18:41:40 Started by GitHub push by andreapoli 18:41:40 Started by GitHub push by andreapoli 18:41:40 Running as SYSTEM 18:41:40 Building in workspace /var/lib/jenkins/workspace/GovWay 18:41:40 [WS-CLEANUP] Clean-up disabled, skipping workspace deletion. 18:41:40 The recommended git tool is: NONE 18:41:40 No credentials specified 18:41:40 > /usr/bin/git rev-parse --resolve-git-dir /var/lib/jenkins/workspace/GovWay/.git # timeout=10 18:41:40 Fetching changes from the remote Git repository 18:41:40 > /usr/bin/git config remote.origin.url https://github.com/link-it/govway.git # timeout=10 18:41:40 Fetching upstream changes from https://github.com/link-it/govway.git 18:41:40 > /usr/bin/git --version # timeout=10 18:41:40 > git --version # 'git version 2.23.1' 18:41:40 > /usr/bin/git fetch --tags --force --progress -- https://github.com/link-it/govway.git +refs/heads/*:refs/remotes/origin/* # timeout=10 18:41:41 > /usr/bin/git rev-parse origin/master^{commit} # timeout=10 18:41:41 Checking out Revision 9c9d96a5edcae5efbe585168c41e5d22c066b21c (origin/master) 18:41:41 > /usr/bin/git config core.sparsecheckout # timeout=10 18:41:41 > /usr/bin/git checkout -f 9c9d96a5edcae5efbe585168c41e5d22c066b21c # timeout=10 18:41:42 Commit message: "[GovWayCore] Risolta segnalazione SonarQube riportata in ambiente CI Jenkins" 18:41:42 > /usr/bin/git rev-list --no-walk 6e2b520fb9cfdeb379ed893f64e04923cee47129 # timeout=10 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 Run condition [Boolean condition] enabling prebuild for step [BuilderChain] 18:41:42 [GovWay] $ /bin/bash /tmp/jenkins12284539279591617594.sh 18:41:42 ============================= 18:41:42 General Info 18:41:42 Workspace: /var/lib/jenkins/workspace/GovWay 18:41:42 Build: true 18:41:42 Deploy: true 18:41:42 Test: true 18:41:42 Test Integrazione: true 18:41:42 ============================= 18:41:42 18:41:42 ============================= 18:41:42 Environment Info 18:41:42 HOME: /var/lib/jenkins 18:41:42 ANT_OPTS: -Xmx1024m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 18:41:42 MAVEN_OPTS: 18:41:42 SOFTHSM2_CONF: /home/ec2-user/lib/softhsm/softhsm2.conf 18:41:42 SONAR_SCANNER_OPTS: 18:41:42 ============================= 18:41:42 18:41:42 ============================= 18:41:42 Java 18:41:42 openjdk version "11.0.12" 2021-07-20 18:41:42 OpenJDK Runtime Environment 18.9 (build 11.0.12+7) 18:41:42 OpenJDK 64-Bit Server VM 18.9 (build 11.0.12+7, mixed mode) 18:41:42 ============================= 18:41:42 18:41:42 ============================= 18:41:42 Git Info 18:41:42 Url: https://github.com/link-it/govway.git 18:41:42 branch: origin/master 18:41:42 commit: 9c9d96a5edcae5efbe585168c41e5d22c066b21c 18:41:42 previuos commit: 6e2b520fb9cfdeb379ed893f64e04923cee47129 18:41:42 previuos successful commit: 6e2b520fb9cfdeb379ed893f64e04923cee47129 18:41:42 commit message: [GovWayCore] 18:41:42 Risolta segnalazione SonarQube riportata in ambiente CI Jenkins 18:41:42 ============================= 18:41:42 18:41:42 ============================= 18:41:42 NODEjs Info 18:41:42 v22.14.0 18:41:42 { 18:41:42 npm: '10.9.2', 18:41:42 node: '22.14.0', 18:41:42 acorn: '8.14.0', 18:41:42 ada: '2.9.2', 18:41:42 amaro: '0.3.0', 18:41:42 ares: '1.34.4', 18:41:42 brotli: '1.1.0', 18:41:42 cjs_module_lexer: '1.4.1', 18:41:42 cldr: '46.0', 18:41:42 icu: '76.1', 18:41:42 llhttp: '9.2.1', 18:41:42 modules: '127', 18:41:42 napi: '10', 18:41:42 nbytes: '0.1.1', 18:41:42 ncrypto: '0.0.1', 18:41:42 nghttp2: '1.64.0', 18:41:42 nghttp3: '1.6.0', 18:41:42 ngtcp2: '1.10.0', 18:41:42 openssl: '3.0.15+quic', 18:41:42 simdjson: '3.10.1', 18:41:42 simdutf: '6.0.3', 18:41:42 sqlite: '3.47.2', 18:41:42 tz: '2024b', 18:41:42 undici: '6.21.1', 18:41:42 unicode: '16.0', 18:41:42 uv: '1.49.2', 18:41:42 uvwasi: '0.0.21', 18:41:42 v8: '12.4.254.21-node.22', 18:41:42 zlib: '1.3.0.1-motley-82a5fec' 18:41:42 } 18:41:42 ============================= 18:41:42 18:41:42 ============================= 18:41:42 OWASP ZAP Info 'ZAP_2.17.0' 18:41:42 Associo diritti di esecuzione agli script zap ... 18:41:42 Associati diritti di esecuzione agli script zap 18:41:42 Update ... 18:41:42 Execute: /opt/openjdk-17.0.14+7/bin/java -classpath /opt/zaproxy/ZAP_2.17.0/*:/opt/zaproxy/ZAP_2.17.0/lib/* org.zaproxy.zap.ZAP -cmd -addonupdate -port 8280 -host 127.0.0.1 18:41:43 Defaulting ZAP install dir to /opt/zaproxy/ZAP_2.17.0 18:42:00 Add-on downloaded to: /var/lib/jenkins/.ZAP/plugin/graphql-alpha-0.31.0.zap 18:42:00 Add-on downloaded to: /var/lib/jenkins/.ZAP/plugin/openapi-beta-52.zap 18:42:00 Add-on update check complete 18:42:07 Update effettuato 18:42:07 ============================= 18:42:07 18:42:07 18:42:07 18:42:07 Fermo application server ... 18:42:07 Stoping Tomcat 18:42:07 NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED 18:42:08 Pid Tomcat: 4436 18:42:08 18:42:09 waiting for processes to exit 18:42:10 waiting for processes to exit 18:42:11 waiting for processes to exit 18:42:12 waiting for processes to exit 18:42:13 waiting for processes to exit 18:42:14 waiting for processes to exit 18:42:15 waiting for processes to exit 18:42:16 waiting for processes to exit 18:42:17 waiting for processes to exit 18:42:18 waiting for processes to exit 18:42:19 waiting for processes to exit 18:42:20 waiting for processes to exit 18:42:21 waiting for processes to exit 18:42:22 waiting for processes to exit 18:42:23 waiting for processes to exit 18:42:24 waiting for processes to exit 18:42:25 waiting for processes to exit 18:42:26 waiting for processes to exitFermo application server effettuato 18:42:26 Ripulisco log application server ... 18:42:26 Ripulisco log application server effettuato 18:42:26 Predispongo dir testsuite ... 18:42:26 Predispongo dir testsuite ok 18:42:26 Ripulisco output jacoco ... 18:42:26 Ripulisco output jacoco effettuato 18:42:26 Fermo sonarqube ... 18:42:26 18:42:26 Gracefully stopping SonarQube... 18:42:28 Stopped SonarQube. 18:42:28 Fermo sonarqube effettuato 18:42:28 Verifico che il workspace non esista ... 18:42:28 Non e' stata rilevata una corretta re-inizializzazione del Workspace 18:42:28 [Boolean condition] checking [true] against [^(1|y|yes|t|true|on|run)$] (origin token: ${GOVWAY_BUILD}) 18:42:28 Run condition [Boolean condition] enabling perform for step [BuilderChain] 18:42:28 [GovWay] $ /bin/sh -xe /tmp/jenkins5459304453914791612.sh 18:42:28 + perl -pi -e s/log4bash.appender=ColorConsoleAppender/log4bash.appender=ConsoleAppender/g /var/lib/jenkins/workspace/GovWay/distrib/log4bash.properties 18:42:28 + sed -i -e 's#<module>swagger-codegen</module>#<!-- <module>swagger-codegen</module> -->#g' /var/lib/jenkins/workspace/GovWay/mvn/dependencies/pom.xml 18:42:28 + sed -i -e s#UPDATE_DOC=true#UPDATE_DOC=false#g /var/lib/jenkins/workspace/GovWay/distrib/distrib.sh 18:42:28 + sed -i -e s#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver,db2#DB_VERSION=postgresql,mysql,oracle,hsql,sqlserver#g /var/lib/jenkins/workspace/GovWay/ant/setup/prepare-build.properties 18:42:28 + sed -i -e 's#<dependencies.soapbox>false</dependencies.soapbox>#<dependencies.soapbox>true</dependencies.soapbox>#g' /var/lib/jenkins/workspace/GovWay/pom.xml 18:42:28 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Ddependencies.soapbox=true initialize 18:42:31 [INFO] Scanning for projects... 18:42:31 [INFO] ------------------------------------------------------------------------ 18:42:31 [INFO] Reactor Build Order: 18:42:31 [INFO] 18:42:31 [INFO] govway [pom] 18:42:31 [INFO] dependencies [pom] 18:42:31 [INFO] dependencies.ant [pom] 18:42:31 [INFO] dependencies.antinstaller [pom] 18:42:31 [INFO] dependencies.axiom [pom] 18:42:31 [INFO] dependencies.bean-validation [pom] 18:42:31 [INFO] dependencies.cxf [pom] 18:42:31 [INFO] dependencies.commons [pom] 18:42:31 [INFO] dependencies.faces [pom] 18:42:31 [INFO] dependencies.git [pom] 18:42:31 [INFO] dependencies.httpcore [pom] 18:42:31 [INFO] dependencies.jackson [pom] 18:42:31 [INFO] dependencies.javax [pom] 18:42:31 [INFO] dependencies.jax [pom] 18:42:31 [INFO] dependencies.jetty [pom] 18:42:31 [INFO] dependencies.jminix [pom] 18:42:31 [INFO] dependencies.json [pom] 18:42:31 [INFO] dependencies.log [pom] 18:42:31 [INFO] dependencies.lucene [pom] 18:42:31 [INFO] dependencies.openapi4j [pom] 18:42:31 [INFO] dependencies.opensaml [pom] 18:42:31 [INFO] dependencies.pdf [pom] 18:42:31 [INFO] dependencies.redis [pom] 18:42:31 [INFO] dependencies.reports [pom] 18:42:31 [INFO] dependencies.saaj [pom] 18:42:31 [INFO] dependencies.security [pom] 18:42:31 [INFO] dependencies.shared [pom] 18:42:31 [INFO] dependencies.spring [pom] 18:42:31 [INFO] dependencies.spring-ldap [pom] 18:42:31 [INFO] dependencies.spring-security [pom] 18:42:31 [INFO] dependencies.swagger [pom] 18:42:31 [INFO] dependencies.wadl [pom] 18:42:31 [INFO] dependencies.wss4j [pom] 18:42:31 [INFO] dependencies.testsuite [pom] 18:42:31 [INFO] dependencies.testsuite.axis14 [pom] 18:42:31 [INFO] dependencies.testsuite.as [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly9 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly10 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly11 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly12 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly13 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly14 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly15 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly16 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly17 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly18 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly19 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly20 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly21 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly22 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly23 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly24 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly25 [pom] 18:42:31 [INFO] dependencies.testsuite.as.wildfly26 [pom] 18:42:31 [INFO] dependencies.testsuite.as.tomcat9 [pom] 18:42:31 [INFO] dependencies.testsuite.test [pom] 18:42:31 [INFO] dependencies.testsuite.staticAnalysis [pom] 18:42:31 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 18:42:31 [INFO] dependencies.testsuite.coverage [pom] 18:42:31 [INFO] dependencies.soapbox [pom] 18:42:31 [INFO] compile [pom] 18:42:31 [INFO] package [pom] 18:42:31 [INFO] testsuite.utils [pom] 18:42:31 [INFO] testsuite.utils.sql [pom] 18:42:31 [INFO] testsuite.pdd.core [pom] 18:42:31 [INFO] testsuite.pdd.core.sql [pom] 18:42:31 [INFO] static_analysis.spotbugs [pom] 18:42:31 [INFO] static_analysis.sonarqube [pom] 18:42:31 [INFO] dynamic_analysis.zap [pom] 18:42:31 [INFO] coverage.jacoco [pom] 18:42:31 [INFO] 18:42:31 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 18:42:31 [INFO] Building govway 1.0 [1/70] 18:42:31 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:31 [INFO] 18:42:31 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 18:42:31 [INFO] Building dependencies 1.0 [2/70] 18:42:31 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:31 [INFO] 18:42:31 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 18:42:31 [INFO] Building dependencies.ant 1.0 [3/70] 18:42:31 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:32 [INFO] 18:42:32 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 18:42:32 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 18:42:32 [INFO] 18:42:32 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 18:42:34 [INFO] 18:42:34 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 18:42:34 [INFO] Building dependencies.antinstaller 1.0 [4/70] 18:42:34 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:34 [INFO] 18:42:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 18:42:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 18:42:34 [INFO] 18:42:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 18:42:34 [INFO] 18:42:34 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 18:42:34 [INFO] Building dependencies.axiom 1.0 [5/70] 18:42:34 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:34 [INFO] 18:42:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 18:42:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 18:42:34 [INFO] 18:42:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 18:42:34 [INFO] 18:42:34 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 18:42:34 [INFO] Executing tasks 18:42:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 18:42:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 18:42:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 18:42:34 [INFO] Executed tasks 18:42:34 [INFO] 18:42:34 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 18:42:34 [INFO] Building dependencies.bean-validation 1.0 [6/70] 18:42:34 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:34 [INFO] 18:42:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 18:42:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 18:42:34 [INFO] 18:42:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 18:42:34 [INFO] 18:42:34 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 18:42:34 [INFO] Building dependencies.cxf 1.0 [7/70] 18:42:34 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:35 [INFO] 18:42:35 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 18:42:35 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 18:42:35 [INFO] 18:42:35 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 18:42:35 [INFO] 18:42:35 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 18:42:35 [INFO] Executing tasks 18:42:35 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 18:42:35 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 18:42:35 [INFO] Executed tasks 18:42:35 [INFO] 18:42:35 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 18:42:35 [INFO] Building dependencies.commons 1.0 [8/70] 18:42:35 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:35 [INFO] 18:42:35 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 18:42:35 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 18:42:35 [INFO] 18:42:35 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 18:42:35 [INFO] 18:42:35 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 18:42:35 [INFO] Building dependencies.faces 1.0 [9/70] 18:42:35 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 18:42:36 [INFO] 18:42:36 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 18:42:36 [INFO] Building dependencies.git 1.0 [10/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 18:42:36 [INFO] 18:42:36 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 18:42:36 [INFO] Building dependencies.httpcore 1.0 [11/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 18:42:36 [INFO] Executing tasks 18:42:36 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 18:42:36 [INFO] Executed tasks 18:42:36 [INFO] 18:42:36 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 18:42:36 [INFO] Building dependencies.jackson 1.0 [12/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 18:42:36 [INFO] 18:42:36 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 18:42:36 [INFO] Building dependencies.javax 1.0 [13/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 18:42:36 [INFO] 18:42:36 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 18:42:36 [INFO] Building dependencies.jax 1.0 [14/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 18:42:36 [INFO] 18:42:36 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 18:42:36 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 18:42:36 [INFO] 18:42:36 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 18:42:36 [INFO] Executing tasks 18:42:36 [INFO] Executed tasks 18:42:36 [INFO] 18:42:36 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 18:42:36 [INFO] Building dependencies.jetty 1.0 [15/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 18:42:36 [INFO] 18:42:36 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 18:42:36 [INFO] Building dependencies.jminix 1.0 [16/70] 18:42:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:36 [INFO] 18:42:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 18:42:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 18:42:36 [INFO] 18:42:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 18:42:37 [INFO] Executing tasks 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 18:42:37 [INFO] Executed tasks 18:42:37 [INFO] 18:42:37 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 18:42:37 [INFO] Building dependencies.json 1.0 [17/70] 18:42:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 18:42:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 18:42:37 [INFO] 18:42:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 18:42:37 [INFO] Executing tasks 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 18:42:37 [INFO] Executed tasks 18:42:37 [INFO] 18:42:37 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 18:42:37 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 18:42:37 [INFO] 18:42:37 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 18:42:37 [INFO] Building dependencies.log 1.0 [18/70] 18:42:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 18:42:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 18:42:37 [INFO] 18:42:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 