:32 [INFO] Finished Hint Analyzer (0 seconds) 15:51:32 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:33 [INFO] Created CPE Index (1 seconds) 15:51:33 [INFO] Finished CPE Analyzer (1 seconds) 15:51:33 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:33 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:33 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:33 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:33 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:33 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:33 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:33 [INFO] Analysis Complete (1 seconds) 15:51:33 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:33 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:33 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:33 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:33 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:33 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:33 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:33 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:33 [INFO] 15:51:33 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 15:51:33 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 15:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:33 [INFO] 15:51:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:51:33 [INFO] 15:51:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:51:33 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 15:51:33 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 15:51:33 [INFO] 15:51:33 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:51:34 [INFO] Executing tasks 15:51:39 [INFO] Executed tasks 15:51:39 [INFO] 15:51:39 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:51:39 [INFO] Checking for updates 15:51:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:39 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:39 [INFO] Check for updates complete (114 ms) 15:51:39 [INFO] 15:51:39 15:51:39 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:39 15:51:39 15:51:39 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:39 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:39 15:51:39 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:39 15:51:39 15:51:39 [INFO] Analysis Started 15:51:39 [INFO] Finished File Name Analyzer (0 seconds) 15:51:39 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:39 [INFO] Finished Hint Analyzer (0 seconds) 15:51:39 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:40 [INFO] Created CPE Index (1 seconds) 15:51:40 [INFO] Finished CPE Analyzer (1 seconds) 15:51:40 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:40 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:40 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:40 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:40 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:40 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:40 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:40 [INFO] Analysis Complete (1 seconds) 15:51:40 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:40 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:40 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:40 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:40 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:40 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:40 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:40 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:40 [INFO] 15:51:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 15:51:40 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 15:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:40 [INFO] 15:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:51:40 [INFO] 15:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:51:40 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 15:51:40 [INFO] 15:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:51:40 [INFO] Executing tasks 15:51:45 [INFO] Executed tasks 15:51:45 [INFO] 15:51:45 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:51:46 [INFO] Checking for updates 15:51:46 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:46 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:46 [INFO] Check for updates complete (67 ms) 15:51:46 [INFO] 15:51:46 15:51:46 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:46 15:51:46 15:51:46 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:46 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:46 15:51:46 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:46 15:51:46 15:51:46 [INFO] Analysis Started 15:51:46 [INFO] Finished File Name Analyzer (0 seconds) 15:51:46 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:46 [INFO] Finished Hint Analyzer (0 seconds) 15:51:46 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:47 [INFO] Created CPE Index (1 seconds) 15:51:47 [INFO] Finished CPE Analyzer (1 seconds) 15:51:47 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:47 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:47 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:47 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:47 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:47 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:47 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:47 [INFO] Analysis Complete (1 seconds) 15:51:47 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:47 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:47 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:47 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:47 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:47 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:47 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:47 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:47 [INFO] 15:51:47 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 15:51:47 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 15:51:47 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:47 [INFO] 15:51:47 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:51:47 [INFO] 15:51:47 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:51:47 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 15:51:47 [INFO] 15:51:47 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:51:47 [INFO] Executing tasks 15:51:52 [INFO] Executed tasks 15:51:52 [INFO] 15:51:52 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:51:53 [INFO] Checking for updates 15:51:53 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:51:53 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:51:53 [INFO] Check for updates complete (176 ms) 15:51:53 [INFO] 15:51:53 15:51:53 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:51:53 15:51:53 15:51:53 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:51:53 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:51:53 15:51:53 💖 Sponsor: https://github.com/sponsors/jeremylong 15:51:53 15:51:53 15:51:53 [INFO] Analysis Started 15:51:53 [INFO] Finished File Name Analyzer (0 seconds) 15:51:53 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:51:53 [INFO] Finished Hint Analyzer (0 seconds) 15:51:53 [INFO] Finished Version Filter Analyzer (0 seconds) 15:51:54 [INFO] Created CPE Index (1 seconds) 15:51:54 [INFO] Finished CPE Analyzer (1 seconds) 15:51:54 [INFO] Finished False Positive Analyzer (0 seconds) 15:51:54 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:51:54 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:51:54 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:51:54 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:51:54 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:51:54 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:51:54 [INFO] Analysis Complete (1 seconds) 15:51:54 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:51:54 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:51:54 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:51:54 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:51:54 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:51:54 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:51:54 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:51:54 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:51:54 [INFO] 15:51:54 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 15:51:54 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 15:51:54 [INFO] --------------------------------[ pom ]--------------------------------- 15:51:54 [INFO] 15:51:54 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:51:54 [INFO] 15:51:54 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:51:54 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 15:51:54 [INFO] 15:51:54 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:51:55 [INFO] Executing tasks 15:52:00 [INFO] Executed tasks 15:52:00 [INFO] 15:52:00 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:52:00 [INFO] Checking for updates 15:52:00 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:00 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:00 [INFO] Check for updates complete (74 ms) 15:52:00 [INFO] 15:52:00 15:52:00 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:00 15:52:00 15:52:00 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:00 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:00 15:52:00 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:00 15:52:00 15:52:00 [INFO] Analysis Started 15:52:00 [INFO] Finished File Name Analyzer (0 seconds) 15:52:00 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:00 [INFO] Finished Hint Analyzer (0 seconds) 15:52:00 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:01 [INFO] Created CPE Index (1 seconds) 15:52:01 [INFO] Finished CPE Analyzer (1 seconds) 15:52:01 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:01 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:01 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:01 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:01 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:01 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:01 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:01 [INFO] Analysis Complete (1 seconds) 15:52:01 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:01 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:01 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:01 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:01 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:01 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:01 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:01 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:01 [INFO] 15:52:01 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 15:52:01 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 15:52:01 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:01 [INFO] 15:52:01 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:52:01 [INFO] 15:52:01 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:52:01 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 15:52:01 [INFO] 15:52:01 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:52:01 [INFO] Executing tasks 15:52:06 [INFO] Executed tasks 15:52:06 [INFO] 15:52:06 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:52:06 [INFO] Checking for updates 15:52:06 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:07 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:07 [INFO] Check for updates complete (69 ms) 15:52:07 [INFO] 15:52:07 15:52:07 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:07 15:52:07 15:52:07 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:07 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:07 15:52:07 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:07 15:52:07 15:52:07 [INFO] Analysis Started 15:52:07 [INFO] Finished File Name Analyzer (0 seconds) 15:52:07 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:07 [INFO] Finished Hint Analyzer (0 seconds) 15:52:07 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:08 [INFO] Created CPE Index (1 seconds) 15:52:08 [INFO] Finished CPE Analyzer (1 seconds) 15:52:08 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:08 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:08 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:08 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:08 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:08 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:08 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:08 [INFO] Analysis Complete (1 seconds) 15:52:08 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:08 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:08 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:08 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:08 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:08 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:08 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:08 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:08 [INFO] 15:52:08 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 15:52:08 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 15:52:08 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:08 [INFO] 15:52:08 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:52:08 [INFO] 15:52:08 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:52:08 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 15:52:08 [INFO] 15:52:08 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:52:08 [INFO] Executing tasks 15:52:13 [INFO] Executed tasks 15:52:13 [INFO] 15:52:13 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:52:13 [INFO] Checking for updates 15:52:13 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:13 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:13 [INFO] Check for updates complete (66 ms) 15:52:14 [INFO] 15:52:14 15:52:14 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:14 15:52:14 15:52:14 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:14 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:14 15:52:14 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:14 15:52:14 15:52:14 [INFO] Analysis Started 15:52:14 [INFO] Finished File Name Analyzer (0 seconds) 15:52:14 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:14 [INFO] Finished Hint Analyzer (0 seconds) 15:52:14 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:15 [INFO] Created CPE Index (1 seconds) 15:52:15 [INFO] Finished CPE Analyzer (1 seconds) 15:52:15 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:15 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:15 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:15 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:15 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:15 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:15 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:15 [INFO] Analysis Complete (1 seconds) 15:52:15 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:15 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:15 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:15 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:15 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:15 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:15 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:15 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:15 [INFO] 15:52:15 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 15:52:15 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 15:52:15 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:15 [INFO] 15:52:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:52:15 [INFO] 15:52:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:52:15 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 15:52:15 [INFO] 15:52:15 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:52:15 [INFO] Executing tasks 15:52:20 [INFO] Executed tasks 15:52:20 [INFO] 15:52:20 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:52:20 [INFO] Checking for updates 15:52:20 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:20 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:20 [INFO] Check for updates complete (65 ms) 15:52:20 [INFO] 15:52:20 15:52:20 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:20 15:52:20 15:52:20 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:20 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:20 15:52:20 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:20 15:52:20 15:52:20 [INFO] Analysis Started 15:52:20 [INFO] Finished File Name Analyzer (0 seconds) 15:52:20 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:20 [INFO] Finished Hint Analyzer (0 seconds) 15:52:20 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:22 [INFO] Created CPE Index (1 seconds) 15:52:22 [INFO] Finished CPE Analyzer (1 seconds) 15:52:22 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:22 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:22 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:22 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:22 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:22 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:22 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:22 [INFO] Analysis Complete (1 seconds) 15:52:22 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:22 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:22 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:22 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:22 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:22 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:22 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:22 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:22 [INFO] 15:52:22 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 15:52:22 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 15:52:22 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:22 [INFO] 15:52:22 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:52:22 [INFO] 15:52:22 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:52:22 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 15:52:22 [INFO] 15:52:22 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:52:22 [INFO] Executing tasks 15:52:27 [INFO] Executed tasks 15:52:27 [INFO] 15:52:27 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:52:27 [INFO] Checking for updates 15:52:27 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:27 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:27 [INFO] Check for updates complete (66 ms) 15:52:27 [INFO] 15:52:27 15:52:27 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:27 15:52:27 15:52:27 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:27 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:27 15:52:27 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:27 15:52:27 15:52:27 [INFO] Analysis Started 15:52:27 [INFO] Finished File Name Analyzer (0 seconds) 15:52:27 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:27 [INFO] Finished Hint Analyzer (0 seconds) 15:52:27 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:29 [INFO] Created CPE Index (1 seconds) 15:52:29 [INFO] Finished CPE Analyzer (1 seconds) 15:52:29 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:29 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:29 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:29 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:29 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:29 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:29 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:29 [INFO] Analysis Complete (1 seconds) 15:52:29 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:29 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:29 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:29 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:29 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:29 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:29 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:29 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:29 [INFO] 15:52:29 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 15:52:29 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 15:52:29 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:29 [INFO] 15:52:29 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:52:29 [INFO] 15:52:29 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:52:29 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 15:52:29 [INFO] 15:52:29 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:52:29 [INFO] Executing tasks 15:52:34 [INFO] Executed tasks 15:52:34 [INFO] 15:52:34 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:52:34 [INFO] Checking for updates 15:52:34 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:34 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:34 [INFO] Check for updates complete (84 ms) 15:52:34 [INFO] 15:52:34 15:52:34 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:34 15:52:34 15:52:34 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:34 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:34 15:52:34 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:34 15:52:34 15:52:34 [INFO] Analysis Started 15:52:34 [INFO] Finished File Name Analyzer (0 seconds) 15:52:34 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:34 [INFO] Finished Hint Analyzer (0 seconds) 15:52:34 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:36 [INFO] Created CPE Index (1 seconds) 15:52:36 [INFO] Finished CPE Analyzer (1 seconds) 15:52:36 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:36 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:36 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:36 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:36 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:36 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:36 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:36 [INFO] Analysis Complete (1 seconds) 15:52:36 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:36 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:36 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:36 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:36 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:36 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:36 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:36 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:36 [INFO] 15:52:36 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 15:52:36 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 15:52:36 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:36 [INFO] 15:52:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:52:36 [INFO] 15:52:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:52:36 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 15:52:36 [INFO] 15:52:36 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:52:36 [INFO] Executing tasks 15:52:41 [INFO] Executed tasks 15:52:41 [INFO] 15:52:41 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:52:41 [INFO] Checking for updates 15:52:41 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:41 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:41 [INFO] Check for updates complete (64 ms) 15:52:41 [INFO] 15:52:41 15:52:41 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:41 15:52:41 15:52:41 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:41 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:41 15:52:41 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:41 15:52:41 15:52:41 [INFO] Analysis Started 15:52:41 [INFO] Finished File Name Analyzer (0 seconds) 15:52:41 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:41 [INFO] Finished Hint Analyzer (0 seconds) 15:52:41 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:43 [INFO] Created CPE Index (1 seconds) 15:52:43 [INFO] Finished CPE Analyzer (1 seconds) 15:52:43 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:43 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:43 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:43 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:43 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:43 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:43 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:43 [INFO] Analysis Complete (1 seconds) 15:52:43 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:43 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:43 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:43 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:43 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:43 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:43 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:43 