18:42:37 [INFO] Executing tasks 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 18:42:37 [INFO] Executed tasks 18:42:37 [INFO] 18:42:37 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 18:42:37 [INFO] Building dependencies.lucene 1.0 [19/70] 18:42:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 18:42:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 18:42:37 [INFO] 18:42:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 18:42:37 [INFO] 18:42:37 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 18:42:37 [INFO] Building dependencies.openapi4j 1.0 [20/70] 18:42:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 18:42:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 18:42:37 [INFO] 18:42:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 18:42:37 [INFO] Executing tasks 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 18:42:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 18:42:37 [INFO] Executed tasks 18:42:37 [INFO] 18:42:37 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 18:42:37 [INFO] Building dependencies.opensaml 1.0 [21/70] 18:42:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 18:42:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 18:42:37 [INFO] 18:42:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 18:42:37 [INFO] 18:42:37 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 18:42:37 [INFO] Building dependencies.pdf 1.0 [22/70] 18:42:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:37 [INFO] 18:42:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 18:42:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 18:42:37 [INFO] 18:42:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 18:42:38 [INFO] 18:42:38 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 18:42:38 [INFO] Building dependencies.redis 1.0 [23/70] 18:42:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 18:42:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 18:42:38 [INFO] 18:42:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 18:42:38 [INFO] 18:42:38 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 18:42:38 [INFO] Building dependencies.reports 1.0 [24/70] 18:42:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 18:42:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 18:42:38 [INFO] 18:42:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 18:42:38 [INFO] 18:42:38 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 18:42:38 [INFO] Building dependencies.saaj 1.0 [25/70] 18:42:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 18:42:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 18:42:38 [INFO] 18:42:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 18:42:38 [INFO] Executing tasks 18:42:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 18:42:38 [INFO] Executed tasks 18:42:38 [INFO] 18:42:38 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 18:42:38 [INFO] Building dependencies.security 1.0 [26/70] 18:42:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 18:42:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 18:42:38 [INFO] 18:42:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 18:42:38 [INFO] Executing tasks 18:42:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 18:42:38 [INFO] Executed tasks 18:42:38 [INFO] 18:42:38 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 18:42:38 [INFO] Building dependencies.shared 1.0 [27/70] 18:42:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:38 [INFO] 18:42:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 18:42:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 18:42:38 [INFO] 18:42:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 18:42:39 [INFO] Executing tasks 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 18:42:39 [INFO] Executed tasks 18:42:39 [INFO] 18:42:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 18:42:39 [INFO] Building dependencies.spring 1.0 [28/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 18:42:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 18:42:39 [INFO] Executing tasks 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 18:42:39 [INFO] Executed tasks 18:42:39 [INFO] 18:42:39 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 18:42:39 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 18:42:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 18:42:39 [INFO] 18:42:39 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 18:42:39 [INFO] Building dependencies.spring-security 1.0 [30/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 18:42:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 18:42:39 [INFO] Executing tasks 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 18:42:39 [INFO] Executed tasks 18:42:39 [INFO] 18:42:39 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 18:42:39 [INFO] Building dependencies.swagger 1.0 [31/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 18:42:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 18:42:39 [INFO] Executing tasks 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 18:42:39 [INFO] Executed tasks 18:42:39 [INFO] 18:42:39 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 18:42:39 [INFO] Building dependencies.wadl 1.0 [32/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 18:42:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 18:42:39 [INFO] 18:42:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 18:42:39 [INFO] Building dependencies.wss4j 1.0 [33/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 18:42:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 18:42:39 [INFO] Executing tasks 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 18:42:39 [INFO] Executed tasks 18:42:39 [INFO] 18:42:39 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 18:42:39 [INFO] Building dependencies.testsuite 1.0 [34/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 18:42:39 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 18:42:39 [INFO] Executing tasks 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 18:42:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 18:42:39 [INFO] Executed tasks 18:42:39 [INFO] 18:42:39 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 18:42:39 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 18:42:39 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:42:39 [INFO] 18:42:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:42:39 [INFO] 18:42:39 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 18:42:39 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 18:42:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:42:40 [INFO] 18:42:40 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 18:42:40 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 18:42:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:42:40 [INFO] 18:42:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:42:41 [INFO] 18:42:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 18:42:41 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 18:42:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:42:41 [INFO] 18:42:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:42:42 [INFO] 18:42:42 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 18:42:42 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:42:42 [INFO] 18:42:42 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 18:42:42 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:42:42 [INFO] 18:42:42 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 18:42:42 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 18:42:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 18:42:42 [INFO] Executing tasks 18:42:42 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 18:42:42 [INFO] Executed tasks 18:42:42 [INFO] 18:42:42 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 18:42:42 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 18:42:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 18:42:42 [INFO] 18:42:42 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 18:42:42 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:42:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:42:42 [INFO] 18:42:42 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 18:42:42 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 18:42:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 18:42:42 [INFO] 18:42:42 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 18:42:42 [INFO] Building dependencies.soapbox 1.0 [60/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 18:42:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 18:42:42 [INFO] 18:42:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 18:42:42 [INFO] 18:42:42 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 18:42:42 [INFO] Building compile 1.0 [61/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 18:42:42 [INFO] Building package 1.0 [62/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 18:42:42 [INFO] Building testsuite.utils 1.0 [63/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 18:42:42 [INFO] Building testsuite.utils.sql 1.0 [64/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 18:42:42 [INFO] Building testsuite.pdd.core 1.0 [65/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 18:42:42 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 18:42:42 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 18:42:42 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 18:42:42 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] 18:42:42 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 18:42:42 [INFO] Building coverage.jacoco 1.0 [70/70] 18:42:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:42 [INFO] ------------------------------------------------------------------------ 18:42:42 [INFO] Reactor Summary for govway 1.0: 18:42:42 [INFO] 18:42:42 [INFO] govway ............................................. SUCCESS [ 0.004 s] 18:42:42 [INFO] dependencies ....................................... SUCCESS [ 0.001 s] 18:42:42 [INFO] dependencies.ant ................................... SUCCESS [ 2.174 s] 18:42:42 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.074 s] 18:42:42 [INFO] dependencies.axiom ................................. SUCCESS [ 0.742 s] 18:42:42 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.090 s] 18:42:42 [INFO] dependencies.cxf ................................... SUCCESS [ 0.679 s] 18:42:42 [INFO] dependencies.commons ............................... SUCCESS [ 0.334 s] 18:42:42 [INFO] dependencies.faces ................................. SUCCESS [ 0.152 s] 18:42:42 [INFO] dependencies.git ................................... SUCCESS [ 0.040 s] 18:42:42 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.164 s] 18:42:42 [INFO] dependencies.jackson ............................... SUCCESS [ 0.131 s] 18:42:42 [INFO] dependencies.javax ................................. SUCCESS [ 0.113 s] 18:42:42 [INFO] dependencies.jax ................................... SUCCESS [ 0.306 s] 18:42:42 [INFO] dependencies.jetty ................................. SUCCESS [ 0.081 s] 18:42:42 [INFO] dependencies.jminix ................................ SUCCESS [ 0.170 s] 18:42:42 [INFO] dependencies.json .................................. SUCCESS [ 0.244 s] 18:42:42 [INFO] dependencies.log ................................... SUCCESS [ 0.204 s] 18:42:42 [INFO] dependencies.lucene ................................ SUCCESS [ 0.079 s] 18:42:42 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.132 s] 18:42:42 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.158 s] 18:42:42 [INFO] dependencies.pdf ................................... SUCCESS [ 0.099 s] 18:42:42 [INFO] dependencies.redis ................................. SUCCESS [ 0.161 s] 18:42:42 [INFO] dependencies.reports ............................... SUCCESS [ 0.165 s] 18:42:42 [INFO] dependencies.saaj .................................. SUCCESS [ 0.123 s] 18:42:42 [INFO] dependencies.security .............................. SUCCESS [ 0.210 s] 18:42:42 [INFO] dependencies.shared ................................ SUCCESS [ 0.578 s] 18:42:42 [INFO] dependencies.spring ................................ SUCCESS [ 0.162 s] 18:42:42 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.015 s] 18:42:42 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.069 s] 18:42:42 [INFO] dependencies.swagger ............................... SUCCESS [ 0.161 s] 18:42:42 [INFO] dependencies.wadl .................................. SUCCESS [ 0.020 s] 18:42:42 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.103 s] 18:42:42 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.000 s] 18:42:42 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.108 s] 18:42:42 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.077 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.090 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.115 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.118 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.138 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.190 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.117 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.115 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.127 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.124 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.122 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.115 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.125 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.124 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.131 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.123 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.148 s] 18:42:42 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.144 s] 18:42:42 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.021 s] 18:42:42 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.288 s] 18:42:42 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.026 s] 18:42:42 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.012 s] 18:42:42 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.043 s] 18:42:42 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.034 s] 18:42:42 [INFO] compile ............................................ SUCCESS [ 0.000 s] 18:42:42 [INFO] package ............................................ SUCCESS [ 0.001 s] 18:42:42 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 18:42:42 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 18:42:42 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.000 s] 18:42:42 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 18:42:42 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 18:42:42 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 18:42:42 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 18:42:42 [INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s] 18:42:42 [INFO] ------------------------------------------------------------------------ 18:42:42 [INFO] BUILD SUCCESS 18:42:42 [INFO] ------------------------------------------------------------------------ 18:42:42 [INFO] Total time: 11.370 s 18:42:42 [INFO] Finished at: 2026-02-11T18:42:42+01:00 18:42:42 [INFO] ------------------------------------------------------------------------ 18:42:42 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dowasp.plugin.autoUpdate=true -Dpackage=none -DossIndexUsername=andrea.poli@link.it -Dcompile=none -Dowasp=verify -Dtestsuite=none -DossIndexPassword=6b31d4937d57ec65ccb3aed4ff8461107c8eeb5a -DnvdApiKey=f8281fbf-3d81-4e4a-9f03-ab68856b336d -Dowasp.plugin.failBuildOnAnyVulnerability=false verify 18:42:44 [INFO] Scanning for projects... 18:42:45 [INFO] ------------------------------------------------------------------------ 18:42:45 [INFO] Reactor Build Order: 18:42:45 [INFO] 18:42:45 [INFO] govway [pom] 18:42:45 [INFO] dependencies [pom] 18:42:45 [INFO] dependencies.ant [pom] 18:42:45 [INFO] dependencies.antinstaller [pom] 18:42:45 [INFO] dependencies.axiom [pom] 18:42:45 [INFO] dependencies.bean-validation [pom] 18:42:45 [INFO] dependencies.cxf [pom] 18:42:45 [INFO] dependencies.commons [pom] 18:42:45 [INFO] dependencies.faces [pom] 18:42:45 [INFO] dependencies.git [pom] 18:42:45 [INFO] dependencies.httpcore [pom] 18:42:45 [INFO] dependencies.jackson [pom] 18:42:45 [INFO] dependencies.javax [pom] 18:42:45 [INFO] dependencies.jax [pom] 18:42:45 [INFO] dependencies.jetty [pom] 18:42:45 [INFO] dependencies.jminix [pom] 18:42:45 [INFO] dependencies.json [pom] 18:42:45 [INFO] dependencies.log [pom] 18:42:45 [INFO] dependencies.lucene [pom] 18:42:45 [INFO] dependencies.openapi4j [pom] 18:42:45 [INFO] dependencies.opensaml [pom] 18:42:45 [INFO] dependencies.pdf [pom] 18:42:45 [INFO] dependencies.redis [pom] 18:42:45 [INFO] dependencies.reports [pom] 18:42:45 [INFO] dependencies.saaj [pom] 18:42:45 [INFO] dependencies.security [pom] 18:42:45 [INFO] dependencies.shared [pom] 18:42:45 [INFO] dependencies.spring [pom] 18:42:45 [INFO] dependencies.spring-ldap [pom] 18:42:45 [INFO] dependencies.spring-security [pom] 18:42:45 [INFO] dependencies.swagger [pom] 18:42:45 [INFO] dependencies.wadl [pom] 18:42:45 [INFO] dependencies.wss4j [pom] 18:42:45 [INFO] dependencies.testsuite [pom] 18:42:45 [INFO] dependencies.testsuite.axis14 [pom] 18:42:45 [INFO] dependencies.testsuite.as [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly9 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly10 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly11 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly12 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly13 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly14 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly15 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly16 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly17 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly18 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly19 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly20 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly21 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly22 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly23 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly24 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly25 [pom] 18:42:45 [INFO] dependencies.testsuite.as.wildfly26 [pom] 18:42:45 [INFO] dependencies.testsuite.as.tomcat9 [pom] 18:42:45 [INFO] dependencies.testsuite.test [pom] 18:42:45 [INFO] dependencies.testsuite.staticAnalysis [pom] 18:42:45 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 18:42:45 [INFO] dependencies.testsuite.coverage [pom] 18:42:45 [INFO] compile [pom] 18:42:45 [INFO] package [pom] 18:42:45 [INFO] testsuite.utils [pom] 18:42:45 [INFO] testsuite.utils.sql [pom] 18:42:45 [INFO] testsuite.pdd.core [pom] 18:42:45 [INFO] testsuite.pdd.core.sql [pom] 18:42:45 [INFO] static_analysis.spotbugs [pom] 18:42:45 [INFO] static_analysis.sonarqube [pom] 18:42:45 [INFO] dynamic_analysis.zap [pom] 18:42:45 [INFO] coverage.jacoco [pom] 18:42:45 [INFO] 18:42:45 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 18:42:45 [INFO] Building govway 1.0 [1/69] 18:42:45 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:45 [INFO] 18:42:45 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 18:42:45 [INFO] Building dependencies 1.0 [2/69] 18:42:45 [INFO] --------------------------------[ pom ]--------------------------------- 18:42:45 [INFO] 18:42:45 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.dependencies --- 18:42:45 [INFO] Executing tasks 18:42:50 [INFO] Executed tasks 18:42:54 [INFO] 18:42:54 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.dependencies --- 18:43:02 [INFO] Checking for updates 18:43:04 [WARNING] NVD API request failures are occurring; retrying request for the 1st time 18:43:05 [INFO] NVD API has 582 records in this update 18:43:06 [INFO] Downloaded 582/582 (100%) 18:43:09 [INFO] Completed processing batch 1/1 (100%) in 3,408ms 18:43:09 [INFO] Updating CISA Known Exploited Vulnerability list: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json 18:43:10 [INFO] Begin database defrag 18:43:22 [INFO] End database defrag (12004 ms) 18:43:22 [INFO] Check for updates complete (19813 ms) 18:43:22 [INFO] 18:43:22 18:43:22 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:43:22 18:43:22 18:43:22 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:43:22 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:43:22 18:43:22 18:43:22 [INFO] Analysis Started 18:43:26 [INFO] Finished Archive Analyzer (3 seconds) 18:43:26 [INFO] Finished File Name Analyzer (0 seconds) 18:43:28 [INFO] Finished Jar Analyzer (2 seconds) 18:43:29 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:43:29 [INFO] Finished Hint Analyzer (0 seconds) 18:43:29 [INFO] Finished Version Filter Analyzer (0 seconds) 18:43:33 [INFO] Created CPE Index (4 seconds) 18:43:42 [INFO] Finished CPE Analyzer (12 seconds) 18:43:42 [INFO] Finished False Positive Analyzer (0 seconds) 18:43:42 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:44:00 [INFO] Finished RetireJS Analyzer (17 seconds) 18:44:05 [INFO] Finished Sonatype OSS Index Analyzer (4 seconds) 18:44:05 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:44:05 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:44:06 [INFO] Finished Dependency Bundling Analyzer (1 seconds) 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:44:06 18:44:06 18:44:06 ## Recommendation 18:44:06 18:44:06 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:44:06 18:44:06 The following template can be used to demonstrate the vulnerability: 18:44:06 ```{{#with "constructor"}} 18:44:06 {{#with split as |a|}} 18:44:06 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:44:06 {{#with (concat (lookup join (slice 0 1)))}} 18:44:06 {{#each (slice 2 3)}} 18:44:06 {{#with (apply 0 a)}} 18:44:06 {{.}} 18:44:06 {{/with}} 18:44:06 {{/each}} 18:44:06 {{/with}} 18:44:06 {{/with}} 18:44:06 {{/with}}``` 18:44:06 18:44:06 18:44:06 ## Recommendation 18:44:06 18:44:06 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:06 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:44:06 [INFO] Analysis Complete (44 seconds) 18:44:07 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 18:44:08 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.html 18:44:09 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.json 18:44:09 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.csv 18:44:09 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.sarif 18:44:09 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-jenkins.html 18:44:09 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-junit.xml 18:44:10 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-gitlab.json 18:44:10 [WARNING] 18:44:10 18:44:10 One or more dependencies were identified with known vulnerabilities in dependencies: 18:44:10 18:44:10 commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 18:44:10 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 18:44:10 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 18:44:10 18:44:10 18:44:10 See the dependency-check report for more details. 18:44:10 18:44:10 18:44:10 [INFO] 18:44:10 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 18:44:10 [INFO] Building dependencies.ant 1.0 [3/69] 18:44:10 [INFO] --------------------------------[ pom ]--------------------------------- 18:44:10 [INFO] 18:44:10 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 18:44:10 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 18:44:10 [INFO] 18:44:10 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 18:44:11 [INFO] 18:44:11 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.ant --- 18:44:11 [INFO] Executing tasks 18:44:16 [INFO] Executed tasks 18:44:16 [INFO] 18:44:16 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.ant --- 18:44:16 [INFO] Checking for updates 18:44:16 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:44:16 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:44:16 [INFO] Check for updates complete (104 ms) 18:44:16 [INFO] 18:44:16 18:44:16 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:44:16 18:44:16 18:44:16 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:44:16 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:44:16 18:44:16 18:44:16 [INFO] Analysis Started 18:44:16 [INFO] Finished Archive Analyzer (0 seconds) 18:44:16 [INFO] Finished File Name Analyzer (0 seconds) 18:44:16 [INFO] Finished Jar Analyzer (0 seconds) 18:44:16 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:44:16 [INFO] Finished Hint Analyzer (0 seconds) 18:44:16 [INFO] Finished Version Filter Analyzer (0 seconds) 18:44:19 [INFO] Created CPE Index (2 seconds) 18:44:19 [INFO] Finished CPE Analyzer (2 seconds) 18:44:19 [INFO] Finished False Positive Analyzer (0 seconds) 18:44:19 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:44:19 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:44:19 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:44:20 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:44:20 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:44:20 18:44:20 18:44:20 ## Recommendation 18:44:20 18:44:20 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:44:20 18:44:20 The following template can be used to demonstrate the vulnerability: 18:44:20 ```{{#with "constructor"}} 18:44:20 {{#with split as |a|}} 18:44:20 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:44:20 {{#with (concat (lookup join (slice 0 1)))}} 18:44:20 {{#each (slice 2 3)}} 18:44:20 {{#with (apply 0 a)}} 18:44:20 {{.}} 18:44:20 {{/with}} 18:44:20 {{/each}} 18:44:20 {{/with}} 18:44:20 {{/with}} 18:44:20 {{/with}}``` 18:44:20 18:44:20 18:44:20 ## Recommendation 18:44:20 18:44:20 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:44:20 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:44:20 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:44:20 [INFO] Analysis Complete (3 seconds) 18:44:20 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:44:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:44:20 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:44:20 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:44:20 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:44:20 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:44:20 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:44:20 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:44:20 [INFO] 18:44:20 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 18:44:20 [INFO] Building dependencies.antinstaller 1.0 [4/69] 18:44:20 [INFO] --------------------------------[ pom ]--------------------------------- 18:44:20 [INFO] 18:44:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 18:44:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 18:44:20 [INFO] 18:44:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 18:44:20 [INFO] 18:44:20 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.antinstaller --- 18:44:20 [INFO] Executing tasks 18:44:25 [INFO] Executed tasks 18:44:25 [INFO] 18:44:25 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.antinstaller --- 18:44:25 [INFO] Checking for updates 18:44:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:44:25 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:44:25 [INFO] Check for updates complete (77 ms) 18:44:26 [INFO] 18:44:26 18:44:26 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:44:26 18:44:26 18:44:26 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:44:26 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:44:26 18:44:26 18:44:26 [INFO] Analysis Started 18:44:26 [INFO] Finished Archive Analyzer (0 seconds) 18:44:26 [INFO] Finished File Name Analyzer (0 seconds) 18:44:26 [INFO] Finished Jar Analyzer (0 seconds) 18:44:26 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:44:26 [INFO] Finished Hint Analyzer (0 seconds) 18:44:26 [INFO] Finished Version Filter Analyzer (0 seconds) 18:44:27 [INFO] Created CPE Index (1 seconds) 18:44:28 [INFO] Finished CPE Analyzer (2 seconds) 18:44:28 [INFO] Finished False Positive Analyzer (0 seconds) 18:44:28 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:44:28 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:44:28 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:44:28 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:44:28 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:44:28 18:44:28 18:44:28 ## Recommendation 18:44:28 18:44:28 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:44:28 18:44:28 The following template can be used to demonstrate the vulnerability: 18:44:28 ```{{#with "constructor"}} 18:44:28 {{#with split as |a|}} 18:44:28 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:44:28 {{#with (concat (lookup join (slice 0 1)))}} 18:44:28 {{#each (slice 2 3)}} 18:44:28 {{#with (apply 0 a)}} 18:44:28 {{.}} 18:44:28 {{/with}} 18:44:28 {{/each}} 18:44:28 {{/with}} 18:44:28 {{/with}} 18:44:28 {{/with}}``` 18:44:28 18:44:28 18:44:28 ## Recommendation 18:44:28 18:44:28 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:44:28 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:44:28 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:44:28 [INFO] Analysis Complete (2 seconds) 18:44:28 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:44:28 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:44:28 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:44:28 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:44:28 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:44:28 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:44:28 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:44:28 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:44:28 [INFO] 18:44:28 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 18:44:28 [INFO] Building dependencies.axiom 1.0 [5/69] 18:44:28 [INFO] --------------------------------[ pom ]--------------------------------- 18:44:28 [INFO] 18:44:28 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 18:44:28 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 18:44:28 [INFO] 18:44:28 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 18:44:28 [INFO] 18:44:28 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 18:44:28 [INFO] Executing tasks 18:44:28 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 18:44:28 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 18:44:28 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 18:44:28 [INFO] Executed tasks 18:44:28 [INFO] 18:44:28 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.axiom --- 18:44:28 [INFO] Executing tasks 18:44:33 [INFO] Executed tasks 18:44:33 [INFO] 18:44:33 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.axiom --- 18:44:33 [INFO] Checking for updates 18:44:33 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:44:33 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:44:34 [INFO] Check for updates complete (74 ms) 18:44:34 [INFO] 18:44:34 18:44:34 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:44:34 18:44:34 18:44:34 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:44:34 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:44:34 18:44:34 18:44:34 [INFO] Analysis Started 18:44:34 [INFO] Finished Archive Analyzer (0 seconds) 18:44:34 [INFO] Finished File Name Analyzer (0 seconds) 18:44:34 [INFO] Finished Jar Analyzer (0 seconds) 18:44:34 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:44:34 [INFO] Finished Hint Analyzer (0 seconds) 18:44:34 [INFO] Finished Version Filter Analyzer (0 seconds) 18:44:35 [INFO] Created CPE Index (1 seconds) 18:44:36 [INFO] Finished CPE Analyzer (1 seconds) 18:44:36 [INFO] Finished False Positive Analyzer (0 seconds) 18:44:36 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:44:36 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:44:36 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:44:36 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:44:36 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:44:36 18:44:36 18:44:36 ## Recommendation 18:44:36 18:44:36 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:44:36 18:44:36 The following template can be used to demonstrate the vulnerability: 18:44:36 ```{{#with "constructor"}} 18:44:36 {{#with split as |a|}} 18:44:36 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:44:36 {{#with (concat (lookup join (slice 0 1)))}} 18:44:36 {{#each (slice 2 3)}} 18:44:36 {{#with (apply 0 a)}} 18:44:36 {{.}} 18:44:36 {{/with}} 18:44:36 {{/each}} 18:44:36 {{/with}} 18:44:36 {{/with}} 18:44:36 {{/with}}``` 18:44:36 18:44:36 18:44:36 ## Recommendation 18:44:36 18:44:36 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:44:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:44:36 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:44:36 [INFO] Analysis Complete (2 seconds) 18:44:36 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:44:36 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:44:36 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:44:36 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:44:36 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:44:36 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:44:36 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:44:36 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:44:36 [INFO] 18:44:36 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 18:44:36 [INFO] Building dependencies.bean-validation 1.0 [6/69] 18:44:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:44:36 [INFO] 18:44:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 18:44:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 18:44:36 [INFO] 18:44:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 18:44:36 [INFO] 18:44:36 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.bean-validation --- 18:44:36 [INFO] Executing tasks 18:44:41 [INFO] Executed tasks 18:44:41 [INFO] 18:44:41 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.bean-validation --- 18:44:41 [INFO] Checking for updates 18:44:41 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:44:41 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:44:41 [INFO] Check for updates complete (72 ms) 18:44:42 [INFO] 18:44:42 18:44:42 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:44:42 18:44:42 18:44:42 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:44:42 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:44:42 18:44:42 18:44:42 [INFO] Analysis Started 18:44:42 [INFO] Finished Archive Analyzer (0 seconds) 18:44:42 [INFO] Finished File Name Analyzer (0 seconds) 18:44:42 [INFO] Finished Jar Analyzer (0 seconds) 18:44:42 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:44:42 [INFO] Finished Hint Analyzer (0 seconds) 18:44:42 [INFO] Finished Version Filter Analyzer (0 seconds) 18:44:43 [INFO] Created CPE Index (1 seconds) 18:44:43 [INFO] Finished CPE Analyzer (1 seconds) 18:44:43 [INFO] Finished False Positive Analyzer (0 seconds) 18:44:43 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:44:43 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:44:43 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:44:43 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:44:43 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:44:43 18:44:43 18:44:43 ## Recommendation 18:44:43 18:44:43 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:44:43 18:44:43 The following template can be used to demonstrate the vulnerability: 18:44:43 ```{{#with "constructor"}} 18:44:43 {{#with split as |a|}} 18:44:43 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:44:43 {{#with (concat (lookup join (slice 0 1)))}} 18:44:43 {{#each (slice 2 3)}} 18:44:43 {{#with (apply 0 a)}} 18:44:43 {{.