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:43 [INFO] 15:52:43 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 15:52:43 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 15:52:43 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:43 [INFO] 15:52:43 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:52:43 [INFO] 15:52:43 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:52:43 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 15:52:43 [INFO] 15:52:43 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:52:43 [INFO] Executing tasks 15:52:48 [INFO] Executed tasks 15:52:48 [INFO] 15:52:48 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:52:48 [INFO] Checking for updates 15:52:48 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:48 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:48 [INFO] Check for updates complete (68 ms) 15:52:48 [INFO] 15:52:48 15:52:48 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:48 15:52:48 15:52:48 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:48 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:48 15:52:48 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:48 15:52:48 15:52:48 [INFO] Analysis Started 15:52:48 [INFO] Finished File Name Analyzer (0 seconds) 15:52:48 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:48 [INFO] Finished Hint Analyzer (0 seconds) 15:52:48 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:50 [INFO] Created CPE Index (1 seconds) 15:52:50 [INFO] Finished CPE Analyzer (1 seconds) 15:52:50 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:50 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:50 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:50 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:50 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:50 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:50 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:50 [INFO] Analysis Complete (1 seconds) 15:52:50 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:50 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:50 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:50 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:50 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:50 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:50 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:50 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:50 [INFO] 15:52:50 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 15:52:50 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 15:52:50 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:50 [INFO] 15:52:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:52:50 [INFO] 15:52:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:52:50 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 15:52:50 [INFO] 15:52:50 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:52:50 [INFO] Executing tasks 15:52:55 [INFO] Executed tasks 15:52:55 [INFO] 15:52:55 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:52:55 [INFO] Checking for updates 15:52:55 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:52:55 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:52:55 [INFO] Check for updates complete (64 ms) 15:52:55 [INFO] 15:52:55 15:52:55 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:52:55 15:52:55 15:52:55 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:52:55 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:52:55 15:52:55 💖 Sponsor: https://github.com/sponsors/jeremylong 15:52:55 15:52:55 15:52:55 [INFO] Analysis Started 15:52:55 [INFO] Finished File Name Analyzer (0 seconds) 15:52:55 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:52:55 [INFO] Finished Hint Analyzer (0 seconds) 15:52:55 [INFO] Finished Version Filter Analyzer (0 seconds) 15:52:57 [INFO] Created CPE Index (1 seconds) 15:52:57 [INFO] Finished CPE Analyzer (1 seconds) 15:52:57 [INFO] Finished False Positive Analyzer (0 seconds) 15:52:57 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:52:57 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:52:57 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:52:57 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:52:57 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:52:57 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:52:57 [INFO] Analysis Complete (1 seconds) 15:52:57 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:52:57 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:52:57 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:52:57 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:52:57 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:52:57 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:52:57 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:52:57 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:52:57 [INFO] 15:52:57 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 15:52:57 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 15:52:57 [INFO] --------------------------------[ pom ]--------------------------------- 15:52:57 [INFO] 15:52:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:52:57 [INFO] 15:52:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:52:57 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 15:52:57 [INFO] 15:52:57 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:52:57 [INFO] Executing tasks 15:53:02 [INFO] Executed tasks 15:53:02 [INFO] 15:53:02 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:53:02 [INFO] Checking for updates 15:53:02 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:02 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:02 [INFO] Check for updates complete (68 ms) 15:53:02 [INFO] 15:53:02 15:53:02 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:02 15:53:02 15:53:02 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:02 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:02 15:53:02 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:02 15:53:02 15:53:02 [INFO] Analysis Started 15:53:02 [INFO] Finished File Name Analyzer (0 seconds) 15:53:02 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:02 [INFO] Finished Hint Analyzer (0 seconds) 15:53:02 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:03 [INFO] Created CPE Index (1 seconds) 15:53:03 [INFO] Finished CPE Analyzer (1 seconds) 15:53:03 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:03 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:03 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:03 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:03 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:03 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:03 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:03 [INFO] Analysis Complete (1 seconds) 15:53:03 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:53:04 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:53:04 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:53:04 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:53:04 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:53:04 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:53:04 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:53:04 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:53:04 [INFO] 15:53:04 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 15:53:04 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 15:53:04 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:04 [INFO] 15:53:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:53:04 [INFO] 15:53:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:53:04 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 15:53:04 [INFO] 15:53:04 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:53:04 [INFO] Executing tasks 15:53:09 [INFO] Executed tasks 15:53:09 [INFO] 15:53:09 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:53:09 [INFO] Checking for updates 15:53:09 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:09 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:09 [INFO] Check for updates complete (65 ms) 15:53:09 [INFO] 15:53:09 15:53:09 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:09 15:53:09 15:53:09 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:09 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:09 15:53:09 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:09 15:53:09 15:53:09 [INFO] Analysis Started 15:53:09 [INFO] Finished File Name Analyzer (0 seconds) 15:53:09 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:09 [INFO] Finished Hint Analyzer (0 seconds) 15:53:09 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:10 [INFO] Created CPE Index (1 seconds) 15:53:10 [INFO] Finished CPE Analyzer (1 seconds) 15:53:10 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:10 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:10 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:10 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:10 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:10 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:10 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:10 [INFO] Analysis Complete (1 seconds) 15:53:10 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:53:10 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:53:10 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:53:10 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:53:10 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:53:10 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:53:10 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:53:10 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:53:10 [INFO] 15:53:10 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 15:53:10 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 15:53:10 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:10 [INFO] 15:53:10 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:53:10 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 15:53:10 [INFO] 15:53:10 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:53:10 [INFO] 15:53:10 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:53:11 [INFO] Executing tasks 15:53:16 [INFO] Executed tasks 15:53:16 [INFO] 15:53:16 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:53:16 [INFO] Checking for updates 15:53:16 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:16 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:16 [INFO] Check for updates complete (65 ms) 15:53:16 [INFO] 15:53:16 15:53:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:16 15:53:16 15:53:16 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:16 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:16 15:53:16 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:16 15:53:16 15:53:16 [INFO] Analysis Started 15:53:16 [INFO] Finished File Name Analyzer (0 seconds) 15:53:16 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:16 [INFO] Finished Hint Analyzer (0 seconds) 15:53:16 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:17 [INFO] Created CPE Index (1 seconds) 15:53:17 [INFO] Finished CPE Analyzer (1 seconds) 15:53:17 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:17 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:17 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:17 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:17 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:17 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:17 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:17 [INFO] Analysis Complete (1 seconds) 15:53:17 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 15:53:17 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 15:53:17 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 15:53:17 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 15:53:17 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 15:53:17 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 15:53:17 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 15:53:17 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 15:53:18 [INFO] 15:53:18 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 15:53:18 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 15:53:18 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:18 [INFO] 15:53:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 15:53:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 15:53:18 [INFO] 15:53:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 15:53:18 [INFO] 15:53:18 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 15:53:18 [INFO] Executing tasks 15:53:18 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 15:53:18 [INFO] Executed tasks 15:53:18 [INFO] 15:53:18 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.test --- 15:53:18 [INFO] Executing tasks 15:53:23 [INFO] Executed tasks 15:53:23 [INFO] 15:53:23 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.test --- 15:53:23 [INFO] Checking for updates 15:53:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:23 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:23 [INFO] Check for updates complete (67 ms) 15:53:23 [INFO] 15:53:23 15:53:23 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:23 15:53:23 15:53:23 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:23 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:23 15:53:23 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:23 15:53:23 15:53:23 [INFO] Analysis Started 15:53:23 [INFO] Finished File Name Analyzer (0 seconds) 15:53:23 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:23 [INFO] Finished Hint Analyzer (0 seconds) 15:53:23 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:24 [INFO] Created CPE Index (1 seconds) 15:53:24 [INFO] Finished CPE Analyzer (1 seconds) 15:53:24 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:24 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:24 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:24 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:24 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:24 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:24 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:24 [INFO] Analysis Complete (1 seconds) 15:53:24 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 15:53:24 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 15:53:24 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 15:53:24 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 15:53:24 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 15:53:24 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 15:53:24 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 15:53:24 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 15:53:25 [INFO] 15:53:25 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 15:53:25 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 15:53:25 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:25 [INFO] 15:53:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 15:53:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 15:53:25 [INFO] 15:53:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 15:53:25 [INFO] 15:53:25 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.staticAnalysis --- 15:53:25 [INFO] Executing tasks 15:53:30 [INFO] Executed tasks 15:53:30 [INFO] 15:53:30 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.staticAnalysis --- 15:53:30 [INFO] Checking for updates 15:53:30 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:30 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:30 [INFO] Check for updates complete (65 ms) 15:53:30 [INFO] 15:53:30 15:53:30 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:30 15:53:30 15:53:30 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:30 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:30 15:53:30 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:30 15:53:30 15:53:30 [INFO] Analysis Started 15:53:30 [INFO] Finished File Name Analyzer (0 seconds) 15:53:30 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:30 [INFO] Finished Hint Analyzer (0 seconds) 15:53:30 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:31 [INFO] Created CPE Index (1 seconds) 15:53:31 [INFO] Finished CPE Analyzer (1 seconds) 15:53:31 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:31 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:31 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:31 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:31 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:31 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:31 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:31 [INFO] Analysis Complete (1 seconds) 15:53:31 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 15:53:31 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 15:53:31 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 15:53:31 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 15:53:31 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 15:53:31 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 15:53:31 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 15:53:31 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 15:53:31 [INFO] 15:53:31 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 15:53:31 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 15:53:31 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:31 [INFO] 15:53:31 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:53:31 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 15:53:31 [INFO] 15:53:31 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:53:31 [INFO] 15:53:31 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:53:31 [INFO] Executing tasks 15:53:36 [INFO] Executed tasks 15:53:36 [INFO] 15:53:36 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:53:37 [INFO] Checking for updates 15:53:37 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:37 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:37 [INFO] Check for updates complete (65 ms) 15:53:37 [INFO] 15:53:37 15:53:37 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:37 15:53:37 15:53:37 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:37 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:37 15:53:37 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:37 15:53:37 15:53:37 [INFO] Analysis Started 15:53:37 [INFO] Finished File Name Analyzer (0 seconds) 15:53:37 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:37 [INFO] Finished Hint Analyzer (0 seconds) 15:53:37 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:38 [INFO] Created CPE Index (1 seconds) 15:53:38 [INFO] Finished CPE Analyzer (1 seconds) 15:53:38 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:38 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:38 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:38 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:38 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:38 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:38 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:38 [INFO] Analysis Complete (1 seconds) 15:53:38 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 15:53:38 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 15:53:38 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 15:53:38 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 15:53:38 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 15:53:38 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 15:53:38 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 15:53:38 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 15:53:38 [INFO] 15:53:38 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 15:53:38 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 15:53:38 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:38 [INFO] 15:53:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 15:53:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 15:53:38 [INFO] 15:53:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 15:53:38 [INFO] 15:53:38 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.coverage --- 15:53:38 [INFO] Executing tasks 15:53:43 [INFO] Executed tasks 15:53:43 [INFO] 15:53:43 [INFO] --- dependency-check-maven:12.1.6:aggregate (check owasp) @ org.openspcoop2.testsuite.coverage --- 15:53:43 [INFO] Checking for updates 15:53:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 15:53:44 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 15:53:44 [INFO] Check for updates complete (66 ms) 15:53:44 [INFO] 15:53:44 15:53:44 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 15:53:44 15:53:44 15:53:44 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 15:53:44 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 15:53:44 15:53:44 💖 Sponsor: https://github.com/sponsors/jeremylong 15:53:44 15:53:44 15:53:44 [INFO] Analysis Started 15:53:44 [INFO] Finished File Name Analyzer (0 seconds) 15:53:44 [INFO] Finished Dependency Merging Analyzer (0 seconds) 15:53:44 [INFO] Finished Hint Analyzer (0 seconds) 15:53:44 [INFO] Finished Version Filter Analyzer (0 seconds) 15:53:45 [INFO] Created CPE Index (1 seconds) 15:53:45 [INFO] Finished CPE Analyzer (1 seconds) 15:53:45 [INFO] Finished False Positive Analyzer (0 seconds) 15:53:45 [INFO] Finished NVD CVE Analyzer (0 seconds) 15:53:45 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 15:53:45 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 15:53:45 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 15:53:45 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 15:53:45 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 15:53:45 [INFO] Analysis Complete (1 seconds) 15:53:45 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 15:53:45 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 15:53:45 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 15:53:45 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 15:53:45 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 15:53:45 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 15:53:45 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 15:53:45 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 15:53:45 [INFO] 15:53:45 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 15:53:45 [INFO] Building compile 1.0 [60/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 15:53:45 [INFO] Building package 1.0 [61/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 15:53:45 [INFO] Building testsuite.utils 1.0 [62/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 15:53:45 [INFO] Building testsuite.utils.sql 1.0 [63/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 15:53:45 [INFO] Building testsuite.pdd.core 1.0 [64/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 15:53:45 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 15:53:45 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 15:53:45 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 15:53:45 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] 15:53:45 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 15:53:45 [INFO] Building coverage.jacoco 1.0 [69/69] 15:53:45 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:45 [INFO] ------------------------------------------------------------------------ 15:53:45 [INFO] Reactor Summary for govway 1.0: 15:53:45 [INFO] 15:53:45 [INFO] govway ............................................. SUCCESS [ 0.004 s] 15:53:45 [INFO] dependencies ....................................... SUCCESS [01:09 min] 15:53:45 [INFO] dependencies.ant ................................... SUCCESS [ 9.190 s] 15:53:45 [INFO] dependencies.antinstaller .......................... SUCCESS [ 7.880 s] 15:53:45 [INFO] dependencies.axiom ................................. SUCCESS [ 8.007 s] 15:53:45 [INFO] dependencies.bean-validation ....................... SUCCESS [ 7.686 s] 15:53:45 [INFO] dependencies.cxf ................................... SUCCESS [ 8.204 s] 15:53:45 [INFO] dependencies.commons ............................... SUCCESS [ 8.155 s] 15:53:45 [INFO] dependencies.faces ................................. SUCCESS [ 18.792 s] 15:53:45 [INFO] dependencies.git ................................... SUCCESS [ 7.313 s] 15:53:45 [INFO] dependencies.httpcore .............................. SUCCESS [ 7.482 s] 15:53:45 [INFO] dependencies.jackson ............................... SUCCESS [ 7.475 s] 15:53:45 [INFO] dependencies.javax ................................. SUCCESS [ 7.539 s] 15:53:45 [INFO] dependencies.jax ................................... SUCCESS [ 7.654 s] 15:53:45 [INFO] dependencies.jetty ................................. SUCCESS [ 6.909 s] 15:53:45 [INFO] dependencies.jminix ................................ SUCCESS [ 8.670 s] 15:53:45 [INFO] dependencies.json .................................. SUCCESS [ 7.522 s] 15:53:45 [INFO] dependencies.log ................................... SUCCESS [ 7.357 s] 15:53:45 [INFO] dependencies.lucene ................................ SUCCESS [ 7.246 s] 15:53:45 [INFO] dependencies.openapi4j ............................. SUCCESS [ 7.185 s] 15:53:45 [INFO] dependencies.opensaml .............................. SUCCESS [ 7.206 s] 15:53:45 [INFO] dependencies.pdf ................................... SUCCESS [ 7.157 s] 15:53:45 [INFO] dependencies.redis ................................. SUCCESS [ 7.239 s] 15:53:45 [INFO] dependencies.reports ............................... SUCCESS [ 7.430 s] 15:53:45 [INFO] dependencies.saaj .................................. SUCCESS [ 7.425 s] 15:53:45 [INFO] dependencies.security .............................. SUCCESS [ 7.567 s] 15:53:45 [INFO] dependencies.shared ................................ SUCCESS [ 9.611 s] 15:53:45 [INFO] dependencies.spring ................................ SUCCESS [ 7.543 s] 15:53:45 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 7.048 s] 15:53:45 [INFO] dependencies.spring-security ....................... SUCCESS [ 7.247 s] 15:53:45 [INFO] dependencies.swagger ............................... SUCCESS [ 16.649 s] 15:53:45 [INFO] dependencies.wadl .................................. SUCCESS [ 7.194 s] 15:53:45 [INFO] dependencies.wss4j ................................. SUCCESS [ 7.092 s] 15:53:45 [INFO] dependencies.testsuite ............................. SUCCESS [ 6.989 s] 15:53:45 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 6.917 s] 15:53:45 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 6.889 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 6.862 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 6.871 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 6.853 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 6.969 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 6.927 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 7.030 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 7.034 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 6.863 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 6.895 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 6.897 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 6.894 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 6.876 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 7.169 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 6.900 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 6.918 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 6.835 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 6.866 s] 15:53:45 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 6.893 s] 15:53:45 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 7.049 s] 15:53:45 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 6.996 s] 15:53:45 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 6.927 s] 15:53:45 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 6.907 s] 15:53:45 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 6.880 s] 15:53:45 [INFO] compile ............................................ SUCCESS [ 0.001 s] 15:53:45 [INFO] package ............................................ SUCCESS [ 0.000 s] 15:53:45 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 15:53:45 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 15:53:45 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 15:53:45 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s] 15:53:45 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 15:53:45 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 15:53:45 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 15:53:45 [INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s] 15:53:45 [INFO] ------------------------------------------------------------------------ 15:53:45 [INFO] BUILD SUCCESS 15:53:45 [INFO] ------------------------------------------------------------------------ 15:53:45 [INFO] Total time: 08:27 min 15:53:45 [INFO] Finished at: 2025-12-06T15:53:45+01:00 15:53:45 [INFO] ------------------------------------------------------------------------ 15:53:45 [GovWay] $ /bin/bash /tmp/jenkins10346238835799079767.sh 15:53:45 Pubblicazione risultati dependency check ... 15:53:45 cp: cannot create directory ‘/opt/apache-tomcat-9.0.91/webapps/dependency-check/result’: No such file or directory 15:53:45 Pubblicazione risultati dependency check effettuata 15:53:45 Pubblicazione installer su risultati testsuite ... 15:53:46 Pubblicazione installer su risultati testsuite effettuata 15:53:46 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=compile -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true compile 15:53:47 [INFO] Scanning for projects... 15:53:48 [INFO] ------------------------------------------------------------------------ 15:53:48 [INFO] Reactor Build Order: 15:53:48 [INFO] 15:53:48 [INFO] govway [pom] 15:53:48 [INFO] dependencies [pom] 15:53:48 [INFO] dependencies.ant [pom] 15:53:48 [INFO] dependencies.antinstaller [pom] 15:53:48 [INFO] dependencies.axiom [pom] 15:53:48 [INFO] dependencies.bean-validation [pom] 15:53:48 [INFO] dependencies.cxf [pom] 15:53:48 [INFO] dependencies.commons [pom] 15:53:48 [INFO] dependencies.faces [pom] 15:53:48 [INFO] dependencies.git [pom] 15:53:48 [INFO] dependencies.httpcore [pom] 15:53:48 [INFO] dependencies.jackson [pom] 15:53:48 [INFO] dependencies.javax [pom] 15:53:48 [INFO] dependencies.jax [pom] 15:53:48 [INFO] dependencies.jetty [pom] 15:53:48 [INFO] dependencies.jminix [pom] 15:53:48 [INFO] dependencies.json [pom] 15:53:48 [INFO] dependencies.log [pom] 15:53:48 [INFO] dependencies.lucene [pom] 15:53:48 [INFO] dependencies.openapi4j [pom] 15:53:48 [INFO] dependencies.opensaml [pom] 15:53:48 [INFO] dependencies.pdf [pom] 15:53:48 [INFO] dependencies.redis [pom] 15:53:48 [INFO] dependencies.reports [pom] 15:53:48 [INFO] dependencies.saaj [pom] 15:53:48 [INFO] dependencies.security [pom] 15:53:48 [INFO] dependencies.shared [pom] 15:53:48 [INFO] dependencies.spring [pom] 15:53:48 [INFO] dependencies.spring-ldap [pom] 15:53:48 [INFO] dependencies.spring-security [pom] 15:53:48 [INFO] dependencies.swagger [pom] 15:53:48 [INFO] dependencies.wadl [pom] 15:53:48 [INFO] dependencies.wss4j [pom] 15:53:48 [INFO] dependencies.testsuite [pom] 15:53:48 [INFO] dependencies.testsuite.axis14 [pom] 15:53:48 [INFO] dependencies.testsuite.as [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly9 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly10 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly11 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly12 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly13 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly14 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly15 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly16 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly17 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly18 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly19 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly20 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly21 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly22 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly23 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly24 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly25 [pom] 15:53:48 [INFO] dependencies.testsuite.as.wildfly26 [pom] 15:53:48 [INFO] dependencies.testsuite.as.tomcat9 [pom] 15:53:48 [INFO] dependencies.testsuite.test [pom] 15:53:48 [INFO] dependencies.testsuite.staticAnalysis [pom] 15:53:48 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 15:53:48 [INFO] dependencies.testsuite.coverage [pom] 15:53:48 [INFO] dependencies.soapbox [pom] 15:53:48 [INFO] compile [pom] 15:53:48 [INFO] package [pom] 15:53:48 [INFO] testsuite.utils [pom] 15:53:48 [INFO] testsuite.utils.sql [pom] 15:53:48 [INFO] testsuite.pdd.core [pom] 15:53:48 [INFO] testsuite.pdd.core.sql [pom] 15:53:48 [INFO] static_analysis.spotbugs [pom] 15:53:48 [INFO] static_analysis.sonarqube [pom] 15:53:48 [INFO] dynamic_analysis.zap [pom] 15:53:48 [INFO] coverage.jacoco [pom] 15:53:48 [INFO] 15:53:48 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 15:53:48 [INFO] Building govway 1.0 [1/70] 15:53:48 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:48 [INFO] 15:53:48 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 15:53:48 [INFO] Building dependencies 1.0 [2/70] 15:53:48 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:48 [INFO] 15:53:48 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 15:53:48 [INFO] Building dependencies.ant 1.0 [3/70] 15:53:48 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:48 [INFO] 15:53:48 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 15:53:48 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 15:53:48 [INFO] 15:53:48 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 15:53:49 [INFO] 15:53:49 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 15:53:49 [INFO] Building dependencies.antinstaller 1.0 [4/70] 15:53:49 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:49 [INFO] 15:53:49 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 15:53:49 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 15:53:49 [INFO] 15:53:49 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 15:53:49 [INFO] 15:53:49 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 15:53:49 [INFO] Building dependencies.axiom 1.0 [5/70] 15:53:49 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:50 [INFO] 15:53:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 15:53:50 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 15:53:50 [INFO] 15:53:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 15:53:50 [INFO] 15:53:50 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 15:53:50 [INFO] Executing tasks 15:53:50 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 15:53:50 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 15:53:50 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 15:53:50 [INFO] Executed tasks 15:53:50 [INFO] 15:53:50 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 15:53:50 [INFO] Building dependencies.bean-validation 1.0 [6/70] 15:53:50 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:50 [INFO] 15:53:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 15:53:50 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 15:53:50 [INFO] 15:53:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 15:53:50 [INFO] 15:53:50 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 15:53:50 [INFO] Building dependencies.cxf 1.0 [7/70] 15:53:50 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:50 [INFO] 15:53:50 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 15:53:50 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 15:53:50 [INFO] 15:53:50 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 15:53:50 [INFO] 15:53:50 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 15:53:50 [INFO] Executing tasks 15:53:50 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 15:53:50 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 15:53:50 [INFO] Executed tasks 15:53:50 [INFO] 15:53:50 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 15:53:50 [INFO] Building dependencies.commons 1.0 [8/70] 15:53:50 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 15:53:51 [INFO] 15:53:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 15:53:51 [INFO] Building dependencies.faces 1.0 [9/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 15:53:51 [INFO] 15:53:51 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 15:53:51 [INFO] Building dependencies.git 1.0 [10/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 15:53:51 [INFO] 15:53:51 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 15:53:51 [INFO] Building dependencies.httpcore 1.0 [11/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 15:53:51 [INFO] Executing tasks 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 15:53:51 [INFO] Executed tasks 15:53:51 [INFO] 15:53:51 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 15:53:51 [INFO] Building dependencies.jackson 1.0 [12/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 15:53:51 [INFO] 15:53:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 15:53:51 [INFO] Building dependencies.javax 1.0 [13/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 15:53:51 [INFO] 15:53:51 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 15:53:51 [INFO] Building dependencies.jax 1.0 [14/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 15:53:51 [INFO] 15:53:51 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 15:53:51 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 15:53:51 [INFO] 15:53:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 15:53:51 [INFO] Executing tasks 15:53:51 [INFO] Executed tasks 15:53:51 [INFO] 15:53:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 15:53:51 [INFO] Building dependencies.jetty 1.0 [15/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 15:53:51 [INFO] 15:53:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 15:53:51 [INFO] Building dependencies.jminix 1.0 [16/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 15:53:51 [INFO] Executing tasks 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 15:53:51 [INFO] Executed tasks 15:53:51 [INFO] 15:53:51 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 15:53:51 [INFO] Building dependencies.json 1.0 [17/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 15:53:51 [INFO] Executing tasks 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 15:53:51 [INFO] Executed tasks 15:53:51 [INFO] 15:53:51 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 15:53:51 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 15:53:51 [INFO] 15:53:51 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 15:53:51 [INFO] Building dependencies.log 1.0 [18/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 15:53:51 [INFO] Executing tasks 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 15:53:51 [INFO] Executed tasks 15:53:51 [INFO] 15:53:51 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 15:53:51 [INFO] Building dependencies.lucene 1.0 [19/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 15:53:51 [INFO] 15:53:51 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 15:53:51 [INFO] Building dependencies.openapi4j 1.0 [20/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 15:53:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 15:53:51 [INFO] 15:53:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 15:53:51 [INFO] 15:53:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 15:53:51 [INFO] Executing tasks 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 15:53:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 15:53:51 [INFO] Executed tasks 15:53:51 [INFO] 15:53:51 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 15:53:51 [INFO] Building dependencies.opensaml 1.0 [21/70] 15:53:51 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 15:53:52 [INFO] 15:53:52 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 15:53:52 [INFO] Building dependencies.pdf 1.0 [22/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 15:53:52 [INFO] 15:53:52 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 15:53:52 [INFO] Building dependencies.redis 1.0 [23/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 15:53:52 [INFO] 15:53:52 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 15:53:52 [INFO] Building dependencies.reports 1.0 [24/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 15:53:52 [INFO] 15:53:52 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 15:53:52 [INFO] Building dependencies.saaj 1.0 [25/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 15:53:52 [INFO] Building dependencies.security 1.0 [26/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 15:53:52 [INFO] Building dependencies.shared 1.0 [27/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 15:53:52 [INFO] Building dependencies.spring 1.0 [28/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 15:53:52 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 15:53:52 [INFO] 15:53:52 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 15:53:52 [INFO] Building dependencies.spring-security 1.0 [30/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 15:53:52 [INFO] Building dependencies.swagger 1.0 [31/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 15:53:52 [INFO] Building dependencies.wadl 1.0 [32/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 15:53:52 [INFO] 15:53:52 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 15:53:52 [INFO] Building dependencies.wss4j 1.0 [33/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 15:53:52 [INFO] Building dependencies.testsuite 1.0 [34/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 15:53:52 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 15:53:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 15:53:52 [INFO] Executing tasks 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 15:53:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 15:53:52 [INFO] Executed tasks 15:53:52 [INFO] 15:53:52 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 15:53:52 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 15:53:52 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 15:53:52 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 15:53:52 [INFO] 15:53:52 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 15:53:52 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 15:53:52 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 15:53:52 [INFO] 15:53:52 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 15:53:52 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 15:53:52 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 15:53:52 [INFO] 15:53:52 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 15:53:52 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:53:52 [INFO] 15:53:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 15:53:52 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 15:53:52 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 15:53:52 [INFO] 15:53:52 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 15:53:52 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 15:53:52 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 15:53:53 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 15:53:53 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 15:53:53 [INFO] 15:53:53 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 15:53:53 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:53:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 15:53:53 [INFO] 15:53:53 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 15:53:53 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 15:53:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 15:53:53 [INFO] Executing tasks 15:53:53 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 15:53:53 [INFO] Executed tasks 15:53:53 [INFO] 15:53:53 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 15:53:53 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 15:53:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 15:53:53 [INFO] 15:53:53 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 15:53:53 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:53:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 15:53:53 [INFO] 15:53:53 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 15:53:53 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 15:53:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 15:53:53 [INFO] 15:53:53 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 15:53:53 [INFO] Building dependencies.soapbox 1.0 [60/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 15:53:53 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 15:53:53 [INFO] 15:53:53 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 15:53:53 [INFO] 15:53:53 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 15:53:53 [INFO] Building compile 1.0 [61/70] 15:53:53 [INFO] --------------------------------[ pom ]--------------------------------- 15:53:53 [INFO] 15:53:53 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.compile --- 15:53:53 [INFO] Executing tasks 15:53:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist 15:54:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build 15:54:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/tmp 15:54:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 15:54:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:05 [WARNING] [echo] **************************************** 15:54:05 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:05 [WARNING] [echo] **************************************** 15:54:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils 15:54:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils] 15:54:06 [INFO] [javac] Compiling 37 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils_RELEASE.jar 15:54:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:13 [WARNING] [echo] **************************************** 15:54:13 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:13 [WARNING] [echo] **************************************** 15:54:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/instrument] 15:54:13 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-instrument_RELEASE.jar 15:54:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:18 [WARNING] [echo] **************************************** 15:54:18 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:18 [WARNING] [echo] **************************************** 15:54:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/resources] 15:54:18 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-resources_RELEASE.jar 15:54:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:23 [WARNING] [echo] **************************************** 15:54:23 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:23 [WARNING] [echo] **************************************** 15:54:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mime] 15:54:23 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mime_RELEASE.jar 15:54:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:26 [WARNING] [echo] **************************************** 15:54:26 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:26 [WARNING] [echo] **************************************** 15:54:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/date] 15:54:26 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-date_RELEASE.jar 15:54:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:30 [WARNING] [echo] **************************************** 15:54:30 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:30 [WARNING] [echo] **************************************** 15:54:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/io] 15:54:30 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-io_RELEASE.jar 15:54:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:35 [WARNING] [echo] **************************************** 15:54:35 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:35 [WARNING] [echo] **************************************** 15:54:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/random] 15:54:35 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-random_RELEASE.jar 15:54:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:39 [WARNING] [echo] **************************************** 15:54:39 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:39 [WARNING] [echo] **************************************** 15:54:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/properties] 15:54:39 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-properties_RELEASE.jar 15:54:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:43 [WARNING] [echo] **************************************** 15:54:43 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:43 [WARNING] [echo] **************************************** 15:54:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxb] 15:54:43 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:54:43 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxb_RELEASE.jar 15:54:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:47 [WARNING] [echo] **************************************** 15:54:47 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:47 [WARNING] [echo] **************************************** 15:54:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxrs] 15:54:47 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxrs_RELEASE.jar 15:54:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:51 [WARNING] [echo] **************************************** 15:54:51 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:51 [WARNING] [echo] **************************************** 