}} 18:44:43 {{/with}} 18:44:43 {{/each}} 18:44:43 {{/with}} 18:44:43 {{/with}} 18:44:43 {{/with}}``` 18:44:43 18:44:43 18:44:43 ## Recommendation 18:44:43 18:44:43 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:44:43 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:44:43 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:44:43 [INFO] Analysis Complete (1 seconds) 18:44:43 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:44:43 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:44:43 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:44:43 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:44:43 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:44:43 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:44:43 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:44:43 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:44:43 [INFO] 18:44:43 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 18:44:43 [INFO] Building dependencies.cxf 1.0 [7/69] 18:44:43 [INFO] --------------------------------[ pom ]--------------------------------- 18:44:43 [INFO] 18:44:43 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 18:44:43 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 18:44:43 [INFO] 18:44:43 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 18:44:43 [INFO] 18:44:43 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 18:44:44 [INFO] Executing tasks 18:44:44 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 18:44:44 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 18:44:44 [INFO] Executed tasks 18:44:44 [INFO] 18:44:44 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.cxf --- 18:44:44 [INFO] Executing tasks 18:44:49 [INFO] Executed tasks 18:44:49 [INFO] 18:44:49 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.cxf --- 18:44:49 [INFO] Checking for updates 18:44:49 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:44:49 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:44:49 [INFO] Check for updates complete (183 ms) 18:44:49 [INFO] 18:44:49 18:44:49 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:44:49 18:44:49 18:44:49 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:44:49 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:44:49 18:44:49 18:44:49 [INFO] Analysis Started 18:44:49 [INFO] Finished Archive Analyzer (0 seconds) 18:44:49 [INFO] Finished File Name Analyzer (0 seconds) 18:44:50 [INFO] Finished Jar Analyzer (0 seconds) 18:44:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:44:50 [INFO] Finished Hint Analyzer (0 seconds) 18:44:50 [INFO] Finished Version Filter Analyzer (0 seconds) 18:44:51 [INFO] Created CPE Index (1 seconds) 18:44:52 [INFO] Finished CPE Analyzer (2 seconds) 18:44:52 [INFO] Finished False Positive Analyzer (0 seconds) 18:44:52 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:44:52 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:44:52 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:44:52 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:44:52 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:44:52 18:44:52 18:44:52 ## Recommendation 18:44:52 18:44:52 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:44:52 18:44:52 The following template can be used to demonstrate the vulnerability: 18:44:52 ```{{#with "constructor"}} 18:44:52 {{#with split as |a|}} 18:44:52 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:44:52 {{#with (concat (lookup join (slice 0 1)))}} 18:44:52 {{#each (slice 2 3)}} 18:44:52 {{#with (apply 0 a)}} 18:44:52 {{.}} 18:44:52 {{/with}} 18:44:52 {{/each}} 18:44:52 {{/with}} 18:44:52 {{/with}} 18:44:52 {{/with}}``` 18:44:52 18:44:52 18:44:52 ## Recommendation 18:44:52 18:44:52 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:44:52 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:44:52 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:44:52 [INFO] Analysis Complete (2 seconds) 18:44:52 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:44:52 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:44:52 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:44:52 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:44:52 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:44:52 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:44:52 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:44:52 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:44:52 [INFO] 18:44:52 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 18:44:52 [INFO] Building dependencies.commons 1.0 [8/69] 18:44:52 [INFO] --------------------------------[ pom ]--------------------------------- 18:44:52 [INFO] 18:44:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 18:44:52 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 18:44:52 [INFO] 18:44:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 18:44:52 [INFO] 18:44:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.commons --- 18:44:52 [INFO] Executing tasks 18:44:57 [INFO] Executed tasks 18:44:57 [INFO] 18:44:57 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.commons --- 18:44:57 [INFO] Checking for updates 18:44:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:44:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:44:57 [INFO] Check for updates complete (68 ms) 18:44:58 [INFO] 18:44:58 18:44:58 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:44:58 18:44:58 18:44:58 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:44:58 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:44:58 18:44:58 18:44:58 [INFO] Analysis Started 18:44:58 [INFO] Finished Archive Analyzer (0 seconds) 18:44:58 [INFO] Finished File Name Analyzer (0 seconds) 18:44:58 [INFO] Finished Jar Analyzer (0 seconds) 18:44:58 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:44:58 [INFO] Finished Hint Analyzer (0 seconds) 18:44:58 [INFO] Finished Version Filter Analyzer (0 seconds) 18:44:59 [INFO] Created CPE Index (1 seconds) 18:45:00 [INFO] Finished CPE Analyzer (2 seconds) 18:45:00 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:00 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:00 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:00 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:00 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:00 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:00 18:45:00 18:45:00 ## Recommendation 18:45:00 18:45:00 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:00 18:45:00 The following template can be used to demonstrate the vulnerability: 18:45:00 ```{{#with "constructor"}} 18:45:00 {{#with split as |a|}} 18:45:00 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:00 {{#with (concat (lookup join (slice 0 1)))}} 18:45:00 {{#each (slice 2 3)}} 18:45:00 {{#with (apply 0 a)}} 18:45:00 {{.}} 18:45:00 {{/with}} 18:45:00 {{/each}} 18:45:00 {{/with}} 18:45:00 {{/with}} 18:45:00 {{/with}}``` 18:45:00 18:45:00 18:45:00 ## Recommendation 18:45:00 18:45:00 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:00 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:00 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:00 [INFO] Analysis Complete (2 seconds) 18:45:00 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:00 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:00 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:00 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:00 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:00 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:00 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:00 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:00 [WARNING] 18:45:00 18:45:00 One or more dependencies were identified with known vulnerabilities in dependencies.commons: 18:45:00 18:45:00 commons-lang-2.6.jar (pkg:maven/commons-lang/commons-lang@2.6, cpe:2.3:a:apache:commons_lang:2.6:*:*:*:*:*:*:*) : CVE-2025-48924 18:45:00 18:45:00 18:45:00 See the dependency-check report for more details. 18:45:00 18:45:00 18:45:00 [INFO] 18:45:00 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 18:45:00 [INFO] Building dependencies.faces 1.0 [9/69] 18:45:00 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:00 [INFO] 18:45:00 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 18:45:00 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 18:45:00 [INFO] 18:45:00 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 18:45:00 [INFO] 18:45:00 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.faces --- 18:45:00 [INFO] Executing tasks 18:45:05 [INFO] Executed tasks 18:45:05 [INFO] 18:45:05 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.faces --- 18:45:05 [INFO] Checking for updates 18:45:05 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:45:06 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:45:06 [INFO] Check for updates complete (71 ms) 18:45:06 [INFO] 18:45:06 18:45:06 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:45:06 18:45:06 18:45:06 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:45:06 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:45:06 18:45:06 18:45:06 [INFO] Analysis Started 18:45:06 [INFO] Finished Archive Analyzer (0 seconds) 18:45:06 [INFO] Finished File Name Analyzer (0 seconds) 18:45:06 [INFO] Finished Jar Analyzer (0 seconds) 18:45:06 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:45:06 [INFO] Finished Hint Analyzer (0 seconds) 18:45:06 [INFO] Finished Version Filter Analyzer (0 seconds) 18:45:08 [INFO] Created CPE Index (1 seconds) 18:45:08 [INFO] Finished CPE Analyzer (2 seconds) 18:45:08 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:08 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:16 [INFO] Finished RetireJS Analyzer (8 seconds) 18:45:16 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:16 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:16 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:17 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:17 18:45:17 18:45:17 ## Recommendation 18:45:17 18:45:17 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:17 18:45:17 The following template can be used to demonstrate the vulnerability: 18:45:17 ```{{#with "constructor"}} 18:45:17 {{#with split as |a|}} 18:45:17 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:17 {{#with (concat (lookup join (slice 0 1)))}} 18:45:17 {{#each (slice 2 3)}} 18:45:17 {{#with (apply 0 a)}} 18:45:17 {{.}} 18:45:17 {{/with}} 18:45:17 {{/each}} 18:45:17 {{/with}} 18:45:17 {{/with}} 18:45:17 {{/with}}``` 18:45:17 18:45:17 18:45:17 ## Recommendation 18:45:17 18:45:17 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:17 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:17 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:17 [INFO] Analysis Complete (10 seconds) 18:45:17 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:17 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:17 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:17 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:17 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:18 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:18 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:18 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:18 [INFO] 18:45:18 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 18:45:18 [INFO] Building dependencies.git 1.0 [10/69] 18:45:18 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:18 [INFO] 18:45:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 18:45:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 18:45:18 [INFO] 18:45:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 18:45:18 [INFO] 18:45:18 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.git --- 18:45:18 [INFO] Executing tasks 18:45:23 [INFO] Executed tasks 18:45:23 [INFO] 18:45:23 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.git --- 18:45:23 [INFO] Checking for updates 18:45:23 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:45:23 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:45:23 [INFO] Check for updates complete (76 ms) 18:45:23 [INFO] 18:45:23 18:45:23 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:45:23 18:45:23 18:45:23 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:45:23 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:45:23 18:45:23 18:45:23 [INFO] Analysis Started 18:45:23 [INFO] Finished Archive Analyzer (0 seconds) 18:45:23 [INFO] Finished File Name Analyzer (0 seconds) 18:45:23 [INFO] Finished Jar Analyzer (0 seconds) 18:45:23 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:45:23 [INFO] Finished Hint Analyzer (0 seconds) 18:45:23 [INFO] Finished Version Filter Analyzer (0 seconds) 18:45:25 [INFO] Created CPE Index (1 seconds) 18:45:25 [INFO] Finished CPE Analyzer (1 seconds) 18:45:25 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:25 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:25 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:25 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:25 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:25 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:25 18:45:25 18:45:25 ## Recommendation 18:45:25 18:45:25 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:25 18:45:25 The following template can be used to demonstrate the vulnerability: 18:45:25 ```{{#with "constructor"}} 18:45:25 {{#with split as |a|}} 18:45:25 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:25 {{#with (concat (lookup join (slice 0 1)))}} 18:45:25 {{#each (slice 2 3)}} 18:45:25 {{#with (apply 0 a)}} 18:45:25 {{.}} 18:45:25 {{/with}} 18:45:25 {{/each}} 18:45:25 {{/with}} 18:45:25 {{/with}} 18:45:25 {{/with}}``` 18:45:25 18:45:25 18:45:25 ## Recommendation 18:45:25 18:45:25 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:25 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:25 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:25 [INFO] Analysis Complete (2 seconds) 18:45:25 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:25 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:25 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:25 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:25 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:25 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:25 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:25 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:25 [INFO] 18:45:25 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 18:45:25 [INFO] Building dependencies.httpcore 1.0 [11/69] 18:45:25 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:25 [INFO] 18:45:25 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 18:45:25 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 18:45:25 [INFO] 18:45:25 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 18:45:25 [INFO] 18:45:25 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 18:45:25 [INFO] Executing tasks 18:45:25 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 18:45:25 [INFO] Executed tasks 18:45:25 [INFO] 18:45:25 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.httpcore --- 18:45:25 [INFO] Executing tasks 18:45:30 [INFO] Executed tasks 18:45:30 [INFO] 18:45:30 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.httpcore --- 18:45:30 [INFO] Checking for updates 18:45:30 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:45:31 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:45:31 [INFO] Check for updates complete (69 ms) 18:45:31 [INFO] 18:45:31 18:45:31 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:45:31 18:45:31 18:45:31 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:45:31 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:45:31 18:45:31 18:45:31 [INFO] Analysis Started 18:45:31 [INFO] Finished Archive Analyzer (0 seconds) 18:45:31 [INFO] Finished File Name Analyzer (0 seconds) 18:45:31 [INFO] Finished Jar Analyzer (0 seconds) 18:45:31 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:45:31 [INFO] Finished Hint Analyzer (0 seconds) 18:45:31 [INFO] Finished Version Filter Analyzer (0 seconds) 18:45:32 [INFO] Created CPE Index (1 seconds) 18:45:33 [INFO] Finished CPE Analyzer (1 seconds) 18:45:33 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:33 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:33 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:33 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:33 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:33 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:33 18:45:33 18:45:33 ## Recommendation 18:45:33 18:45:33 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:33 18:45:33 The following template can be used to demonstrate the vulnerability: 18:45:33 ```{{#with "constructor"}} 18:45:33 {{#with split as |a|}} 18:45:33 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:33 {{#with (concat (lookup join (slice 0 1)))}} 18:45:33 {{#each (slice 2 3)}} 18:45:33 {{#with (apply 0 a)}} 18:45:33 {{.}} 18:45:33 {{/with}} 18:45:33 {{/each}} 18:45:33 {{/with}} 18:45:33 {{/with}} 18:45:33 {{/with}}``` 18:45:33 18:45:33 18:45:33 ## Recommendation 18:45:33 18:45:33 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:33 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:33 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:33 [INFO] Analysis Complete (1 seconds) 18:45:33 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:33 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:33 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:33 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:33 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:33 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:33 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:33 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:33 [INFO] 18:45:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 18:45:33 [INFO] Building dependencies.jackson 1.0 [12/69] 18:45:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:33 [INFO] 18:45:33 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 18:45:33 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 18:45:33 [INFO] 18:45:33 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 18:45:33 [INFO] 18:45:33 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jackson --- 18:45:33 [INFO] Executing tasks 18:45:38 [INFO] Executed tasks 18:45:38 [INFO] 18:45:38 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.jackson --- 18:45:38 [INFO] Checking for updates 18:45:38 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:45:38 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:45:38 [INFO] Check for updates complete (72 ms) 18:45:38 [INFO] 18:45:38 18:45:38 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:45:38 18:45:38 18:45:38 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:45:38 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:45:38 18:45:38 18:45:38 [INFO] Analysis Started 18:45:38 [INFO] Finished Archive Analyzer (0 seconds) 18:45:38 [INFO] Finished File Name Analyzer (0 seconds) 18:45:38 [INFO] Finished Jar Analyzer (0 seconds) 18:45:38 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:45:38 [INFO] Finished Hint Analyzer (0 seconds) 18:45:38 [INFO] Finished Version Filter Analyzer (0 seconds) 18:45:40 [INFO] Created CPE Index (1 seconds) 18:45:40 [INFO] Finished CPE Analyzer (1 seconds) 18:45:40 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:40 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:40 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:40 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:40 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:40 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:40 18:45:40 18:45:40 ## Recommendation 18:45:40 18:45:40 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:40 18:45:40 The following template can be used to demonstrate the vulnerability: 18:45:40 ```{{#with "constructor"}} 18:45:40 {{#with split as |a|}} 18:45:40 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:40 {{#with (concat (lookup join (slice 0 1)))}} 18:45:40 {{#each (slice 2 3)}} 18:45:40 {{#with (apply 0 a)}} 18:45:40 {{.}} 18:45:40 {{/with}} 18:45:40 {{/each}} 18:45:40 {{/with}} 18:45:40 {{/with}} 18:45:40 {{/with}}``` 18:45:40 18:45:40 18:45:40 ## Recommendation 18:45:40 18:45:40 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:40 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:40 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:40 [INFO] Analysis Complete (2 seconds) 18:45:40 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:40 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:40 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:40 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:40 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:40 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:40 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:40 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:40 [INFO] 18:45:40 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 18:45:40 [INFO] Building dependencies.javax 1.0 [13/69] 18:45:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:40 [INFO] 18:45:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 18:45:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 18:45:40 [INFO] 18:45:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 18:45:40 [INFO] 18:45:40 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.javax --- 18:45:40 [INFO] Executing tasks 18:45:45 [INFO] Executed tasks 18:45:45 [INFO] 18:45:45 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.javax --- 18:45:46 [INFO] Checking for updates 18:45:46 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:45:46 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:45:46 [INFO] Check for updates complete (69 ms) 18:45:46 [INFO] 18:45:46 18:45:46 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:45:46 18:45:46 18:45:46 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:45:46 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:45:46 18:45:46 18:45:46 [INFO] Analysis Started 18:45:46 [INFO] Finished Archive Analyzer (0 seconds) 18:45:46 [INFO] Finished File Name Analyzer (0 seconds) 18:45:46 [INFO] Finished Jar Analyzer (0 seconds) 18:45:46 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:45:46 [INFO] Finished Hint Analyzer (0 seconds) 18:45:46 [INFO] Finished Version Filter Analyzer (0 seconds) 18:45:47 [INFO] Created CPE Index (1 seconds) 18:45:48 [INFO] Finished CPE Analyzer (1 seconds) 18:45:48 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:48 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:48 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:48 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:48 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:48 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:48 18:45:48 18:45:48 ## Recommendation 18:45:48 18:45:48 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:48 18:45:48 The following template can be used to demonstrate the vulnerability: 18:45:48 ```{{#with "constructor"}} 18:45:48 {{#with split as |a|}} 18:45:48 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:48 {{#with (concat (lookup join (slice 0 1)))}} 18:45:48 {{#each (slice 2 3)}} 18:45:48 {{#with (apply 0 a)}} 18:45:48 {{.}} 18:45:48 {{/with}} 18:45:48 {{/each}} 18:45:48 {{/with}} 18:45:48 {{/with}} 18:45:48 {{/with}}``` 18:45:48 18:45:48 18:45:48 ## Recommendation 18:45:48 18:45:48 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:48 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:48 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:48 [INFO] Analysis Complete (2 seconds) 18:45:48 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:48 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:48 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:48 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:48 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:48 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:48 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:48 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:48 [INFO] 18:45:48 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 18:45:48 [INFO] Building dependencies.jax 1.0 [14/69] 18:45:48 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:48 [INFO] 18:45:48 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 18:45:48 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 18:45:48 [INFO] 18:45:48 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 18:45:48 [INFO] 18:45:48 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 18:45:48 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 18:45:48 [INFO] 18:45:48 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 18:45:48 [INFO] Executing tasks 18:45:48 [INFO] Executed tasks 18:45:48 [INFO] 18:45:48 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jax --- 18:45:48 [INFO] Executing tasks 18:45:53 [INFO] Executed tasks 18:45:53 [INFO] 18:45:53 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.jax --- 18:45:54 [INFO] Checking for updates 18:45:54 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:45:54 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:45:54 [INFO] Check for updates complete (71 ms) 18:45:54 [INFO] 18:45:54 18:45:54 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:45:54 18:45:54 18:45:54 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:45:54 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:45:54 18:45:54 18:45:54 [INFO] Analysis Started 18:45:54 [INFO] Finished Archive Analyzer (0 seconds) 18:45:54 [INFO] Finished File Name Analyzer (0 seconds) 18:45:54 [INFO] Finished Jar Analyzer (0 seconds) 18:45:54 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:45:54 [INFO] Finished Hint Analyzer (0 seconds) 18:45:54 [INFO] Finished Version Filter Analyzer (0 seconds) 18:45:55 [INFO] Created CPE Index (1 seconds) 18:45:56 [INFO] Finished CPE Analyzer (1 seconds) 18:45:56 [INFO] Finished False Positive Analyzer (0 seconds) 18:45:56 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:45:56 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:45:56 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:45:56 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:45:56 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:45:56 18:45:56 18:45:56 ## Recommendation 18:45:56 18:45:56 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:45:56 18:45:56 The following template can be used to demonstrate the vulnerability: 18:45:56 ```{{#with "constructor"}} 18:45:56 {{#with split as |a|}} 18:45:56 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:45:56 {{#with (concat (lookup join (slice 0 1)))}} 18:45:56 {{#each (slice 2 3)}} 18:45:56 {{#with (apply 0 a)}} 18:45:56 {{.}} 18:45:56 {{/with}} 18:45:56 {{/each}} 18:45:56 {{/with}} 18:45:56 {{/with}} 18:45:56 {{/with}}``` 18:45:56 18:45:56 18:45:56 ## Recommendation 18:45:56 18:45:56 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:45:56 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:45:56 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:45:56 [INFO] Analysis Complete (1 seconds) 18:45:56 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:45:56 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:45:56 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:45:56 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:45:56 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:45:56 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:45:56 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:45:56 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:45:56 [INFO] 18:45:56 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 18:45:56 [INFO] Building dependencies.jetty 1.0 [15/69] 18:45:56 [INFO] --------------------------------[ pom ]--------------------------------- 18:45:56 [INFO] 18:45:56 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 18:45:56 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 18:45:56 [INFO] 18:45:56 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 18:45:56 [INFO] 18:45:56 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jetty --- 18:45:56 [INFO] Executing tasks 18:46:01 [INFO] Executed tasks 18:46:01 [INFO] 18:46:01 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.jetty --- 18:46:01 [INFO] Checking for updates 18:46:01 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:01 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:01 [INFO] Check for updates complete (70 ms) 18:46:01 [INFO] 18:46:01 18:46:01 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:01 18:46:01 18:46:01 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:01 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:01 18:46:01 18:46:01 [INFO] Analysis Started 18:46:01 [INFO] Finished File Name Analyzer (0 seconds) 18:46:01 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:01 [INFO] Finished Hint Analyzer (0 seconds) 18:46:01 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:03 [INFO] Created CPE Index (1 seconds) 18:46:03 [INFO] Finished CPE Analyzer (1 seconds) 18:46:03 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:03 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:03 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:03 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:03 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:03 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:03 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:03 [INFO] Analysis Complete (1 seconds) 18:46:03 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:03 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:03 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:03 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:03 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:03 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:03 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:03 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:03 [INFO] 18:46:03 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 18:46:03 [INFO] Building dependencies.jminix 1.0 [16/69] 18:46:03 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:03 [INFO] 18:46:03 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 18:46:03 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 18:46:03 [INFO] 18:46:03 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 18:46:03 [INFO] 18:46:03 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 18:46:03 [INFO] Executing tasks 18:46:03 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 18:46:03 [INFO] Executed tasks 18:46:03 [INFO] 18:46:03 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.jminix --- 18:46:03 [INFO] Executing tasks 18:46:08 [INFO] Executed tasks 18:46:08 [INFO] 18:46:08 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.jminix --- 18:46:08 [INFO] Checking for updates 18:46:08 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:08 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:08 [INFO] Check for updates complete (69 ms) 18:46:08 [INFO] 18:46:08 18:46:08 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:08 18:46:08 18:46:08 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:08 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:08 18:46:08 18:46:08 [INFO] Analysis Started 18:46:08 [INFO] Finished Archive Analyzer (0 seconds) 18:46:08 [INFO] Finished File Name Analyzer (0 seconds) 18:46:08 [INFO] Finished Jar Analyzer (0 seconds) 18:46:08 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:08 [INFO] Finished Hint Analyzer (0 seconds) 18:46:08 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:10 [INFO] Created CPE Index (1 seconds) 18:46:10 [INFO] Finished CPE Analyzer (1 seconds) 18:46:10 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:10 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:12 [INFO] Finished RetireJS Analyzer (1 seconds) 18:46:12 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:12 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:12 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:12 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:12 18:46:12 18:46:12 ## Recommendation 18:46:12 18:46:12 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:12 18:46:12 The following template can be used to demonstrate the vulnerability: 18:46:12 ```{{#with "constructor"}} 18:46:12 {{#with split as |a|}} 18:46:12 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:12 {{#with (concat (lookup join (slice 0 1)))}} 18:46:12 {{#each (slice 2 3)}} 18:46:12 {{#with (apply 0 a)}} 18:46:12 {{.