15:54:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml] 15:54:51 [INFO] [javac] Compiling 41 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml_RELEASE.jar 15:54:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:54:56 [WARNING] [echo] **************************************** 15:54:56 [WARNING] [echo] **** DEBUG MODE ON ***** 15:54:56 [WARNING] [echo] **************************************** 15:54:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:54:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/json] 15:54:56 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:54:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-json_RELEASE.jar 15:54:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:00 [WARNING] [echo] **************************************** 15:55:00 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:00 [WARNING] [echo] **************************************** 15:55:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml2json] 15:55:00 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml2json_RELEASE.jar 15:55:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:03 [WARNING] [echo] **************************************** 15:55:03 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:03 [WARNING] [echo] **************************************** 15:55:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/digest] 15:55:03 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-digest_RELEASE.jar 15:55:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:07 [WARNING] [echo] **************************************** 15:55:07 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:07 [WARNING] [echo] **************************************** 15:55:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/regexp] 15:55:07 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-regexp_RELEASE.jar 15:55:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:11 [WARNING] [echo] **************************************** 15:55:11 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:11 [WARNING] [echo] **************************************** 15:55:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate] 15:55:11 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate_RELEASE.jar 15:55:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:15 [WARNING] [echo] **************************************** 15:55:15 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:15 [WARNING] [echo] **************************************** 15:55:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/transport] 15:55:15 [INFO] [javac] Compiling 65 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-transport_RELEASE.jar 15:55:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:20 [WARNING] [echo] **************************************** 15:55:20 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:20 [WARNING] [echo] **************************************** 15:55:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/ocsp] 15:55:20 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-ocsp_RELEASE.jar 15:55:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:24 [WARNING] [echo] **************************************** 15:55:24 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:24 [WARNING] [echo] **************************************** 15:55:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/remote] 15:55:24 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-remote_RELEASE.jar 15:55:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:27 [WARNING] [echo] **************************************** 15:55:27 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:27 [WARNING] [echo] **************************************** 15:55:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/byok] 15:55:27 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-byok_RELEASE.jar 15:55:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:31 [WARNING] [echo] **************************************** 15:55:31 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:31 [WARNING] [echo] **************************************** 15:55:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jmx] 15:55:31 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jmx_RELEASE.jar 15:55:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:35 [WARNING] [echo] **************************************** 15:55:35 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:35 [WARNING] [echo] **************************************** 15:55:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/cache] 15:55:35 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-cache_RELEASE.jar 15:55:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:39 [WARNING] [echo] **************************************** 15:55:39 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:39 [WARNING] [echo] **************************************** 15:55:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/checksum] 15:55:39 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-checksum_RELEASE.jar 15:55:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:42 [WARNING] [echo] **************************************** 15:55:42 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:42 [WARNING] [echo] **************************************** 15:55:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/crypt] 15:55:42 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-crypt_RELEASE.jar 15:55:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:46 [WARNING] [echo] **************************************** 15:55:46 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:46 [WARNING] [echo] **************************************** 15:55:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/csv] 15:55:46 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-csv_RELEASE.jar 15:55:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:50 [WARNING] [echo] **************************************** 15:55:50 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:50 [WARNING] [echo] **************************************** 15:55:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/dch] 15:55:50 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-dch_RELEASE.jar 15:55:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:53 [WARNING] [echo] **************************************** 15:55:53 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:53 [WARNING] [echo] **************************************** 15:55:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sql] 15:55:53 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sql_RELEASE.jar 15:55:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:55:58 [WARNING] [echo] **************************************** 15:55:58 [WARNING] [echo] **** DEBUG MODE ON ***** 15:55:58 [WARNING] [echo] **************************************** 15:55:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:55:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jdbc] 15:55:58 [INFO] [javac] Compiling 35 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:55:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jdbc_RELEASE.jar 15:55:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:02 [WARNING] [echo] **************************************** 15:56:02 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:02 [WARNING] [echo] **************************************** 15:56:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/id] 15:56:02 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-id_RELEASE.jar 15:56:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:05 [WARNING] [echo] **************************************** 15:56:05 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:05 [WARNING] [echo] **************************************** 15:56:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/serialization] 15:56:05 [INFO] [javac] Compiling 26 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-serialization_RELEASE.jar 15:56:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:09 [WARNING] [echo] **************************************** 15:56:09 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:09 [WARNING] [echo] **************************************** 15:56:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/logger] 15:56:09 [INFO] [javac] Compiling 77 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-logger_RELEASE.jar 15:56:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:13 [WARNING] [echo] **************************************** 15:56:13 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:13 [WARNING] [echo] **************************************** 15:56:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/service] 15:56:13 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-service_RELEASE.jar 15:56:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:18 [WARNING] [echo] **************************************** 15:56:18 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:18 [WARNING] [echo] **************************************** 15:56:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/beans] 15:56:18 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-beans_RELEASE.jar 15:56:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:21 [WARNING] [echo] **************************************** 15:56:21 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:21 [WARNING] [echo] **************************************** 15:56:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/security] 15:56:21 [INFO] [javac] Compiling 41 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-security_RELEASE.jar 15:56:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:26 [WARNING] [echo] **************************************** 15:56:26 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:26 [WARNING] [echo] **************************************** 15:56:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/pdf] 15:56:26 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-pdf_RELEASE.jar 15:56:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:30 [WARNING] [echo] **************************************** 15:56:30 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:30 [WARNING] [echo] **************************************** 15:56:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wsdl] 15:56:30 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wsdl_RELEASE.jar 15:56:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:34 [WARNING] [echo] **************************************** 15:56:34 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:34 [WARNING] [echo] **************************************** 15:56:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/rest] 15:56:34 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-rest_RELEASE.jar 15:56:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:39 [WARNING] [echo] **************************************** 15:56:39 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:39 [WARNING] [echo] **************************************** 15:56:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wadl] 15:56:39 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wadl_RELEASE.jar 15:56:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:43 [WARNING] [echo] **************************************** 15:56:43 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:43 [WARNING] [echo] **************************************** 15:56:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/openapi] 15:56:43 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-openapi_RELEASE.jar 15:56:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:47 [WARNING] [echo] **************************************** 15:56:47 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:47 [WARNING] [echo] **************************************** 15:56:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xacml] 15:56:47 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xacml_RELEASE.jar 15:56:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:51 [WARNING] [echo] **************************************** 15:56:51 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:51 [WARNING] [echo] **************************************** 15:56:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mail] 15:56:51 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mail_RELEASE.jar 15:56:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:54 [WARNING] [echo] **************************************** 15:56:54 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:54 [WARNING] [echo] **************************************** 15:56:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/datasource] 15:56:54 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-datasource_RELEASE.jar 15:56:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:56:58 [WARNING] [echo] **************************************** 15:56:58 [WARNING] [echo] **** DEBUG MODE ON ***** 15:56:58 [WARNING] [echo] **************************************** 15:56:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:56:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sonde] 15:56:58 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:56:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sonde_RELEASE.jar 15:56:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:01 [WARNING] [echo] **************************************** 15:57:01 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:01 [WARNING] [echo] **************************************** 15:57:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/semaphore] 15:57:01 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-semaphore_RELEASE.jar 15:57:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:05 [WARNING] [echo] **************************************** 15:57:05 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:05 [WARNING] [echo] **************************************** 15:57:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/threads] 15:57:05 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-threads_RELEASE.jar 15:57:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:08 [WARNING] [echo] **************************************** 15:57:08 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:08 [WARNING] [echo] **************************************** 15:57:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/oauth2] 15:57:08 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-oauth2_RELEASE.jar 15:57:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:12 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 15:57:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils_RELEASE.jar 15:57:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:19 [WARNING] [echo] **************************************** 15:57:19 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:19 [WARNING] [echo] **************************************** 15:57:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils-test 15:57:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/test] 15:57:19 [INFO] [javac] Compiling 66 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils-test/openspcoop2_utils-test_RELEASE.jar 15:57:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:23 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 15:57:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils-test_RELEASE.jar 15:57:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:29 [WARNING] [echo] **************************************** 15:57:29 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:29 [WARNING] [echo] **************************************** 15:57:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/generic_project/src/] 15:57:29 [INFO] [javac] Compiling 211 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_generic-project_RELEASE.jar 15:57:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:41 [WARNING] [echo] **************************************** 15:57:41 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:41 [WARNING] [echo] **************************************** 15:57:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/schemi 15:57:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-openspcoop2_RELEASE.jar 15:57:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:45 [WARNING] [echo] **************************************** 15:57:45 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:45 [WARNING] [echo] **************************************** 15:57:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-standard_RELEASE.jar 15:57:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:48 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 15:57:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_schemi-xsd_RELEASE.jar 15:57:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:51 [WARNING] [echo] **************************************** 15:57:51 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:51 [WARNING] [echo] **************************************** 15:57:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/message 15:57:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/context] 15:57:51 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:57:51 [INFO] [javac] Compiling 42 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message-context_RELEASE.jar 15:57:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:57:56 [WARNING] [echo] **************************************** 15:57:56 [WARNING] [echo] **** DEBUG MODE ON ***** 15:57:56 [WARNING] [echo] **************************************** 15:57:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:57:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message] 15:57:56 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:57:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message_RELEASE.jar 15:57:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:01 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 15:58:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_message_RELEASE.jar 15:58:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:07 [WARNING] [echo] **************************************** 15:58:07 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:07 [WARNING] [echo] **************************************** 15:58:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/core 15:58:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core] 15:58:08 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core_RELEASE.jar 15:58:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:11 [WARNING] [echo] **************************************** 15:58:11 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:11 [WARNING] [echo] **************************************** 15:58:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/id] 15:58:11 [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-id_RELEASE.jar 15:58:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:15 [WARNING] [echo] **************************************** 15:58:15 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:15 [WARNING] [echo] **************************************** 15:58:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons] 15:58:15 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons_RELEASE.jar 15:58:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:19 [WARNING] [echo] **************************************** 15:58:19 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:19 [WARNING] [echo] **************************************** 15:58:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/byok] 15:58:19 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-byok_RELEASE.jar 15:58:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:23 [WARNING] [echo] **************************************** 15:58:23 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:23 [WARNING] [echo] **************************************** 15:58:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config] 15:58:23 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:23 [INFO] [javac] Compiling 346 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:31 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:58:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config_RELEASE.jar 15:58:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:34 [WARNING] [echo] **************************************** 15:58:34 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:34 [WARNING] [echo] **************************************** 15:58:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry] 15:58:34 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:34 [INFO] [javac] Compiling 139 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:36 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:58:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry_RELEASE.jar 15:58:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:39 [WARNING] [echo] **************************************** 15:58:39 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:39 [WARNING] [echo] **************************************** 15:58:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/tracciamento] 15:58:39 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:39 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:40 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:58:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-tracciamento_RELEASE.jar 15:58:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:43 [WARNING] [echo] **************************************** 15:58:43 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:43 [WARNING] [echo] **************************************** 15:58:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/diagnostica] 15:58:43 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:43 [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-diagnostica_RELEASE.jar 15:58:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:47 [WARNING] [echo] **************************************** 15:58:47 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:47 [WARNING] [echo] **************************************** 15:58:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/transazioni] 15:58:47 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:47 [INFO] [javac] Compiling 144 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:49 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:58:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-transazioni_RELEASE.jar 15:58:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:52 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:52 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:52 [WARNING] [echo] **************************************** 15:58:52 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:52 [WARNING] [echo] **************************************** 15:58:52 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:52 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eventi] 15:58:52 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:52 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:53 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:58:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eventi_RELEASE.jar 15:58:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:58:56 [WARNING] [echo] **************************************** 15:58:56 [WARNING] [echo] **** DEBUG MODE ON ***** 15:58:56 [WARNING] [echo] **************************************** 15:58:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:58:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/statistiche] 15:58:56 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:58:56 [INFO] [javac] Compiling 108 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:58:58 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:58:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-statistiche_RELEASE.jar 15:58:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:01 [WARNING] [echo] **************************************** 15:59:01 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:01 [WARNING] [echo] **************************************** 15:59:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/plugins] 15:59:01 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:01 [INFO] [javac] Compiling 94 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:03 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:59:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-plugins_RELEASE.jar 15:59:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:06 [WARNING] [echo] **************************************** 15:59:06 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:06 [WARNING] [echo] **************************************** 15:59:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/controllo_traffico] 15:59:06 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:06 [INFO] [javac] Compiling 128 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:08 