}} 18:46:12 {{/with}} 18:46:12 {{/each}} 18:46:12 {{/with}} 18:46:12 {{/with}} 18:46:12 {{/with}}``` 18:46:12 18:46:12 18:46:12 ## Recommendation 18:46:12 18:46:12 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:12 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:12 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:12 [INFO] Analysis Complete (3 seconds) 18:46:12 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:12 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:12 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:12 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:12 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:12 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:12 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:12 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:12 [INFO] 18:46:12 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 18:46:12 [INFO] Building dependencies.json 1.0 [17/69] 18:46:12 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:12 [INFO] 18:46:12 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 18:46:12 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 18:46:12 [INFO] 18:46:12 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 18:46:12 [INFO] 18:46:12 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 18:46:12 [INFO] Executing tasks 18:46:12 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 18:46:12 [INFO] Executed tasks 18:46:12 [INFO] 18:46:12 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 18:46:12 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 18:46:12 [INFO] 18:46:12 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.json --- 18:46:12 [INFO] Executing tasks 18:46:17 [INFO] Executed tasks 18:46:17 [INFO] 18:46:17 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.json --- 18:46:17 [INFO] Checking for updates 18:46:17 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:17 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:17 [INFO] Check for updates complete (71 ms) 18:46:17 [INFO] 18:46:17 18:46:17 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:17 18:46:17 18:46:17 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:17 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:17 18:46:17 18:46:17 [INFO] Analysis Started 18:46:17 [INFO] Finished Archive Analyzer (0 seconds) 18:46:17 [INFO] Finished File Name Analyzer (0 seconds) 18:46:17 [INFO] Finished Jar Analyzer (0 seconds) 18:46:17 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:17 [INFO] Finished Hint Analyzer (0 seconds) 18:46:17 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:19 [INFO] Created CPE Index (1 seconds) 18:46:19 [INFO] Finished CPE Analyzer (1 seconds) 18:46:19 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:19 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:19 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:19 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:19 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:19 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:19 18:46:19 18:46:19 ## Recommendation 18:46:19 18:46:19 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:19 18:46:19 The following template can be used to demonstrate the vulnerability: 18:46:19 ```{{#with "constructor"}} 18:46:19 {{#with split as |a|}} 18:46:19 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:19 {{#with (concat (lookup join (slice 0 1)))}} 18:46:19 {{#each (slice 2 3)}} 18:46:19 {{#with (apply 0 a)}} 18:46:19 {{.}} 18:46:19 {{/with}} 18:46:19 {{/each}} 18:46:19 {{/with}} 18:46:19 {{/with}} 18:46:19 {{/with}}``` 18:46:19 18:46:19 18:46:19 ## Recommendation 18:46:19 18:46:19 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:19 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:19 [INFO] Analysis Complete (1 seconds) 18:46:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:19 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:19 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:19 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:19 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:19 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:19 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:19 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:19 [INFO] 18:46:19 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 18:46:19 [INFO] Building dependencies.log 1.0 [18/69] 18:46:19 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:19 [INFO] 18:46:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 18:46:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 18:46:19 [INFO] 18:46:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 18:46:19 [INFO] 18:46:19 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 18:46:19 [INFO] Executing tasks 18:46:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 18:46:19 [INFO] Executed tasks 18:46:19 [INFO] 18:46:19 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.log --- 18:46:19 [INFO] Executing tasks 18:46:24 [INFO] Executed tasks 18:46:24 [INFO] 18:46:24 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.log --- 18:46:25 [INFO] Checking for updates 18:46:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:25 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:25 [INFO] Check for updates complete (71 ms) 18:46:25 [INFO] 18:46:25 18:46:25 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:25 18:46:25 18:46:25 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:25 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:25 18:46:25 18:46:25 [INFO] Analysis Started 18:46:25 [INFO] Finished Archive Analyzer (0 seconds) 18:46:25 [INFO] Finished File Name Analyzer (0 seconds) 18:46:25 [INFO] Finished Jar Analyzer (0 seconds) 18:46:25 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:25 [INFO] Finished Hint Analyzer (0 seconds) 18:46:25 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:26 [INFO] Created CPE Index (1 seconds) 18:46:27 [INFO] Finished CPE Analyzer (1 seconds) 18:46:27 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:27 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:27 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:27 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:27 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:27 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:27 18:46:27 18:46:27 ## Recommendation 18:46:27 18:46:27 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:27 18:46:27 The following template can be used to demonstrate the vulnerability: 18:46:27 ```{{#with "constructor"}} 18:46:27 {{#with split as |a|}} 18:46:27 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:27 {{#with (concat (lookup join (slice 0 1)))}} 18:46:27 {{#each (slice 2 3)}} 18:46:27 {{#with (apply 0 a)}} 18:46:27 {{.}} 18:46:27 {{/with}} 18:46:27 {{/each}} 18:46:27 {{/with}} 18:46:27 {{/with}} 18:46:27 {{/with}}``` 18:46:27 18:46:27 18:46:27 ## Recommendation 18:46:27 18:46:27 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:27 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:27 [INFO] Analysis Complete (1 seconds) 18:46:27 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:27 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:27 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:27 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:27 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:27 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:27 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:27 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:27 [INFO] 18:46:27 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 18:46:27 [INFO] Building dependencies.lucene 1.0 [19/69] 18:46:27 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:27 [INFO] 18:46:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 18:46:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 18:46:27 [INFO] 18:46:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 18:46:27 [INFO] 18:46:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.lucene --- 18:46:27 [INFO] Executing tasks 18:46:32 [INFO] Executed tasks 18:46:32 [INFO] 18:46:32 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.lucene --- 18:46:32 [INFO] Checking for updates 18:46:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:32 [INFO] Check for updates complete (93 ms) 18:46:32 [INFO] 18:46:32 18:46:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:32 18:46:32 18:46:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:32 18:46:32 18:46:32 [INFO] Analysis Started 18:46:33 [INFO] Finished Archive Analyzer (0 seconds) 18:46:33 [INFO] Finished File Name Analyzer (0 seconds) 18:46:33 [INFO] Finished Jar Analyzer (0 seconds) 18:46:33 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:33 [INFO] Finished Hint Analyzer (0 seconds) 18:46:33 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:34 [INFO] Created CPE Index (1 seconds) 18:46:34 [INFO] Finished CPE Analyzer (1 seconds) 18:46:34 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:34 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:34 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:34 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:34 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:34 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:34 18:46:34 18:46:34 ## Recommendation 18:46:34 18:46:34 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:34 18:46:34 The following template can be used to demonstrate the vulnerability: 18:46:34 ```{{#with "constructor"}} 18:46:34 {{#with split as |a|}} 18:46:34 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:34 {{#with (concat (lookup join (slice 0 1)))}} 18:46:34 {{#each (slice 2 3)}} 18:46:34 {{#with (apply 0 a)}} 18:46:34 {{.}} 18:46:34 {{/with}} 18:46:34 {{/each}} 18:46:34 {{/with}} 18:46:34 {{/with}} 18:46:34 {{/with}}``` 18:46:34 18:46:34 18:46:34 ## Recommendation 18:46:34 18:46:34 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:34 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:34 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:34 [INFO] Analysis Complete (1 seconds) 18:46:34 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:34 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:34 [INFO] 18:46:34 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 18:46:34 [INFO] Building dependencies.openapi4j 1.0 [20/69] 18:46:34 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:34 [INFO] 18:46:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 18:46:34 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 18:46:34 [INFO] 18:46:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 18:46:34 [INFO] 18:46:34 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 18:46:34 [INFO] Executing tasks 18:46:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 18:46:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 18:46:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 18:46:34 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 18:46:34 [INFO] Executed tasks 18:46:34 [INFO] 18:46:34 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.openapi4j --- 18:46:34 [INFO] Executing tasks 18:46:39 [INFO] Executed tasks 18:46:39 [INFO] 18:46:39 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.openapi4j --- 18:46:39 [INFO] Checking for updates 18:46:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:40 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:40 [INFO] Check for updates complete (67 ms) 18:46:40 [INFO] 18:46:40 18:46:40 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:40 18:46:40 18:46:40 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:40 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:40 18:46:40 18:46:40 [INFO] Analysis Started 18:46:40 [INFO] Finished Archive Analyzer (0 seconds) 18:46:40 [INFO] Finished File Name Analyzer (0 seconds) 18:46:40 [INFO] Finished Jar Analyzer (0 seconds) 18:46:40 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:40 [INFO] Finished Hint Analyzer (0 seconds) 18:46:40 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:41 [INFO] Created CPE Index (1 seconds) 18:46:41 [INFO] Finished CPE Analyzer (1 seconds) 18:46:41 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:41 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:41 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:41 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:41 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:41 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:41 18:46:41 18:46:41 ## Recommendation 18:46:41 18:46:41 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:41 18:46:41 The following template can be used to demonstrate the vulnerability: 18:46:41 ```{{#with "constructor"}} 18:46:41 {{#with split as |a|}} 18:46:41 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:41 {{#with (concat (lookup join (slice 0 1)))}} 18:46:41 {{#each (slice 2 3)}} 18:46:41 {{#with (apply 0 a)}} 18:46:41 {{.}} 18:46:41 {{/with}} 18:46:41 {{/each}} 18:46:41 {{/with}} 18:46:41 {{/with}} 18:46:41 {{/with}}``` 18:46:41 18:46:41 18:46:41 ## Recommendation 18:46:41 18:46:41 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:41 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:41 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:41 [INFO] Analysis Complete (1 seconds) 18:46:41 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:42 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:42 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:42 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:42 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:42 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:42 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:42 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:42 [INFO] 18:46:42 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 18:46:42 [INFO] Building dependencies.opensaml 1.0 [21/69] 18:46:42 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:42 [INFO] 18:46:42 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 18:46:42 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 18:46:42 [INFO] 18:46:42 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 18:46:42 [INFO] 18:46:42 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.opensaml --- 18:46:42 [INFO] Executing tasks 18:46:47 [INFO] Executed tasks 18:46:47 [INFO] 18:46:47 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.opensaml --- 18:46:47 [INFO] Checking for updates 18:46:47 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:47 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:47 [INFO] Check for updates complete (217 ms) 18:46:47 [INFO] 18:46:47 18:46:47 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:47 18:46:47 18:46:47 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:47 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:47 18:46:47 18:46:47 [INFO] Analysis Started 18:46:47 [INFO] Finished Archive Analyzer (0 seconds) 18:46:47 [INFO] Finished File Name Analyzer (0 seconds) 18:46:47 [INFO] Finished Jar Analyzer (0 seconds) 18:46:47 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:47 [INFO] Finished Hint Analyzer (0 seconds) 18:46:47 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:49 [INFO] Created CPE Index (1 seconds) 18:46:49 [INFO] Finished CPE Analyzer (1 seconds) 18:46:49 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:49 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:49 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:49 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:49 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:49 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:49 18:46:49 18:46:49 ## Recommendation 18:46:49 18:46:49 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:49 18:46:49 The following template can be used to demonstrate the vulnerability: 18:46:49 ```{{#with "constructor"}} 18:46:49 {{#with split as |a|}} 18:46:49 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:49 {{#with (concat (lookup join (slice 0 1)))}} 18:46:49 {{#each (slice 2 3)}} 18:46:49 {{#with (apply 0 a)}} 18:46:49 {{.}} 18:46:49 {{/with}} 18:46:49 {{/each}} 18:46:49 {{/with}} 18:46:49 {{/with}} 18:46:49 {{/with}}``` 18:46:49 18:46:49 18:46:49 ## Recommendation 18:46:49 18:46:49 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:49 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:49 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:49 [INFO] Analysis Complete (1 seconds) 18:46:49 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:49 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:49 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:49 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:49 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:49 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:49 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:49 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:49 [INFO] 18:46:49 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 18:46:49 [INFO] Building dependencies.pdf 1.0 [22/69] 18:46:49 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:49 [INFO] 18:46:49 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 18:46:49 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 18:46:49 [INFO] 18:46:49 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 18:46:49 [INFO] 18:46:49 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.pdf --- 18:46:49 [INFO] Executing tasks 18:46:54 [INFO] Executed tasks 18:46:54 [INFO] 18:46:54 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.pdf --- 18:46:55 [INFO] Checking for updates 18:46:55 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:46:55 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:46:55 [INFO] Check for updates complete (88 ms) 18:46:55 [INFO] 18:46:55 18:46:55 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:46:55 18:46:55 18:46:55 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:46:55 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:46:55 18:46:55 18:46:55 [INFO] Analysis Started 18:46:55 [INFO] Finished Archive Analyzer (0 seconds) 18:46:55 [INFO] Finished File Name Analyzer (0 seconds) 18:46:55 [INFO] Finished Jar Analyzer (0 seconds) 18:46:55 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:46:55 [INFO] Finished Hint Analyzer (0 seconds) 18:46:55 [INFO] Finished Version Filter Analyzer (0 seconds) 18:46:56 [INFO] Created CPE Index (1 seconds) 18:46:57 [INFO] Finished CPE Analyzer (1 seconds) 18:46:57 [INFO] Finished False Positive Analyzer (0 seconds) 18:46:57 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:46:57 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:46:57 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:46:57 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:46:57 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:46:57 18:46:57 18:46:57 ## Recommendation 18:46:57 18:46:57 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:46:57 18:46:57 The following template can be used to demonstrate the vulnerability: 18:46:57 ```{{#with "constructor"}} 18:46:57 {{#with split as |a|}} 18:46:57 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:46:57 {{#with (concat (lookup join (slice 0 1)))}} 18:46:57 {{#each (slice 2 3)}} 18:46:57 {{#with (apply 0 a)}} 18:46:57 {{.}} 18:46:57 {{/with}} 18:46:57 {{/each}} 18:46:57 {{/with}} 18:46:57 {{/with}} 18:46:57 {{/with}}``` 18:46:57 18:46:57 18:46:57 ## Recommendation 18:46:57 18:46:57 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:46:57 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:46:57 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:46:57 [INFO] Analysis Complete (1 seconds) 18:46:57 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:46:57 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:46:57 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:46:57 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:46:57 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:46:57 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:46:57 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:46:57 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:46:57 [INFO] 18:46:57 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 18:46:57 [INFO] Building dependencies.redis 1.0 [23/69] 18:46:57 [INFO] --------------------------------[ pom ]--------------------------------- 18:46:57 [INFO] 18:46:57 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 18:46:57 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 18:46:57 [INFO] 18:46:57 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 18:46:57 [INFO] 18:46:57 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.redis --- 18:46:57 [INFO] Executing tasks 18:47:02 [INFO] Executed tasks 18:47:02 [INFO] 18:47:02 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.redis --- 18:47:02 [INFO] Checking for updates 18:47:02 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:02 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:02 [INFO] Check for updates complete (86 ms) 18:47:02 [INFO] 18:47:02 18:47:02 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:02 18:47:02 18:47:02 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:02 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:02 18:47:02 18:47:02 [INFO] Analysis Started 18:47:02 [INFO] Finished Archive Analyzer (0 seconds) 18:47:02 [INFO] Finished File Name Analyzer (0 seconds) 18:47:02 [INFO] Finished Jar Analyzer (0 seconds) 18:47:02 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:02 [INFO] Finished Hint Analyzer (0 seconds) 18:47:02 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:04 [INFO] Created CPE Index (1 seconds) 18:47:04 [INFO] Finished CPE Analyzer (1 seconds) 18:47:04 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:04 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:04 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:04 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:04 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:04 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:04 18:47:04 18:47:04 ## Recommendation 18:47:04 18:47:04 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:04 18:47:04 The following template can be used to demonstrate the vulnerability: 18:47:04 ```{{#with "constructor"}} 18:47:04 {{#with split as |a|}} 18:47:04 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:04 {{#with (concat (lookup join (slice 0 1)))}} 18:47:04 {{#each (slice 2 3)}} 18:47:04 {{#with (apply 0 a)}} 18:47:04 {{.}} 18:47:04 {{/with}} 18:47:04 {{/each}} 18:47:04 {{/with}} 18:47:04 {{/with}} 18:47:04 {{/with}}``` 18:47:04 18:47:04 18:47:04 ## Recommendation 18:47:04 18:47:04 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:04 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:04 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:04 [INFO] Analysis Complete (1 seconds) 18:47:04 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:04 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:04 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:04 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:04 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:04 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:04 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:04 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:04 [INFO] 18:47:04 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 18:47:04 [INFO] Building dependencies.reports 1.0 [24/69] 18:47:04 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:04 [INFO] 18:47:04 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 18:47:04 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 18:47:04 [INFO] 18:47:04 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 18:47:04 [INFO] 18:47:04 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.reports --- 18:47:04 [INFO] Executing tasks 18:47:09 [INFO] Executed tasks 18:47:09 [INFO] 18:47:09 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.reports --- 18:47:09 [INFO] Checking for updates 18:47:09 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:09 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:09 [INFO] Check for updates complete (99 ms) 18:47:09 [INFO] 18:47:09 18:47:09 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:09 18:47:09 18:47:09 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:09 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:09 18:47:09 18:47:09 [INFO] Analysis Started 18:47:10 [INFO] Finished Archive Analyzer (0 seconds) 18:47:10 [INFO] Finished File Name Analyzer (0 seconds) 18:47:10 [INFO] Finished Jar Analyzer (0 seconds) 18:47:10 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:10 [INFO] Finished Hint Analyzer (0 seconds) 18:47:10 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:11 [INFO] Created CPE Index (1 seconds) 18:47:11 [INFO] Finished CPE Analyzer (1 seconds) 18:47:11 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:11 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:11 [INFO] Finished RetireJS Analyzer (0 seconds) 18:47:11 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:11 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:11 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:11 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:11 18:47:11 18:47:11 ## Recommendation 18:47:11 18:47:11 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:11 18:47:11 The following template can be used to demonstrate the vulnerability: 18:47:11 ```{{#with "constructor"}} 18:47:11 {{#with split as |a|}} 18:47:11 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:11 {{#with (concat (lookup join (slice 0 1)))}} 18:47:11 {{#each (slice 2 3)}} 18:47:11 {{#with (apply 0 a)}} 18:47:11 {{.}} 18:47:11 {{/with}} 18:47:11 {{/each}} 18:47:11 {{/with}} 18:47:11 {{/with}} 18:47:11 {{/with}}``` 18:47:11 18:47:11 18:47:11 ## Recommendation 18:47:11 18:47:11 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:11 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:11 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:11 [INFO] Analysis Complete (2 seconds) 18:47:11 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:12 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:12 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:12 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:12 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:12 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:12 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:12 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:12 [INFO] 18:47:12 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 18:47:12 [INFO] Building dependencies.saaj 1.0 [25/69] 18:47:12 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:12 [INFO] 18:47:12 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 18:47:12 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 18:47:12 [INFO] 18:47:12 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 18:47:12 [INFO] 18:47:12 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 18:47:12 [INFO] Executing tasks 18:47:12 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 18:47:12 [INFO] Executed tasks 18:47:12 [INFO] 18:47:12 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.saaj --- 18:47:12 [INFO] Executing tasks 18:47:17 [INFO] Executed tasks 18:47:17 [INFO] 18:47:17 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.saaj --- 18:47:17 [INFO] Checking for updates 18:47:17 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:17 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:17 [INFO] Check for updates complete (89 ms) 18:47:17 [INFO] 18:47:17 18:47:17 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:17 18:47:17 18:47:17 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:17 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:17 18:47:17 18:47:17 [INFO] Analysis Started 18:47:17 [INFO] Finished Archive Analyzer (0 seconds) 18:47:17 [INFO] Finished File Name Analyzer (0 seconds) 18:47:17 [INFO] Finished Jar Analyzer (0 seconds) 18:47:17 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:17 [INFO] Finished Hint Analyzer (0 seconds) 18:47:17 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:18 [INFO] Created CPE Index (1 seconds) 18:47:19 [INFO] Finished CPE Analyzer (1 seconds) 18:47:19 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:19 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:19 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:19 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:19 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:19 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:19 18:47:19 18:47:19 ## Recommendation 18:47:19 18:47:19 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:19 18:47:19 The following template can be used to demonstrate the vulnerability: 18:47:19 ```{{#with "constructor"}} 18:47:19 {{#with split as |a|}} 18:47:19 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:19 {{#with (concat (lookup join (slice 0 1)))}} 18:47:19 {{#each (slice 2 3)}} 18:47:19 {{#with (apply 0 a)}} 18:47:19 {{.}} 18:47:19 {{/with}} 18:47:19 {{/each}} 18:47:19 {{/with}} 18:47:19 {{/with}} 18:47:19 {{/with}}``` 18:47:19 18:47:19 18:47:19 ## Recommendation 18:47:19 18:47:19 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:19 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:19 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:19 [INFO] Analysis Complete (1 seconds) 18:47:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:19 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:19 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:19 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:19 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:19 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:19 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:19 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:19 [INFO] 18:47:19 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 18:47:19 [INFO] Building dependencies.security 1.0 [26/69] 18:47:19 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:19 [INFO] 18:47:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 18:47:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 18:47:19 [INFO] 18:47:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 18:47:19 [INFO] 18:47:19 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 18:47:19 [INFO] Executing tasks 18:47:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 18:47:19 [INFO] Executed tasks 18:47:19 [INFO] 18:47:19 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.security --- 18:47:19 [INFO] Executing tasks 18:47:24 [INFO] Executed tasks 18:47:24 [INFO] 18:47:24 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.security --- 18:47:24 [INFO] Checking for updates 18:47:24 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:24 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:24 [INFO] Check for updates complete (100 ms) 18:47:24 [INFO] 18:47:24 18:47:24 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:24 18:47:24 18:47:24 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:24 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:24 18:47:24 18:47:24 [INFO] Analysis Started 18:47:25 [INFO] Finished Archive Analyzer (0 seconds) 18:47:25 [INFO] Finished File Name Analyzer (0 seconds) 18:47:25 [INFO] Finished Jar Analyzer (0 seconds) 18:47:25 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:25 [INFO] Finished Hint Analyzer (0 seconds) 18:47:25 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:26 [INFO] Created CPE Index (1 seconds) 18:47:26 [INFO] Finished CPE Analyzer (1 seconds) 18:47:26 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:27 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:27 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:27 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:27 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:27 18:47:27 18:47:27 ## Recommendation 18:47:27 18:47:27 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:27 18:47:27 The following template can be used to demonstrate the vulnerability: 18:47:27 ```{{#with "constructor"}} 18:47:27 {{#with split as |a|}} 18:47:27 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:27 {{#with (concat (lookup join (slice 0 1)))}} 18:47:27 {{#each (slice 2 3)}} 18:47:27 {{#with (apply 0 a)}} 18:47:27 {{.}} 18:47:27 {{/with}} 18:47:27 {{/each}} 18:47:27 {{/with}} 18:47:27 {{/with}} 18:47:27 {{/with}}``` 18:47:27 18:47:27 18:47:27 ## Recommendation 18:47:27 18:47:27 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:27 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:27 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:27 [INFO] Analysis Complete (2 seconds) 18:47:27 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:27 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:27 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:27 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:27 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:27 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:27 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:27 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:27 [INFO] 18:47:27 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 18:47:27 [INFO] Building dependencies.shared 1.0 [27/69] 18:47:27 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:27 [INFO] 18:47:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 18:47:27 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 18:47:27 [INFO] 18:47:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 18:47:27 [INFO] 18:47:27 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 18:47:27 [INFO] Executing tasks 18:47:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 18:47:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 18:47:27 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 18:47:27 [INFO] Executed tasks 18:47:27 [INFO] 18:47:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.shared --- 18:47:27 [INFO] Executing tasks 18:47:32 [INFO] Executed tasks 18:47:32 [INFO] 18:47:32 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.shared --- 18:47:32 [INFO] Checking for updates 18:47:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:32 [INFO] Check for updates complete (102 ms) 18:47:32 [INFO] 18:47:32 18:47:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:32 18:47:32 18:47:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:32 18:47:32 18:47:32 [INFO] Analysis Started 18:47:33 [INFO] Finished Archive Analyzer (1 seconds) 18:47:33 [INFO] Finished File Name Analyzer (0 seconds) 18:47:34 [INFO] Finished Jar Analyzer (0 seconds) 18:47:34 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:34 [INFO] Finished Hint Analyzer (0 seconds) 18:47:34 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:35 [INFO] Created CPE Index (1 seconds) 18:47:36 [INFO] Finished CPE Analyzer (2 seconds) 18:47:36 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:36 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:36 [INFO] Finished RetireJS Analyzer (0 seconds) 18:47:36 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:36 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:36 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:36 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:36 18:47:36 18:47:36 ## Recommendation 18:47:36 18:47:36 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:36 18:47:36 The following template can be used to demonstrate the vulnerability: 18:47:36 ```{{#with "constructor"}} 18:47:36 {{#with split as |a|}} 18:47:36 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:36 {{#with (concat (lookup join (slice 0 1)))}} 18:47:36 {{#each (slice 2 3)}} 18:47:36 {{#with (apply 0 a)}} 18:47:36 {{.