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:59:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-controllo_traffico_RELEASE.jar 15:59:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:10 [WARNING] [echo] **************************************** 15:59:10 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:10 [WARNING] [echo] **************************************** 15:59:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/allarmi] 15:59:10 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:10 [INFO] [javac] Compiling 76 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:12 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:59:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-allarmi_RELEASE.jar 15:59:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:15 [WARNING] [echo] **************************************** 15:59:15 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:15 [WARNING] [echo] **************************************** 15:59:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mapping] 15:59:15 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mapping_RELEASE.jar 15:59:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:18 [WARNING] [echo] **************************************** 15:59:18 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:18 [WARNING] [echo] **************************************** 15:59:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/details] 15:59:18 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:18 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:19 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:59:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-details_RELEASE.jar 15:59:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:22 [WARNING] [echo] **************************************** 15:59:22 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:22 [WARNING] [echo] **************************************** 15:59:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/router_details] 15:59:22 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:22 [INFO] [javac] Compiling 25 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-router_details_RELEASE.jar 15:59:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:25 [WARNING] [echo] **************************************** 15:59:25 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:25 [WARNING] [echo] **************************************** 15:59:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/errore_applicativo] 15:59:25 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:25 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:26 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 15:59:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-errore_applicativo_RELEASE.jar 15:59:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:29 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:29 [WARNING] [echo] **************************************** 15:59:29 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:29 [WARNING] [echo] **************************************** 15:59:29 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/integrazione] 15:59:29 [WARNING] [javac] anomalous package-info.java path: package-info.java 15:59:29 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-integrazione_RELEASE.jar 15:59:30 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:32 [WARNING] [echo] **************************************** 15:59:32 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:32 [WARNING] [echo] **************************************** 15:59:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver] 15:59:32 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver_RELEASE.jar 15:59:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:36 [WARNING] [echo] **************************************** 15:59:36 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:36 [WARNING] [echo] **************************************** 15:59:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/db] 15:59:36 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-db_RELEASE.jar 15:59:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:42 [WARNING] [echo] **************************************** 15:59:42 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:42 [WARNING] [echo] **************************************** 15:59:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/xml] 15:59:42 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-xml_RELEASE.jar 15:59:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:45 [WARNING] [echo] **************************************** 15:59:45 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:45 [WARNING] [echo] **************************************** 15:59:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/utils] 15:59:45 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-utils_RELEASE.jar 15:59:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:49 [WARNING] [echo] **************************************** 15:59:49 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:49 [WARNING] [echo] **************************************** 15:59:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver] 15:59:49 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver_RELEASE.jar 15:59:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:55 [WARNING] [echo] **************************************** 15:59:55 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:55 [WARNING] [echo] **************************************** 15:59:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/wsdl] 15:59:55 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-wsdl_RELEASE.jar 15:59:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 15:59:59 [WARNING] [echo] **************************************** 15:59:59 [WARNING] [echo] **** DEBUG MODE ON ***** 15:59:59 [WARNING] [echo] **************************************** 15:59:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 15:59:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/rest] 15:59:59 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 15:59:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-rest_RELEASE.jar 15:59:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:02 [WARNING] [echo] **************************************** 16:00:02 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:02 [WARNING] [echo] **************************************** 16:00:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/db] 16:00:02 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-db_RELEASE.jar 16:00:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:07 [WARNING] [echo] **************************************** 16:00:07 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:07 [WARNING] [echo] **************************************** 16:00:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/xml] 16:00:07 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-xml_RELEASE.jar 16:00:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:11 [WARNING] [echo] **************************************** 16:00:11 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:11 [WARNING] [echo] **************************************** 16:00:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/web] 16:00:11 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-web_RELEASE.jar 16:00:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:14 [WARNING] [echo] **************************************** 16:00:14 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:14 [WARNING] [echo] **************************************** 16:00:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/uddi] 16:00:14 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-uddi_RELEASE.jar 16:00:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:18 [WARNING] [echo] **************************************** 16:00:18 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:18 [WARNING] [echo] **************************************** 16:00:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/ws] 16:00:18 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-ws_RELEASE.jar 16:00:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:21 [WARNING] [echo] **************************************** 16:00:21 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:21 [WARNING] [echo] **************************************** 16:00:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/utils] 16:00:21 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-utils_RELEASE.jar 16:00:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:25 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:25 [WARNING] [echo] **************************************** 16:00:25 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:25 [WARNING] [echo] **************************************** 16:00:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/search] 16:00:25 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:00:25 [INFO] [javac] Compiling 184 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:28 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:00:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-search_RELEASE.jar 16:00:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:31 [WARNING] [echo] **************************************** 16:00:31 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:31 [WARNING] [echo] **************************************** 16:00:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/dao] 16:00:31 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-dao_RELEASE.jar 16:00:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:34 [WARNING] [echo] **************************************** 16:00:34 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:34 [WARNING] [echo] **************************************** 16:00:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mvc/properties] 16:00:34 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:00:34 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:35 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:00:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mvc_properties_RELEASE.jar 16:00:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:38 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:00:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_core_RELEASE.jar 16:00:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:45 [WARNING] [echo] **************************************** 16:00:45 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:45 [WARNING] [echo] **************************************** 16:00:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol-api 16:00:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/manifest] 16:00:46 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:00:46 [INFO] [javac] Compiling 131 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:47 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:00:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-manifest_RELEASE.jar 16:00:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:50 [WARNING] [echo] **************************************** 16:00:50 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:50 [WARNING] [echo] **************************************** 16:00:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/information_missing] 16:00:50 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:00:50 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:51 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:00:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-information_missing_RELEASE.jar 16:00:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:54 [WARNING] [echo] **************************************** 16:00:54 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:54 [WARNING] [echo] **************************************** 16:00:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/sdk] 16:00:54 [INFO] [javac] Compiling 226 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-sdk_RELEASE.jar 16:00:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:00:59 [WARNING] [echo] **************************************** 16:00:59 [WARNING] [echo] **** DEBUG MODE ON ***** 16:00:59 [WARNING] [echo] **************************************** 16:00:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:00:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/utils] 16:00:59 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:00:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-utils_RELEASE.jar 16:00:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:02 [WARNING] [echo] **************************************** 16:01:02 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:02 [WARNING] [echo] **************************************** 16:01:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/registry] 16:01:02 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-registry_RELEASE.jar 16:01:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:07 [WARNING] [echo] **************************************** 16:01:07 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:07 [WARNING] [echo] **************************************** 16:01:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/abstraction] 16:01:07 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:01:07 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:07 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:01:07 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-abstraction_RELEASE.jar 16:01:07 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:10 [WARNING] [echo] **************************************** 16:01:10 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:10 [WARNING] [echo] **************************************** 16:01:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/basic] 16:01:10 [INFO] [javac] Compiling 63 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-basic_RELEASE.jar 16:01:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:15 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:01:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol-api_RELEASE.jar 16:01:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:21 [WARNING] [echo] **************************************** 16:01:21 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:21 [WARNING] [echo] **************************************** 16:01:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor-api 16:01:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/sdk] 16:01:22 [INFO] [javac] Compiling 69 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor-api/openspcoop2_monitor-sdk_RELEASE.jar 16:01:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:25 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:01:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor-api_RELEASE.jar 16:01:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:31 [WARNING] [echo] **************************************** 16:01:31 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:31 [WARNING] [echo] **************************************** 16:01:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/security 16:01:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security] 16:01:32 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-core_RELEASE.jar 16:01:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:36 [WARNING] [echo] **************************************** 16:01:36 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:36 [WARNING] [echo] **************************************** 16:01:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message] 16:01:36 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message_RELEASE.jar 16:01:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:40 [WARNING] [echo] **************************************** 16:01:40 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:40 [WARNING] [echo] **************************************** 16:01:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/engine] 16:01:40 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-engine_RELEASE.jar 16:01:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:44 [WARNING] [echo] **************************************** 16:01:44 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:44 [WARNING] [echo] **************************************** 16:01:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/jose] 16:01:44 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-jose_RELEASE.jar 16:01:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:48 [WARNING] [echo] **************************************** 16:01:48 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:48 [WARNING] [echo] **************************************** 16:01:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:48 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/xml] 16:01:48 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-xml_RELEASE.jar 16:01:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:51 [WARNING] [echo] **************************************** 16:01:51 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:51 [WARNING] [echo] **************************************** 16:01:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/wss4j] 16:01:51 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-wss4j_RELEASE.jar 16:01:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:55 [WARNING] [echo] **************************************** 16:01:55 [WARNING] [echo] **** DEBUG MODE ON ***** 16:01:55 [WARNING] [echo] **************************************** 16:01:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/soapbox] 16:01:55 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-soapbox_RELEASE.jar 16:01:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:01:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:01:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:01:59 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:01:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_security_RELEASE.jar 16:02:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:05 [WARNING] [echo] **************************************** 16:02:05 [WARNING] [echo] **** DEBUG MODE ON ***** 16:02:05 [WARNING] [echo] **************************************** 16:02:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol 16:02:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/engine] 16:02:05 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol/openspcoop2_protocol_RELEASE.jar 16:02:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:11 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:02:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol_RELEASE.jar 16:02:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:17 [WARNING] [echo] **************************************** 16:02:17 [WARNING] [echo] **** DEBUG MODE ON ***** 16:02:17 [WARNING] [echo] **************************************** 16:02:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor 16:02:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/transazioni] 16:02:18 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:02:18 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:19 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:02:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-transazioni_RELEASE.jar 16:02:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:22 [WARNING] [echo] **************************************** 16:02:22 [WARNING] [echo] **** DEBUG MODE ON ***** 16:02:22 [WARNING] [echo] **************************************** 16:02:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/ricerche] 16:02:22 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:02:22 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-ricerche_RELEASE.jar 16:02:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:26 [WARNING] [echo] **************************************** 16:02:26 [WARNING] [echo] **** DEBUG MODE ON ***** 16:02:26 [WARNING] [echo] **************************************** 16:02:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/statistiche] 16:02:26 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:02:26 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-statistiche_RELEASE.jar 16:02:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:30 [WARNING] [echo] **************************************** 16:02:30 [WARNING] [echo] **** DEBUG MODE ON ***** 16:02:30 [WARNING] [echo] **************************************** 16:02:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine] 16:02:30 [INFO] [javac] Compiling 240 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:33 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/statistiche/package-info.class 16:02:33 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/ricerche/package-info.class 16:02:33 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/constants/package-info.class 16:02:33 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/package-info.class 16:02:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-engine_RELEASE.jar 16:02:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:36 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:02:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor_RELEASE.jar 16:02:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 16:02:40 [INFO] [copy] Copying 1121 files to /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 16:02:40 [WARNING] [echo] Raccolta informazioni git per impostazione versione... 16:02:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:02:43 [WARNING] [echo] **************************************** 16:02:43 [WARNING] [echo] **** DEBUG MODE ON ***** 16:02:43 [WARNING] [echo] **************************************** 16:02:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd 16:02:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:02:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd] 16:02:43 [INFO] [javac] Compiling 1046 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:02:59 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/constants/package-info.class 16:02:59 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/package-info.class 16:02:59 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/services/skeleton/package-info.class 16:02:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd/openspcoop2_pdd_RELEASE.jar 16:03:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:03 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:03:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd_RELEASE.jar 16:03:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION 16:03:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:09 [WARNING] [echo] **************************************** 16:03:09 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:09 [WARNING] [echo] **************************************** 16:03:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd-test 16:03:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/pdd_test] 16:03:09 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd-test/openspcoop2_pdd-test_RELEASE.jar 16:03:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:13 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:03:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd-test_RELEASE.jar 16:03:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:22 [WARNING] [echo] **************************************** 16:03:22 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:22 [WARNING] [echo] **************************************** 16:03:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/modipa 16:03:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 16:03:22 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-plugin_RELEASE.jar 16:03:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:27 [WARNING] [echo] **************************************** 16:03:27 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:27 [WARNING] [echo] **************************************** 16:03:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 16:03:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-config_RELEASE.jar 16:03:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:30 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:03:30 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_modipa-protocol_RELEASE.jar 16:03:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:39 [WARNING] [echo] **************************************** 16:03:39 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:39 [WARNING] [echo] **************************************** 16:03:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/spcoop 16:03:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/manifest] 16:03:40 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:03:40 [INFO] [javac] Compiling 73 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:41 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:03:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-manifest_RELEASE.jar 16:03:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:44 [WARNING] [echo] **************************************** 16:03:44 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:44 [WARNING] [echo] **************************************** 16:03:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/collprofiles] 16:03:44 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:03:44 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:44 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:03:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipacollprofiles_RELEASE.jar 16:03:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:47 [WARNING] [echo] **************************************** 16:03:47 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:47 [WARNING] [echo] **************************************** 16:03:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/schemas/_2003/egovit/exception1_0] 16:03:47 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:03:47 [INFO] [javac] Compiling 24 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipaexception_RELEASE.jar 16:03:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:51 [WARNING] [echo] **************************************** 16:03:51 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:51 [WARNING] [echo] **************************************** 16:03:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wscp] 16:03:51 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:03:51 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:51 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:03:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wscp_RELEASE.jar 16:03:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:54 [WARNING] [echo] **************************************** 16:03:54 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:54 [WARNING] [echo] **************************************** 16:03:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 16:03:54 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica_RELEASE.jar 16:03:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:03:58 [WARNING] [echo] **************************************** 16:03:58 [WARNING] [echo] **** DEBUG MODE ON ***** 16:03:58 [WARNING] [echo] **************************************** 16:03:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:03:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wsbl] 16:03:58 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:03:58 [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:03:58 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:03:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wsbl_RELEASE.jar 16:03:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:01 [WARNING] [echo] **************************************** 16:04:01 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:01 [WARNING] [echo] **************************************** 16:04:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 16:04:01 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-plugin_RELEASE.jar 16:04:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:05 [WARNING] [echo] **************************************** 16:04:05 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:05 [WARNING] [echo] **************************************** 16:04:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 16:04:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-config_RELEASE.jar 16:04:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:09 [WARNING] [echo] **************************************** 16:04:09 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:09 [WARNING] [echo] **************************************** 16:04:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-schemi_RELEASE.jar 16:04:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:11 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:04:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_spcoop-protocol_RELEASE.jar 16:04:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:20 [WARNING] [echo] **************************************** 16:04:20 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:20 [WARNING] [echo] **************************************** 16:04:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/trasparente 16:04:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 16:04:21 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-plugin_RELEASE.jar 16:04:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:24 [WARNING] [echo] **************************************** 16:04:24 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:24 [WARNING] [echo] **************************************** 16:04:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 16:04:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-config_RELEASE.jar 16:04:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:27 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:04:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_trasparente-protocol_RELEASE.jar 16:04:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:36 [WARNING] [echo] **************************************** 16:04:36 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:36 [WARNING] [echo] **************************************** 16:04:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/sdi 16:04:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_0] 16:04:37 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:04:37 [INFO] [javac] Compiling 111 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v10_RELEASE.jar 16:04:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:41 [WARNING] [echo] **************************************** 16:04:41 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:41 [WARNING] [echo] **************************************** 16:04:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_1] 16:04:41 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:04:41 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v11_RELEASE.jar 16:04:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:45 [WARNING] [echo] **************************************** 16:04:45 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:45 [WARNING] [echo] **************************************** 16:04:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_0/] 16:04:45 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:04:45 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturasemplificata-v10_RELEASE.jar 16:04:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:49 [WARNING] [echo] **************************************** 16:04:49 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:49 [WARNING] [echo] **************************************** 16:04:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_2/] 16:04:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:04:49 [INFO] [javac] Compiling 113 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v12_RELEASE.jar 16:04:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:53 [WARNING] [echo] **************************************** 16:04:53 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:53 [WARNING] [echo] **************************************** 16:04:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/messaggi/v1_0] 16:04:53 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:04:53 [INFO] [javac] Compiling 47 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-v10_RELEASE.jar 16:04:54 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:04:57 [WARNING] [echo] **************************************** 16:04:57 [WARNING] [echo] **** DEBUG MODE ON ***** 16:04:57 [WARNING] [echo] **************************************** 16:04:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:04:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fattura/messaggi/v1_0] 16:04:57 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:04:57 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:04:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-fattura-v10_RELEASE.jar 16:04:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:01 [WARNING] [echo] **************************************** 16:05:01 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:01 [WARNING] [echo] **************************************** 16:05:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/ricezione/v1_0/types] 16:05:01 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:05:01 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wsricezione-v10_RELEASE.jar 16:05:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:04 [WARNING] [echo] **************************************** 16:05:04 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:04 [WARNING] [echo] **************************************** 16:05:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/trasmissione/v1_0/types] 16:05:04 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:05:04 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wstrasmissione-v10_RELEASE.jar 16:05:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:07 [WARNING] [echo] **************************************** 16:05:07 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:07 [WARNING] [echo] **************************************** 16:05:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/org/openspcoop2/protocol/sdi] 16:05:07 [INFO] [javac] Compiling 32 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-plugin_RELEASE.jar 16:05:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:11 [WARNING] [echo] **************************************** 16:05:11 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:11 [WARNING] [echo] **************************************** 16:05:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src] 16:05:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-config_RELEASE.jar 16:05:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:14 [WARNING] [echo] **************************************** 16:05:14 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:14 [WARNING] [echo] **************************************** 16:05:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-schemi_RELEASE.jar 16:05:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:17 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:05:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_sdi-protocol_RELEASE.jar 16:05:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:26 [WARNING] [echo] **************************************** 16:05:26 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:26 [WARNING] [echo] **************************************** 16:05:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/as4 16:05:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/org/oasis_open/docs/ebxml_msg/ebms/v3_0/ns/core/_200704] 16:05:26 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:05:26 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-ebms-v3_0_RELEASE.jar 16:05:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:30 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:30 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:30 [WARNING] [echo] **************************************** 16:05:30 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:30 [WARNING] [echo] **************************************** 16:05:30 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:30 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/backend/ecodex/org/_1_1] 16:05:30 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:05:30 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:31 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 16:05:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-backend-ecodex-v1_1_RELEASE.jar 16:05:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:34 [WARNING] [echo] **************************************** 16:05:34 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:34 [WARNING] [echo] **************************************** 16:05:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/eu/domibus/configuration] 16:05:34 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:05:34 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-eu-domibus-configuration_RELEASE.jar 16:05:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:38 [WARNING] [echo] **************************************** 16:05:38 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:38 [WARNING] [echo] **************************************** 16:05:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 16:05:38 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-plugin_RELEASE.jar 16:05:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:42 [WARNING] [echo] **************************************** 16:05:42 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:42 [WARNING] [echo] **************************************** 16:05:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 16:05:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-config_RELEASE.jar 16:05:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:05:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:45 [WARNING] [echo] **************************************** 16:05:45 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:45 [WARNING] [echo] **************************************** 16:05:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-schemi_RELEASE.jar 16:05:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:48 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:05:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_as4-protocol_RELEASE.jar 16:05:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users 16:05:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:05:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:05:57 [WARNING] [echo] **************************************** 16:05:57 [WARNING] [echo] **** DEBUG MODE ON ***** 16:05:57 [WARNING] [echo] **************************************** 16:05:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:05:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 16:05:57 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:05:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 16:05:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc 16:06:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:07 [WARNING] [echo] **************************************** 16:06:07 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:07 [WARNING] [echo] **************************************** 16:06:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 16:06:08 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 16:06:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:14 [WARNING] [echo] **************************************** 16:06:14 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:14 [WARNING] [echo] **************************************** 16:06:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc 16:06:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 16:06:15 [INFO] [javac] Compiling 39 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:16 warning: Implicitly compiled files were not subject to annotation processing. 16:06:16 Use -proc:none to disable annotation processing or -implicit to specify a policy for implicit compilation. 16:06:16 1 warning 16:06:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 16:06:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:18 [WARNING] [echo] **************************************** 16:06:18 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:18 [WARNING] [echo] **************************************** 16:06:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 16:06:18 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 16:06:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:22 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:06:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 16:06:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit 16:06:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:31 [WARNING] [echo] **************************************** 16:06:31 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:31 [WARNING] [echo] **************************************** 16:06:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 16:06:31 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 16:06:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 16:06:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:39 [WARNING] [echo] **************************************** 16:06:39 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:39 [WARNING] [echo] **************************************** 16:06:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 16:06:39 [INFO] [javac] Compiling 39 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 16:06:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:43 [WARNING] [echo] **************************************** 16:06:43 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:43 [WARNING] [echo] **************************************** 16:06:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 16:06:43 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 16:06:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 16:06:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:47 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:06:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 16:06:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:06:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:53 [WARNING] [echo] **************************************** 16:06:53 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:53 [WARNING] [echo] **************************************** 16:06:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/audit 16:06:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/costanti] 16:06:53 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:06:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-costanti_RELEASE.jar 16:06:54 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:06:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:06:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:06:57 [WARNING] [echo] **************************************** 16:06:57 [WARNING] [echo] **** DEBUG MODE ON ***** 16:06:57 [WARNING] [echo] **************************************** 16:06:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:06:57 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/log] 16:06:57 [WARNING] [javac] anomalous package-info.java path: package-info.java 16:06:57 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:06:57 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2/constants/package-info.class 16:06:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-log_RELEASE.jar 16:06:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:07:00 [WARNING] [echo] **************************************** 16:07:00 [WARNING] [echo] **** DEBUG MODE ON ***** 16:07:00 [WARNING] [echo] **************************************** 16:07:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:07:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/dao] 16:07:00 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-dao_RELEASE.jar 16:07:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:07:04 [WARNING] [echo] **************************************** 16:07:04 [WARNING] [echo] **** DEBUG MODE ON ***** 16:07:04 [WARNING] [echo] **************************************** 16:07:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:07:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src] 16:07:04 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit_RELEASE.jar 16:07:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 16:07:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:07:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:07:07 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:07:07 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-audit_RELEASE.jar 16:07:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue 16:07:16 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 16:07:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:07:16 [WARNING] [echo] **************************************** 16:07:16 [WARNING] [echo] **** DEBUG MODE ON ***** 16:07:16 [WARNING] [echo] **************************************** 16:07:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:07:16 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/queue/src] 16:07:16 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 16:07:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-queue_RELEASE.jar 16:07:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 16:07:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole 16:07:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 16:07:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:07:26 [WARNING] [echo] **************************************** 16:07:26 [WARNING] [echo] **** DEBUG MODE ON ***** 16:07:26 [WARNING] [echo] **************************************** 16:07:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:07:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/control_station/src] 16:07:26 [INFO] [javac] Compiling 766 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 16:07:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayConsole_RELEASE.jar 16:07:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 16:07:52 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/faces-config.xml 16:07:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor 16:07:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:07:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:07:55 [WARNING] [echo] **************************************** 16:07:55 [WARNING] [echo] **** DEBUG MODE ON ***** 16:07:55 [WARNING] [echo] **************************************** 16:07:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core 16:07:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:07:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/] 16:07:55 [INFO] [javac] Compiling 147 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:07:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core_RELEASE.jar 16:07:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:00 [WARNING] [echo] **************************************** 16:08:00 [WARNING] [echo] **** DEBUG MODE ON ***** 16:08:00 [WARNING] [echo] **************************************** 16:08:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/resources] 16:08:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core-resources_RELEASE.jar 16:08:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:04 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 16:08:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-core_RELEASE.jar 16:08:09 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/META-INF/faces-config.xml 16:08:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:13 [WARNING] [echo] **************************************** 16:08:13 [WARNING] [echo] **** DEBUG MODE ON ***** 16:08:13 [WARNING] [echo] **************************************** 16:08:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/] 16:08:13 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-transazioni_RELEASE.jar 16:08:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/META-INF/faces-config.xml 16:08:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:24 [WARNING] [echo] **************************************** 16:08:24 [WARNING] [echo] **** DEBUG MODE ON ***** 16:08:24 [WARNING] [echo] **************************************** 16:08:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/] 16:08:24 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-statistiche_RELEASE.jar 16:08:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:33 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/META-INF/faces-config.xml 16:08:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:37 [WARNING] [echo] **************************************** 16:08:37 [WARNING] [echo] **** DEBUG MODE ON ***** 16:08:37 [WARNING] [echo] **************************************** 16:08:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/] 16:08:37 [INFO] [javac] Compiling 6 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-eventi_RELEASE.jar 16:08:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:44 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml 16:08:44 [ERROR] [concat] /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml.application does not exist. 16:08:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:47 [WARNING] [echo] **************************************** 16:08:47 [WARNING] [echo] **** DEBUG MODE ON ***** 16:08:47 [WARNING] [echo] **************************************** 16:08:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/] 16:08:47 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-allarmi_RELEASE.jar 16:08:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:08:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole 16:08:57 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 16:08:57 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:08:57 [WARNING] [echo] **************************************** 16:08:57 [WARNING] [echo] **** DEBUG MODE ON ***** 16:08:57 [WARNING] [echo] **************************************** 16:08:57 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:08:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/loader/src] 16:08:58 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 16:08:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-loaderConsole_RELEASE.jar 16:08:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 16:09:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig 16:09:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 16:09:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:09:08 [WARNING] [echo] **************************************** 16:09:08 [WARNING] [echo] **** DEBUG MODE ON ***** 16:09:08 [WARNING] [echo] **************************************** 16:09:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:09:08 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/config/server/src/] 16:09:08 [INFO] [javac] Compiling 462 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 16:09:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-config-server_RELEASE.jar 16:09:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 16:09:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:09:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:09:24 [WARNING] [echo] **************************************** 16:09:24 [WARNING] [echo] **** DEBUG MODE ON ***** 16:09:24 [WARNING] [echo] **************************************** 16:09:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:09:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/src/] 16:09:24 [INFO] [javac] Compiling 126 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:09:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-monitor-server_RELEASE.jar 16:09:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 16:09:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:09:36 [WARNING] [echo] **************************************** 16:09:36 [WARNING] [echo] **** DEBUG MODE ON ***** 16:09:36 [WARNING] [echo] **************************************** 16:09:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:09:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/statistiche/src/] 16:09:36 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-statistiche_RELEASE.jar 16:09:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:09:46 [WARNING] [echo] **************************************** 16:09:46 [WARNING] [echo] **** DEBUG MODE ON ***** 16:09:46 [WARNING] [echo] **************************************** 16:09:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:09:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/runtime-repository/src/] 16:09:46 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-runtime-repository_RELEASE.jar 16:09:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:09:56 [WARNING] [echo] **************************************** 16:09:56 [WARNING] [echo] **** DEBUG MODE ON ***** 16:09:56 [WARNING] [echo] **************************************** 16:09:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:09:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/config_loader/src] 16:09:56 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:09:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-configLoader_RELEASE.jar 16:09:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:10:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:10:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 16:10:05 [WARNING] [echo] **************************************** 16:10:05 [WARNING] [echo] **** DEBUG MODE ON ***** 16:10:05 [WARNING] [echo] **************************************** 16:10:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 16:10:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/govway_vault/src] 16:10:06 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:10:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-vault_RELEASE.jar 16:10:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 16:10:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build 16:10:09 [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist.backup 16:10:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 16:10:09 [INFO] [move] Moving 35 files to /var/lib/jenkins/workspace/GovWay/dist 16:10:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist.backup 16:10:09 [INFO] Executed tasks 16:10:09 [INFO] 16:10:09 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 16:10:09 [INFO] Building package 1.0 [62/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 16:10:09 [INFO] Building testsuite.utils 1.0 [63/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 16:10:09 [INFO] Building testsuite.utils.sql 1.0 [64/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 16:10:09 [INFO] Building testsuite.pdd.core 1.0 [65/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 16:10:09 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 16:10:09 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 16:10:09 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 16:10:09 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] 16:10:09 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 16:10:09 [INFO] Building coverage.jacoco 1.0 [70/70] 16:10:09 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:09 [INFO] ------------------------------------------------------------------------ 16:10:09 [INFO] Reactor Summary for govway 1.0: 16:10:09 [INFO] 16:10:09 [INFO] govway ............................................. SUCCESS [ 0.004 s] 16:10:09 [INFO] dependencies ....................................... SUCCESS [ 0.002 s] 16:10:09 [INFO] dependencies.ant ................................... SUCCESS [ 1.554 s] 16:10:09 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.039 s] 16:10:09 [INFO] dependencies.axiom ................................. SUCCESS [ 0.509 s] 16:10:09 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.055 s] 16:10:09 [INFO] dependencies.cxf ................................... SUCCESS [ 0.360 s] 16:10:09 [INFO] dependencies.commons ............................... SUCCESS [ 0.137 s] 16:10:09 [INFO] dependencies.faces ................................. SUCCESS [ 0.064 s] 16:10:09 [INFO] dependencies.git ................................... SUCCESS [ 0.022 s] 16:10:09 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.129 s] 16:10:09 [INFO] dependencies.jackson ............................... SUCCESS [ 0.066 s] 16:10:09 [INFO] dependencies.javax ................................. SUCCESS [ 0.044 s] 16:10:09 [INFO] dependencies.jax ................................... SUCCESS [ 0.177 s] 16:10:09 [INFO] dependencies.jetty ................................. SUCCESS [ 0.043 s] 16:10:09 [INFO] dependencies.jminix ................................ SUCCESS [ 0.068 s] 16:10:09 [INFO] dependencies.json .................................. SUCCESS [ 0.088 s] 16:10:09 [INFO] dependencies.log ................................... SUCCESS [ 0.103 s] 16:10:09 [INFO] dependencies.lucene ................................ SUCCESS [ 0.063 s] 16:10:09 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.072 s] 16:10:09 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.068 s] 16:10:09 [INFO] dependencies.pdf ................................... SUCCESS [ 0.026 s] 16:10:09 [INFO] dependencies.redis ................................. SUCCESS [ 0.067 s] 16:10:09 [INFO] dependencies.reports ............................... SUCCESS [ 0.040 s] 16:10:09 [INFO] dependencies.saaj .................................. SUCCESS [ 0.059 s] 16:10:09 [INFO] dependencies.security .............................. SUCCESS [ 0.078 s] 16:10:09 [INFO] dependencies.shared ................................ SUCCESS [ 0.197 s] 16:10:09 [INFO] dependencies.spring ................................ SUCCESS [ 0.083 s] 16:10:09 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.010 s] 16:10:09 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.055 s] 16:10:09 [INFO] dependencies.swagger ............................... SUCCESS [ 0.083 s] 16:10:09 [INFO] dependencies.wadl .................................. SUCCESS [ 0.011 s] 16:10:09 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.062 s] 16:10:09 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.000 s] 16:10:09 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.059 s] 16:10:09 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.022 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.029 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.027 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.024 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.024 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.024 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.024 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.022 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.027 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.025 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.027 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.026 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.136 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.029 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.037 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.039 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.041 s] 16:10:09 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.035 s] 16:10:09 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.013 s] 16:10:09 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.136 s] 16:10:09 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.018 s] 16:10:09 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.009 s] 16:10:09 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.050 s] 16:10:09 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.015 s] 16:10:09 [INFO] compile ............................................ SUCCESS [16:16 min] 16:10:09 [INFO] package ............................................ SUCCESS [ 0.001 s] 16:10:09 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 16:10:09 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 16:10:09 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.000 s] 16:10:09 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 16:10:09 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 16:10:09 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 16:10:09 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 16:10:09 [INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s] 16:10:09 [INFO] ------------------------------------------------------------------------ 16:10:09 [INFO] BUILD SUCCESS 16:10:09 [INFO] ------------------------------------------------------------------------ 16:10:09 [INFO] Total time: 16:22 min 16:10:09 [INFO] Finished at: 2025-12-06T16:10:09+01:00 16:10:09 [INFO] ------------------------------------------------------------------------ 16:10:10 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage.git_info.generate=false -Dpackage=package -Dcompile=none -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true package 16:10:11 [INFO] Scanning for projects... 16:10:12 [INFO] ------------------------------------------------------------------------ 16:10:12 [INFO] Reactor Build Order: 16:10:12 [INFO] 16:10:12 [INFO] govway [pom] 16:10:12 [INFO] dependencies [pom] 16:10:12 [INFO] dependencies.ant [pom] 16:10:12 [INFO] dependencies.antinstaller [pom] 16:10:12 [INFO] dependencies.axiom [pom] 16:10:12 [INFO] dependencies.bean-validation [pom] 16:10:12 [INFO] dependencies.cxf [pom] 16:10:12 [INFO] dependencies.commons [pom] 16:10:12 [INFO] dependencies.faces [pom] 16:10:12 [INFO] dependencies.git [pom] 16:10:12 [INFO] dependencies.httpcore [pom] 16:10:12 [INFO] dependencies.jackson [pom] 16:10:12 [INFO] dependencies.javax [pom] 16:10:12 [INFO] dependencies.jax [pom] 16:10:12 [INFO] dependencies.jetty [pom] 16:10:12 [INFO] dependencies.jminix [pom] 16:10:12 [INFO] dependencies.json [pom] 16:10:12 [INFO] dependencies.log [pom] 16:10:12 [INFO] dependencies.lucene [pom] 16:10:12 [INFO] dependencies.openapi4j [pom] 16:10:12 [INFO] dependencies.opensaml [pom] 16:10:12 [INFO] dependencies.pdf [pom] 16:10:12 [INFO] dependencies.redis [pom] 16:10:12 [INFO] dependencies.reports [pom] 16:10:12 [INFO] dependencies.saaj [pom] 16:10:12 [INFO] dependencies.security [pom] 16:10:12 [INFO] dependencies.shared [pom] 16:10:12 [INFO] dependencies.spring [pom] 16:10:12 [INFO] dependencies.spring-ldap [pom] 16:10:12 [INFO] dependencies.spring-security [pom] 16:10:12 [INFO] dependencies.swagger [pom] 16:10:12 [INFO] dependencies.wadl [pom] 16:10:12 [INFO] dependencies.wss4j [pom] 16:10:12 [INFO] dependencies.testsuite [pom] 16:10:12 [INFO] dependencies.testsuite.axis14 [pom] 16:10:12 [INFO] dependencies.testsuite.as [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly9 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly10 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly11 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly12 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly13 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly14 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly15 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly16 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly17 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly18 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly19 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly20 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly21 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly22 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly23 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly24 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly25 [pom] 16:10:12 [INFO] dependencies.testsuite.as.wildfly26 [pom] 16:10:12 [INFO] dependencies.testsuite.as.tomcat9 [pom] 16:10:12 [INFO] dependencies.testsuite.test [pom] 16:10:12 [INFO] dependencies.testsuite.staticAnalysis [pom] 16:10:12 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 16:10:12 [INFO] dependencies.testsuite.coverage [pom] 16:10:12 [INFO] dependencies.soapbox [pom] 16:10:12 [INFO] compile [pom] 16:10:12 [INFO] package [pom] 16:10:12 [INFO] testsuite.utils [pom] 16:10:12 [INFO] testsuite.utils.sql [pom] 16:10:12 [INFO] testsuite.pdd.core [pom] 16:10:12 [INFO] testsuite.pdd.core.sql [pom] 16:10:12 [INFO] static_analysis.spotbugs [pom] 16:10:12 [INFO] static_analysis.sonarqube [pom] 16:10:12 [INFO] dynamic_analysis.zap [pom] 16:10:12 [INFO] coverage.jacoco [pom] 16:10:12 [INFO] 16:10:12 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 16:10:12 [INFO] Building govway 1.0 [1/70] 16:10:12 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:12 [INFO] 16:10:12 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 16:10:12 [INFO] Building dependencies 1.0 [2/70] 16:10:12 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:12 [INFO] 16:10:12 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 16:10:12 [INFO] Building dependencies.ant 1.0 [3/70] 16:10:12 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:12 [INFO] 16:10:12 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 16:10:12 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 16:10:12 [INFO] 16:10:12 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 16:10:13 [INFO] 16:10:13 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 16:10:13 [INFO] Building dependencies.antinstaller 1.0 [4/70] 16:10:13 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:13 [INFO] 16:10:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 16:10:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 16:10:13 [INFO] 16:10:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 16:10:13 [INFO] 16:10:13 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 16:10:13 [INFO] Building dependencies.axiom 1.0 [5/70] 16:10:13 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:13 [INFO] 16:10:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 16:10:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 16:10:13 [INFO] 16:10:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 16:10:13 [INFO] 16:10:13 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 16:10:14 [INFO] Executing tasks 16:10:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 16:10:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 16:10:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 16:10:14 [INFO] Executed tasks 16:10:14 [INFO] 16:10:14 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 16:10:14 [INFO] Building dependencies.bean-validation 1.0 [6/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 16:10:14 [INFO] 16:10:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 16:10:14 [INFO] Building dependencies.cxf 1.0 [7/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 16:10:14 [INFO] Executing tasks 16:10:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 16:10:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 16:10:14 [INFO] Executed tasks 16:10:14 [INFO] 16:10:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 16:10:14 [INFO] Building dependencies.commons 1.0 [8/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 16:10:14 [INFO] 16:10:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 16:10:14 [INFO] Building dependencies.faces 1.0 [9/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 16:10:14 [INFO] 16:10:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 16:10:14 [INFO] Building dependencies.git 1.0 [10/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 16:10:14 [INFO] 16:10:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 16:10:14 [INFO] Building dependencies.httpcore 1.0 [11/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 16:10:14 [INFO] Executing tasks 16:10:14 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 16:10:14 [INFO] Executed tasks 16:10:14 [INFO] 16:10:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 16:10:14 [INFO] Building dependencies.jackson 1.0 [12/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 16:10:14 [INFO] 16:10:14 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 16:10:14 [INFO] Building dependencies.javax 1.0 [13/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 16:10:14 [INFO] 16:10:14 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 16:10:14 [INFO] Building dependencies.jax 1.0 [14/70] 16:10:14 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:14 [INFO] 16:10:14 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 16:10:14 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 16:10:14 [INFO] 16:10:14 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 16:10:15 [INFO] 16:10:15 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 16:10:15 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 16:10:15 [INFO] Building dependencies.jetty 1.0 [15/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 16:10:15 [INFO] 16:10:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 16:10:15 [INFO] Building dependencies.jminix 1.0 [16/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 16:10:15 [INFO] Building dependencies.json 1.0 [17/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 16:10:15 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 16:10:15 [INFO] 16:10:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 16:10:15 [INFO] Building dependencies.log 1.0 [18/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 16:10:15 [INFO] Building dependencies.lucene 1.0 [19/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 16:10:15 [INFO] 16:10:15 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 16:10:15 [INFO] Building dependencies.openapi4j 1.0 [20/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 16:10:15 [INFO] Building dependencies.opensaml 1.0 [21/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 16:10:15 [INFO] 16:10:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 16:10:15 [INFO] Building dependencies.pdf 1.0 [22/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 16:10:15 [INFO] 16:10:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 16:10:15 [INFO] Building dependencies.redis 1.0 [23/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 16:10:15 [INFO] 16:10:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 16:10:15 [INFO] Building dependencies.reports 1.0 [24/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 16:10:15 [INFO] 16:10:15 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 16:10:15 [INFO] Building dependencies.saaj 1.0 [25/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 16:10:15 [INFO] Building dependencies.security 1.0 [26/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 16:10:15 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 16:10:15 [INFO] 16:10:15 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 16:10:15 [INFO] 16:10:15 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 16:10:15 [INFO] Executing tasks 16:10:15 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 16:10:15 [INFO] Executed tasks 16:10:15 [INFO] 16:10:15 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 16:10:15 [INFO] Building dependencies.shared 1.0 [27/70] 16:10:15 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 16:10:16 [INFO] Executing tasks 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 16:10:16 [INFO] Executed tasks 16:10:16 [INFO] 16:10:16 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 16:10:16 [INFO] Building dependencies.spring 1.0 [28/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 16:10:16 [INFO] Executing tasks 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 16:10:16 [INFO] Executed tasks 16:10:16 [INFO] 16:10:16 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 16:10:16 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 16:10:16 [INFO] 16:10:16 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 16:10:16 [INFO] Building dependencies.spring-security 1.0 [30/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 16:10:16 [INFO] Executing tasks 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 16:10:16 [INFO] Executed tasks 16:10:16 [INFO] 16:10:16 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 16:10:16 [INFO] Building dependencies.swagger 1.0 [31/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 16:10:16 [INFO] Executing tasks 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 16:10:16 [INFO] Executed tasks 16:10:16 [INFO] 16:10:16 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 16:10:16 [INFO] Building dependencies.wadl 1.0 [32/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 16:10:16 [INFO] 16:10:16 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 16:10:16 [INFO] Building dependencies.wss4j 1.0 [33/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 16:10:16 [INFO] Executing tasks 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 16:10:16 [INFO] Executed tasks 16:10:16 [INFO] 16:10:16 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 16:10:16 [INFO] Building dependencies.testsuite 1.0 [34/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 16:10:16 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 16:10:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 16:10:16 [INFO] Executing tasks 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 16:10:16 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 16:10:16 [INFO] Executed tasks 16:10:16 [INFO] 16:10:16 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 16:10:16 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 16:10:16 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 16:10:16 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 16:10:16 [INFO] 16:10:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 16:10:16 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 16:10:16 [INFO] 16:10:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 16:10:16 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 16:10:16 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 16:10:17 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 16:10:17 [INFO] 16:10:17 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 16:10:17 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 16:10:17 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 16:10:17 [INFO] 16:10:17 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 16:10:17 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 16:10:17 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 16:10:17 [INFO] 16:10:17 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 16:10:17 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 16:10:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 16:10:17 [INFO] 16:10:17 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 16:10:17 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 16:10:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 16:10:17 [INFO] Executing tasks 16:10:17 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 16:10:17 [INFO] Executed tasks 16:10:17 [INFO] 16:10:17 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 16:10:17 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 16:10:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 16:10:17 [INFO] 16:10:17 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 16:10:17 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 16:10:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 16:10:17 [INFO] 16:10:17 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 16:10:17 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 16:10:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 16:10:17 [INFO] 16:10:17 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 16:10:17 [INFO] Building dependencies.soapbox 1.0 [60/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 16:10:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 16:10:17 [INFO] 16:10:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 16:10:17 [INFO] 16:10:17 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 16:10:17 [INFO] Building compile 1.0 [61/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 16:10:17 [INFO] Building package 1.0 [62/70] 16:10:17 [INFO] --------------------------------[ pom ]--------------------------------- 16:10:17 [INFO] 16:10:17 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.package --- 16:10:17 [INFO] Executing tasks 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: --------------------------------------- 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: WORK_DIR: /var/lib/jenkins/workspace/GovWay/dist 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: LOG_DIR: /var/lib/jenkins/workspace/GovWay/log 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: TIPO: branches 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: BUILD-SETUP: true 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: BUILD-DOC: false 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: BUILD-LIB: false 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: READ_GIT_INFO: false 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: VERSION: 3.3.18.build-master 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: --------------------------------------- 16:10:17 [INFO] [exec] WARN <2025/12/06 16:10:17>: Generazione distribuzione sorgente non eseguita su richiesta utente. 16:10:17 [INFO] [exec] ANT_OPTS: -Xmx512m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: Comincio produzione distribuzione binaria 16:10:17 [INFO] [exec] INFO <2025/12/06 16:10:17>: Generazione dei pacchetti software in corso (!!NOTA: questa operazione richiede parecchi minuti) ... 17:08:43 [INFO] [exec] INFO <2025/12/06 17:08:43>: Generazione dei pacchetti software terminata correttamente 17:08:43 [INFO] [exec] INFO <2025/12/06 17:08:43>: Generazione della documentazione (Questa operazione richiede qualche minuto) ... 17:08:43 [INFO] [exec] INFO <2025/12/06 17:08:43>: Generazione della documentazione terminata correttamente 17:08:43 [INFO] [exec] INFO <2025/12/06 17:08:43>: Generazione pacchetto installer ... 17:09:09 [INFO] [exec] /bin/rm -rf /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.18.build-master 17:09:09 [INFO] [exec] INFO <2025/12/06 17:09:09>: Generazione pacchetto installer terminata correttamente. 17:09:09 [INFO] [exec] INFO <2025/12/06 17:09:09>: Generazione distribuzione binaria terminata correttamente. Archivio generato: /var/lib/jenkins/workspace/GovWay/dist/govway-installer-3.3.18.build-master.tgz 17:09:09 [INFO] Executed tasks 17:09:09 [INFO] 17:09:09 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 17:09:09 [INFO] Building testsuite.utils 1.0 [63/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 17:09:09 [INFO] Building testsuite.utils.sql 1.0 [64/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 17:09:09 [INFO] Building testsuite.pdd.core 1.0 [65/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 17:09:09 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 17:09:09 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 17:09:09 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 17:09:09 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] 17:09:09 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 17:09:09 [INFO] Building coverage.jacoco 1.0 [70/70] 17:09:09 [INFO] --------------------------------[ pom ]--------------------------------- 17:09:09 [INFO] ------------------------------------------------------------------------ 17:09:09 [INFO] Reactor Summary for govway 1.0: 17:09:09 [INFO] 17:09:09 [INFO] govway ............................................. SUCCESS [ 0.004 s] 17:09:09 [INFO] dependencies ....................................... SUCCESS [ 0.001 s] 17:09:09 [INFO] dependencies.ant ................................... SUCCESS [ 1.218 s] 17:09:09 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.039 s] 17:09:09 [INFO] dependencies.axiom ................................. SUCCESS [ 0.484 s] 17:09:09 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.053 s] 17:09:09 [INFO] dependencies.cxf ................................... SUCCESS [ 0.356 s] 17:09:09 [INFO] dependencies.commons ............................... SUCCESS [ 0.149 s] 17:09:09 [INFO] dependencies.faces ................................. SUCCESS [ 0.062 s] 17:09:09 [INFO] dependencies.git ................................... SUCCESS [ 0.021 s] 17:09:09 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.133 s] 17:09:09 [INFO] dependencies.jackson ............................... SUCCESS [ 0.083 s] 17:09:09 [INFO] dependencies.javax ................................. SUCCESS [ 0.049 s] 17:09:09 [INFO] dependencies.jax ................................... SUCCESS [ 0.199 s] 17:09:09 [INFO] dependencies.jetty ................................. SUCCESS [ 0.052 s] 17:09:09 [INFO] dependencies.jminix ................................ SUCCESS [ 0.074 s] 17:09:09 [INFO] dependencies.json .................................. SUCCESS [ 0.097 s] 17:09:09 [INFO] dependencies.log ................................... SUCCESS [ 0.108 s] 17:09:09 [INFO] dependencies.lucene ................................ SUCCESS [ 0.020 s] 17:09:09 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.064 s] 17:09:09 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.065 s] 17:09:09 [INFO] dependencies.pdf ................................... SUCCESS [ 0.070 s] 17:09:09 [INFO] dependencies.redis ................................. SUCCESS [ 0.066 s] 17:09:09 [INFO] dependencies.reports ............................... SUCCESS [ 0.047 s] 17:09:09 [INFO] dependencies.saaj .................................. SUCCESS [ 0.066 s] 17:09:09 [INFO] dependencies.security .............................. SUCCESS [ 0.085 s] 17:09:09 [INFO] dependencies.shared ................................ SUCCESS [ 0.213 s] 17:09:09 [INFO] dependencies.spring ................................ SUCCESS [ 0.088 s] 17:09:09 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 17:09:09 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.056 s] 17:09:09 [INFO] dependencies.swagger ............................... SUCCESS [ 0.093 s] 17:09:09 [INFO] dependencies.wadl .................................. SUCCESS [ 0.011 s] 17:09:09 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.072 s] 17:09:09 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 17:09:09 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.070 s] 17:09:09 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.026 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.025 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.029 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.025 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.024 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.024 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.023 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.023 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.027 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.025 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.026 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.026 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.027 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.026 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.026 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.110 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.025 s] 17:09:09 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.026 s] 17:09:09 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.011 s] 17:09:09 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.116 s] 17:09:09 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.012 s] 17:09:09 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.007 s] 17:09:09 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.020 s] 17:09:09 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.012 s] 17:09:09 [INFO] compile ............................................ SUCCESS [ 0.000 s] 17:09:09 [INFO] package ............................................ SUCCESS [58:52 min] 17:09:09 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 17:09:09 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 17:09:09 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 17:09:09 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.000 s] 17:09:09 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 17:09:09 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 17:09:09 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 17:09:09 [INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s] 17:09:09 [INFO] ------------------------------------------------------------------------ 17:09:09 [INFO] BUILD SUCCESS 17:09:09 [INFO] ------------------------------------------------------------------------ 17:09:09 [INFO] Total time: 58:58 min 17:09:09 [INFO] Finished at: 2025-12-06T17:09:09+01:00 17:09:09 [INFO] ------------------------------------------------------------------------ 17:09:10 [GovWay] $ /bin/bash /tmp/jenkins8575868875500532615.sh 17:09:10 Sistemo dependency-check-result/dependency-check-report.xml ... 17:09:10 Sistemo dependency-check-result/dependency-check-report.xml ok 17:09:10 [GovWay] $ /bin/bash /tmp/jenkins17618240624742882460.sh 17:09:10 Archive Name [govway-installer-3.3.18.build-master.tgz] 17:09:13 Pubblicazione last distrib ... 17:09:13 Pubblicazione last distrib effettuata 17:09:13 Pubblicazione installer su risultati testsuite ... 17:09:13 Pubblicazione installer su risultati testsuite effettuata: scaricabile alla url 'https://jenkins.link.it/govway/govway-testsuite/installer/govway-installer-3.3.18.build-master.tgz' 17:09:14 Archive DIR [govway-installer-3.3.18.build-master] 17:09:14 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server ... 17:09:15 17:09:15 PLAY [instance_govway] ********************************************************* 17:09:15 17:09:15 TASK [Gathering Facts] ********************************************************* 17:09:16 ok: [127.0.0.1] 17:09:16 17:09:16 TASK [include_vars] ************************************************************ 17:09:16 ok: [127.0.0.1] 17:09:16 17:09:16 TASK [link.govway : Remove Old Jenkins Installer] ****************************** 17:09:16 [WARNING]: Consider using file module with state=absent rather than running rm 17:09:16 changed: [127.0.0.1] 17:09:16 17:09:16 TASK [link.govway : Load Jenkins Installer] ************************************ 17:09:31 changed: [127.0.0.1] 17:09:31 17:09:31 TASK [link.govway : Install the setup template] ******************************** 17:09:32 changed: [127.0.0.1] 17:09:32 17:09:32 TASK [link.govway : Fix the Govway installer to run non interactively] ********* 17:09:32 changed: [127.0.0.1] 17:09:32 17:09:32 TASK [link.govway : Fix the installer script to run non interactively] ********* 17:09:32 ok: [127.0.0.1] 17:09:32 17:09:32 TASK [link.govway : Fix the installer script template position] **************** 17:09:32 ok: [127.0.0.1] 17:09:32 17:09:32 TASK [link.govway : Verify JAVA_HOME and Run the Goway Setup] ****************** 17:11:18 changed: [127.0.0.1] 17:11:18 17:11:18 TASK [link.govway : Stop Tomcat 8] ********************************************* 17:11:34 [WARNING]: Consider using service module rather than running service 17:11:34 changed: [127.0.0.1] 17:11:34 17:11:34 TASK [link.govway : Drop Govway DB and Create new one] ************************* 17:11:49 changed: [127.0.0.1] 17:11:49 17:11:49 TASK [link.govway : Load GovWay.sql] ******************************************* 17:11:53 changed: [127.0.0.1] 17:11:53 17:11:53 TASK [link.govway : Load GovWay_init.sql] ************************************** 17:11:53 changed: [127.0.0.1] 17:11:53 17:11:53 TASK [link.govway : Create tomcat configuration backup directory] ************** 17:11:53 changed: [127.0.0.1] 17:11:53 17:11:53 TASK [link.govway : Backup Govway data sources] ******************************** 17:11:54 changed: [127.0.0.1] => (item=govwayConsole.xml) 17:11:54 changed: [127.0.0.1] => (item=govwayMonitor.xml) 17:11:54 changed: [127.0.0.1] => (item=govway.xml) 17:11:54 changed: [127.0.0.1] => (item=govwayAPIConfig.xml) 17:11:54 changed: [127.0.0.1] => (item=govwayAPIMonitor.xml) 17:11:54 17:11:54 TASK [link.govway : Backup Govway war files] *********************************** 17:11:55 changed: [127.0.0.1] => (item=govwayConsole.war) 17:11:56 changed: [127.0.0.1] => (item=govwayMonitor.war) 17:11:57 changed: [127.0.0.1] => (item=govway.war) 17:11:57 changed: [127.0.0.1] => (item=govwayAPIConfig.war) 17:11:58 changed: [127.0.0.1] => (item=govwayAPIMonitor.war) 17:11:58 17:11:58 TASK [link.govway : Remove archive] ******************************************** 17:11:58 changed: [127.0.0.1] 17:11:58 17:11:58 TASK [link.govway : Remove archive unpackaged] ********************************* 17:11:58 changed: [127.0.0.1] 17:11:58 17:11:58 TASK [link.govway : Backup Govway Properties files] **************************** 17:11:59 changed: [127.0.0.1] => (item=console_local.properties) 17:11:59 changed: [127.0.0.1] => (item=consolePassword.properties) 17:11:59 changed: [127.0.0.1] => (item=govway.fileTrace.log4j2.properties) 17:11:59 changed: [127.0.0.1] => (item=govway.fileTrace.properties) 17:11:59 changed: [127.0.0.1] => (item=govway_local.jcs.properties) 17:11:59 changed: [127.0.0.1] => (item=govway_local.properties) 17:12:00 changed: [127.0.0.1] => (item=monitor_local.properties) 17:12:00 changed: [127.0.0.1] => (item=spcoop_local.properties) 17:12:00 changed: [127.0.0.1] => (item=modipa_local.properties) 17:12:00 changed: [127.0.0.1] => (item=rs-api-config_local.properties) 17:12:00 changed: [127.0.0.1] => (item=rs-api-monitor_local.properties) 17:12:01 changed: [127.0.0.1] => (item=govway.map.properties) 17:12:01 changed: [127.0.0.1] => (item=byok.properties) 17:12:01 changed: [127.0.0.1] => (item=govway.secrets.properties) 17:12:01 changed: [127.0.0.1] => (item=govway.nodirun.properties) 17:12:01 17:12:01 TASK [link.govway : Remove tools] ********************************************** 17:12:01 changed: [127.0.0.1] 17:12:01 17:12:01 TASK [link.govway : Deploy the Govway data sources] **************************** 17:12:02 ok: [127.0.0.1] => (item=govwayConsole.xml) 17:12:02 ok: [127.0.0.1] => (item=govwayMonitor.xml) 17:12:02 ok: [127.0.0.1] => (item=govway.xml) 17:12:02 ok: [127.0.0.1] => (item=govwayAPIConfig.xml) 17:12:02 ok: [127.0.0.1] => (item=govwayAPIMonitor.xml) 17:12:02 17:12:02 TASK [link.govway : Deploy the Govway war files] ******************************* 17:12:03 changed: [127.0.0.1] => (item=govwayConsole.war) 17:12:04 changed: [127.0.0.1] => (item=govwayMonitor.war) 17:12:05 changed: [127.0.0.1] => (item=govway.war) 17:12:05 changed: [127.0.0.1] => (item=govwayAPIConfig.war) 17:12:06 changed: [127.0.0.1] => (item=govwayAPIMonitor.war) 17:12:06 17:12:06 TASK [link.govway : Deploy the Properties files] ******************************* 17:12:06 ok: [127.0.0.1] => (item=console_local.properties) 17:12:06 ok: [127.0.0.1] => (item=consolePassword.properties) 17:12:06 ok: [127.0.0.1] => (item=govway.fileTrace.log4j2.properties) 17:12:06 ok: [127.0.0.1] => (item=govway.fileTrace.properties) 17:12:07 ok: [127.0.0.1] => (item=govway_local.jcs.properties) 17:12:07 ok: [127.0.0.1] => (item=govway_local.properties) 17:12:07 ok: [127.0.0.1] => (item=monitor_local.properties) 17:12:07 ok: [127.0.0.1] => (item=spcoop_local.properties) 17:12:07 ok: [127.0.0.1] => (item=modipa_local.properties) 17:12:07 ok: [127.0.0.1] => (item=rs-api-config_local.properties) 17:12:08 ok: [127.0.0.1] => (item=rs-api-monitor_local.properties) 17:12:08 ok: [127.0.0.1] => (item=govway.map.properties) 17:12:08 ok: [127.0.0.1] => (item=byok.properties) 17:12:08 ok: [127.0.0.1] => (item=govway.secrets.properties) 17:12:08 ok: [127.0.0.1] => (item=govway.nodirun.properties) 17:12:08 17:12:08 TASK [link.govway : Set Govway Console Name] *********************************** 17:12:09 ok: [127.0.0.1] 17:12:09 17:12:09 TASK [link.govway : Set Govway Monitor Name] *********************************** 17:12:09 ok: [127.0.0.1] 17:12:09 17:12:09 TASK [link.govway : Deploy the tools dir] ************************************** 17:12:13 changed: [127.0.0.1] => (item=govway-config-loader) 17:12:16 changed: [127.0.0.1] => (item=govway-vault-cli) 17:12:16 17:12:16 TASK [link.govway : Change tomcat files ownership "/opt/apache-tomcat-9.0.91"] *** 17:12:38 changed: [127.0.0.1] 17:12:38 17:12:38 TASK [link.govway : Change tomcat files ownership "/etc/govway"] *************** 17:12:39 changed: [127.0.0.1] 17:12:39 17:12:39 TASK [link.govway : Change tomcat files ownership "/var/log/govway"] *********** 17:12:40 ok: [127.0.0.1] 17:12:40 17:12:40 TASK [link.govway : Start Tomcat 8] ******************************************** 17:12:40 changed: [127.0.0.1] 17:12:40 17:12:40 PLAY RECAP ********************************************************************* 17:12:40 127.0.0.1 : ok=30 changed=21 unreachable=0 failed=0 17:12:40 17:12:40 Esecuzione installer, creazione del database, deploy del software e riavvio dell'Application Server terminato 17:12:40 17:12:40 Attendo che GovWay sia completamente riavviato (timeout 120sec) 17:12:40 . 17:12:41 . 17:12:42 . 17:14:05 . 17:14:06 . 17:14:07 . 17:14:08 . 17:14:09 . 17:14:10 . 17:14:11 . 17:14:12 . 17:14:13 . 17:14:14 GovWay è tornato operativo 17:14:14 [GovWay] $ /bin/bash /tmp/jenkins16240538163277822387.sh 17:14:14 17:14:14 ********************************************** 17:14:14 17:14:14 Verifica Accesso Console 17:14:14 17:14:15 Accesso GovWay : Login effettuato con successo 17:14:16 17:14:16 Autorizzazioni: OK 17:14:16 17:14:16 Verifica Session Fixation (CWE-384) 17:14:16 17:14:16 Primo cookie (pre-auth): JSESSIONID_GW_CONSOLE=DEF7255CF086CB61E8A9943F9D62CCE5 17:14:16 17:14:16 Secondo cookie (after login): JSESSIONID_GW_CONSOLE=BACDACB9B25D129C977DADF86342DB6A 17:14:16 Verifica cookie pre-autenticazione con cookie dopo autenticazione: OK sono diversi 17:14:16 Rilevata problema di accesso dopo login 17:14:16 Atteso: http://127.0.0.1:8080/govwayConsole/messagePage.do?mpText=Console+ripristinata+con+successo.&mpType=info-sintetico 17:14:16 Ricevuto: messagePage.do?mpText=Console+ripristinata+con+successo.&mpType=info-sintetico 17:14:16 17:14:16 ********************************************** 17:14:16 17:14:16 ********************************************** 17:14:16 17:14:16 Verifica Accesso Console Monitoraggio 17:14:16 17:14:20 Accesso GovWay : Login effettuato con successo 17:14:20 17:14:20 Autorizzazioni: OK 17:14:20 17:14:20 Verifica Session Fixation (CWE-384) 17:14:20 17:14:20 Primo cookie (pre-auth): JSESSIONID_GW_MONITOR=320B7AC13AE3F9DD2D7717B82A90930F 17:14:20 17:14:20 Secondo cookie (after login): JSESSIONID_GW_MONITOR=1B438B4DD003D7812126F48B2DC9446E 17:14:20 Verifica cookie pre-autenticazione con cookie dopo autenticazione: OK sono diversi 17:14:22 Verifica accesso dopo login: OK 17:14:22 17:14:22 Terzo cookie: JSESSIONID_GW_MONITOR=AFD608E6CF6A2F8F6A4F233041A86EA0 17:14:22 Verifica cookie post-autenticazione1 con cookie dopo nuova autenticazione: OK sono diversi 17:14:23 Verifica accesso dopo login: OK 17:14:23 17:14:23 Verifica Logout Console 17:14:23 17:14:23 HTTP Status 302: OK 17:14:23 Location redirect a login.jsf: OK 17:14:23 Cookie prima del logout: 17:14:23 Cookie dopo il logout: JSESSIONID_GW_MONITOR=B6B950C32B74756A9052A3B4DAAF6E25 17:14:23 Verifica cookie post-autenticazione con cookie dopo logout: OK sono diversi 17:14:23 17:14:23 Verifica Brute Force - CWE-307 17:14:23 17:14:23 Test 1: Blocco dopo 4 tentativi falliti 17:14:23 Tentativo fallito 1/4... 17:14:24 Tentativo fallito 2/4... 17:14:24 Tentativo fallito 3/4... 17:14:24 Tentativo fallito 4/4... 17:14:24 Tentativo 5/5 con password corretta (dovrebbe essere bloccato)... 17:14:24 OK: Utenza correttamente bloccata dopo 4 tentativi falliti 17:14:24 Verifica che l'utenza rimanga bloccata... 17:14:24 OK: Utenza ancora bloccata 17:14:24 Attesa di 16 secondi per sblocco automatico... 17:14:40 Tentativo di login dopo attesa... 17:14:41 OK: Login riuscito dopo attesa di 16 secondi 17:14:41 17:14:41 Test 2: 3 tentativi falliti + 1 corretto (deve funzionare) 17:14:43 Tentativo fallito 1/3... 17:14:43 Tentativo fallito 2/3... 17:14:43 Tentativo fallito 3/3... 17:14:43 Tentativo 4/4 con password corretta (dovrebbe funzionare)... 17:14:43 OK: Login riuscito al 4° tentativo (dopo 3 falliti) 17:14:43 17:14:43 ********************************************** 17:14:43 [GovWay] $ /bin/bash /tmp/jenkins168921370355497047.sh 17:14:43 17:14:43 ********************************************** 17:14:43 Verifica Stato API Configurazione 17:14:43 17:14:44 ERROR: il servizio non è partito correttamente 17:14:44 PS:0 17:14:44 PS2:0 17:14:44 % Total % Received % Xferd Average Speed Time Time Time Current 17:14:44 Dload Upload Total Spent Left Speed 17:14:44 17:14:44 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 17:14:44 100 455 100 455 0 0 1322 0 --:--:-- --:--:-- --:--:-- 1322 17:14:44 <!doctype html><html lang="en"><head><title>HTTP Status 500 – Internal Server Error</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1></body></html> 17:14:44 17:14:44 RETURNCODE:500 17:14:44 17:14:44 ********************************************** 17:14:44 17:14:44 ********************************************** 17:14:44 Verifica Stato API Monitoraggio 17:14:44 17:14:44 ERROR: il servizio non è partito correttamente 17:14:44 PS:0 17:14:44 PS2:0 17:14:44 % Total % Received % Xferd Average Speed Time Time Time Current 17:14:44 Dload Upload Total Spent Left Speed 17:14:44 17:14:44 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 17:14:44 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0 17:14:44 100 455 100 455 0 0 1091 0 --:--:-- --:--:-- --:--:-- 1088 17:14:44 <!doctype html><html lang="en"><head><title>HTTP Status 500 – Internal Server Error</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 500 – Internal Server Error</h1></body></html> 17:14:44 17:14:44 RETURNCODE:500 17:14:44 17:14:44 ********************************************** 17:14:44 Build step 'Execute shell' marked build as failure 17:14:44 INFO: Processing JUnit 17:14:44 INFO: [JUnit] - 2 test report file(s) were found with the pattern 'tools/rs/*/server/testsuite/risultati-testsuite/TEST-*.xml' relative to '/var/lib/jenkins/workspace/GovWay' for the testing framework 'JUnit'. 17:14:44 ERROR: Step ‘Publish xUnit test result report’ failed: Test reports were found but not all of them are new. Did all the tests run? 17:14:45 * /var/lib/jenkins/workspace/GovWay/tools/rs/config/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.config.rs.testsuite.ApiConfigTestSuite.xml is 3 days 18 hr old 17:14:45 * /var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.monitor.rs.testsuite.ApiMonitorTestSuite.xml is 3 days 17 hr old 17:14:45 17:14:45 TestNG Reports Processing: START 17:14:45 Looking for TestNG results report in workspace using pattern: **/testng-results.xml 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 testng-results.xml was last modified before this build started. Ignoring it. 17:14:45 Saving reports... 17:14:45 Found matching files but did not find any TestNG results. 17:14:45 Collecting Dependency-Check artifact 17:14:46 Parsing file /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 17:14:46 [analysis] Skipping execution of recorder since overall result is 'FAILURE' Started calculate disk usage of build Finished Calculation of disk usage of build in 0 seconds Started calculate disk usage of workspace Finished Calculation of disk usage of workspace in 0 seconds Finished: FAILURE