}} 18:47:36 {{/with}} 18:47:36 {{/each}} 18:47:36 {{/with}} 18:47:36 {{/with}} 18:47:36 {{/with}}``` 18:47:36 18:47:36 18:47:36 ## Recommendation 18:47:36 18:47:36 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:36 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:36 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:36 [INFO] Analysis Complete (4 seconds) 18:47:36 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:36 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:36 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:37 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:37 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:37 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:37 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:37 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:37 [INFO] 18:47:37 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 18:47:37 [INFO] Building dependencies.spring 1.0 [28/69] 18:47:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:37 [INFO] 18:47:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 18:47:37 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 18:47:37 [INFO] 18:47:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 18:47:37 [INFO] 18:47:37 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 18:47:37 [INFO] Executing tasks 18:47:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 18:47:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 18:47:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 18:47:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 18:47:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 18:47:37 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 18:47:37 [INFO] Executed tasks 18:47:37 [INFO] 18:47:37 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring --- 18:47:37 [INFO] Executing tasks 18:47:42 [INFO] Executed tasks 18:47:42 [INFO] 18:47:42 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.spring --- 18:47:42 [INFO] Checking for updates 18:47:42 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:42 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:42 [INFO] Check for updates complete (90 ms) 18:47:42 [INFO] 18:47:42 18:47:42 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:42 18:47:42 18:47:42 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:42 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:42 18:47:42 18:47:42 [INFO] Analysis Started 18:47:42 [INFO] Finished Archive Analyzer (0 seconds) 18:47:42 [INFO] Finished File Name Analyzer (0 seconds) 18:47:42 [INFO] Finished Jar Analyzer (0 seconds) 18:47:42 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:42 [INFO] Finished Hint Analyzer (0 seconds) 18:47:42 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:44 [INFO] Created CPE Index (1 seconds) 18:47:44 [INFO] Finished CPE Analyzer (1 seconds) 18:47:44 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:44 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:44 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:44 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:44 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:44 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:44 18:47:44 18:47:44 ## Recommendation 18:47:44 18:47:44 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:44 18:47:44 The following template can be used to demonstrate the vulnerability: 18:47:44 ```{{#with "constructor"}} 18:47:44 {{#with split as |a|}} 18:47:44 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:44 {{#with (concat (lookup join (slice 0 1)))}} 18:47:44 {{#each (slice 2 3)}} 18:47:44 {{#with (apply 0 a)}} 18:47:44 {{.}} 18:47:44 {{/with}} 18:47:44 {{/each}} 18:47:44 {{/with}} 18:47:44 {{/with}} 18:47:44 {{/with}}``` 18:47:44 18:47:44 18:47:44 ## Recommendation 18:47:44 18:47:44 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:44 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:44 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:44 [INFO] Analysis Complete (2 seconds) 18:47:44 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:44 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:44 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:44 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:44 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:44 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:44 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:44 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:44 [WARNING] 18:47:44 18:47:44 One or more dependencies were identified with known vulnerabilities in dependencies.spring: 18:47:44 18:47:44 spring-core-5.3.39.jar (pkg:maven/org.springframework/spring-core@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249, CVE-2025-41242 18:47:44 spring-web-5.3.39.jar (pkg:maven/org.springframework/spring-web@5.3.39, cpe:2.3:a:pivotal_software:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:springsource:spring_framework:5.3.39:*:*:*:*:*:*:*, cpe:2.3:a:vmware:spring_framework:5.3.39:*:*:*:*:*:*:*) : CVE-2025-41249 18:47:44 18:47:44 18:47:44 See the dependency-check report for more details. 18:47:44 18:47:44 18:47:44 [INFO] 18:47:44 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 18:47:44 [INFO] Building dependencies.spring-ldap 1.0 [29/69] 18:47:44 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:44 [INFO] 18:47:44 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 18:47:44 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 18:47:44 [INFO] 18:47:44 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 18:47:44 [INFO] 18:47:44 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-ldap --- 18:47:44 [INFO] Executing tasks 18:47:49 [INFO] Executed tasks 18:47:49 [INFO] 18:47:49 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.spring-ldap --- 18:47:49 [INFO] Checking for updates 18:47:49 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:49 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:49 [INFO] Check for updates complete (91 ms) 18:47:50 [INFO] 18:47:50 18:47:50 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:50 18:47:50 18:47:50 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:50 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:50 18:47:50 18:47:50 [INFO] Analysis Started 18:47:50 [INFO] Finished Archive Analyzer (0 seconds) 18:47:50 [INFO] Finished File Name Analyzer (0 seconds) 18:47:50 [INFO] Finished Jar Analyzer (0 seconds) 18:47:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:50 [INFO] Finished Hint Analyzer (0 seconds) 18:47:50 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:51 [INFO] Created CPE Index (1 seconds) 18:47:51 [INFO] Finished CPE Analyzer (1 seconds) 18:47:51 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:51 18:47:51 18:47:51 ## Recommendation 18:47:51 18:47:51 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:51 18:47:51 The following template can be used to demonstrate the vulnerability: 18:47:51 ```{{#with "constructor"}} 18:47:51 {{#with split as |a|}} 18:47:51 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:51 {{#with (concat (lookup join (slice 0 1)))}} 18:47:51 {{#each (slice 2 3)}} 18:47:51 {{#with (apply 0 a)}} 18:47:51 {{.}} 18:47:51 {{/with}} 18:47:51 {{/each}} 18:47:51 {{/with}} 18:47:51 {{/with}} 18:47:51 {{/with}}``` 18:47:51 18:47:51 18:47:51 ## Recommendation 18:47:51 18:47:51 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:47:51 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:51 [INFO] Analysis Complete (1 seconds) 18:47:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:51 [INFO] 18:47:51 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 18:47:51 [INFO] Building dependencies.spring-security 1.0 [30/69] 18:47:51 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:51 [INFO] 18:47:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 18:47:51 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 18:47:51 [INFO] 18:47:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 18:47:51 [INFO] 18:47:51 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 18:47:51 [INFO] Executing tasks 18:47:51 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 18:47:51 [INFO] Executed tasks 18:47:51 [INFO] 18:47:51 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.spring-security --- 18:47:51 [INFO] Executing tasks 18:47:56 [INFO] Executed tasks 18:47:56 [INFO] 18:47:56 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.spring-security --- 18:47:57 [INFO] Checking for updates 18:47:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:47:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:47:57 [INFO] Check for updates complete (92 ms) 18:47:57 [INFO] 18:47:57 18:47:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:47:57 18:47:57 18:47:57 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:47:57 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:47:57 18:47:57 18:47:57 [INFO] Analysis Started 18:47:57 [INFO] Finished Archive Analyzer (0 seconds) 18:47:57 [INFO] Finished File Name Analyzer (0 seconds) 18:47:57 [INFO] Finished Jar Analyzer (0 seconds) 18:47:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:47:57 [INFO] Finished Hint Analyzer (0 seconds) 18:47:57 [INFO] Finished Version Filter Analyzer (0 seconds) 18:47:58 [INFO] Created CPE Index (1 seconds) 18:47:58 [INFO] Finished CPE Analyzer (1 seconds) 18:47:58 [INFO] Finished False Positive Analyzer (0 seconds) 18:47:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:47:59 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:47:59 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:47:59 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:47:59 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:47:59 18:47:59 18:47:59 ## Recommendation 18:47:59 18:47:59 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:47:59 18:47:59 The following template can be used to demonstrate the vulnerability: 18:47:59 ```{{#with "constructor"}} 18:47:59 {{#with split as |a|}} 18:47:59 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:47:59 {{#with (concat (lookup join (slice 0 1)))}} 18:47:59 {{#each (slice 2 3)}} 18:47:59 {{#with (apply 0 a)}} 18:47:59 {{.}} 18:47:59 {{/with}} 18:47:59 {{/each}} 18:47:59 {{/with}} 18:47:59 {{/with}} 18:47:59 {{/with}}``` 18:47:59 18:47:59 18:47:59 ## Recommendation 18:47:59 18:47:59 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:47:59 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:47:59 [INFO] Analysis Complete (1 seconds) 18:47:59 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:47:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:47:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:47:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:47:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:47:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:47:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:47:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:47:59 [INFO] 18:47:59 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 18:47:59 [INFO] Building dependencies.swagger 1.0 [31/69] 18:47:59 [INFO] --------------------------------[ pom ]--------------------------------- 18:47:59 [INFO] 18:47:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 18:47:59 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 18:47:59 [INFO] 18:47:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 18:47:59 [INFO] 18:47:59 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 18:47:59 [INFO] Executing tasks 18:47:59 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 18:47:59 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 18:47:59 [INFO] Executed tasks 18:47:59 [INFO] 18:47:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.swagger --- 18:47:59 [INFO] Executing tasks 18:48:04 [INFO] Executed tasks 18:48:04 [INFO] 18:48:04 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.swagger --- 18:48:04 [INFO] Checking for updates 18:48:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:04 [INFO] Check for updates complete (90 ms) 18:48:04 [INFO] 18:48:04 18:48:04 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:04 18:48:04 18:48:04 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:04 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:04 18:48:04 18:48:04 [INFO] Analysis Started 18:48:04 [INFO] Finished Archive Analyzer (0 seconds) 18:48:04 [INFO] Finished File Name Analyzer (0 seconds) 18:48:04 [INFO] Finished Jar Analyzer (0 seconds) 18:48:04 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:04 [INFO] Finished Hint Analyzer (0 seconds) 18:48:04 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:06 [INFO] Created CPE Index (1 seconds) 18:48:06 [INFO] Finished CPE Analyzer (1 seconds) 18:48:06 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:16 [INFO] Finished RetireJS Analyzer (10 seconds) 18:48:16 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:16 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:16 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:16 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:48:16 18:48:16 18:48:16 ## Recommendation 18:48:16 18:48:16 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:48:16 18:48:16 The following template can be used to demonstrate the vulnerability: 18:48:16 ```{{#with "constructor"}} 18:48:16 {{#with split as |a|}} 18:48:16 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:48:16 {{#with (concat (lookup join (slice 0 1)))}} 18:48:16 {{#each (slice 2 3)}} 18:48:16 {{#with (apply 0 a)}} 18:48:16 {{.}} 18:48:16 {{/with}} 18:48:16 {{/each}} 18:48:16 {{/with}} 18:48:16 {{/with}} 18:48:16 {{/with}}``` 18:48:16 18:48:16 18:48:16 ## Recommendation 18:48:16 18:48:16 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:48:16 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:48:16 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:16 [INFO] Analysis Complete (12 seconds) 18:48:16 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:48:16 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:48:16 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:48:16 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:48:16 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:48:16 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:48:16 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:48:16 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:48:16 [INFO] 18:48:16 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 18:48:16 [INFO] Building dependencies.wadl 1.0 [32/69] 18:48:16 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:16 [INFO] 18:48:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 18:48:16 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 18:48:16 [INFO] 18:48:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 18:48:16 [INFO] 18:48:16 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wadl --- 18:48:16 [INFO] Executing tasks 18:48:21 [INFO] Executed tasks 18:48:21 [INFO] 18:48:21 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.wadl --- 18:48:21 [INFO] Checking for updates 18:48:21 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:22 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:22 [INFO] Check for updates complete (97 ms) 18:48:22 [INFO] 18:48:22 18:48:22 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:22 18:48:22 18:48:22 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:22 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:22 18:48:22 18:48:22 [INFO] Analysis Started 18:48:22 [INFO] Finished Archive Analyzer (0 seconds) 18:48:22 [INFO] Finished File Name Analyzer (0 seconds) 18:48:22 [INFO] Finished Jar Analyzer (0 seconds) 18:48:22 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:22 [INFO] Finished Hint Analyzer (0 seconds) 18:48:22 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:23 [INFO] Created CPE Index (1 seconds) 18:48:24 [INFO] Finished CPE Analyzer (1 seconds) 18:48:24 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:24 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:24 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:24 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:24 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:24 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:48:24 18:48:24 18:48:24 ## Recommendation 18:48:24 18:48:24 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:48:24 18:48:24 The following template can be used to demonstrate the vulnerability: 18:48:24 ```{{#with "constructor"}} 18:48:24 {{#with split as |a|}} 18:48:24 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:48:24 {{#with (concat (lookup join (slice 0 1)))}} 18:48:24 {{#each (slice 2 3)}} 18:48:24 {{#with (apply 0 a)}} 18:48:24 {{.}} 18:48:24 {{/with}} 18:48:24 {{/each}} 18:48:24 {{/with}} 18:48:24 {{/with}} 18:48:24 {{/with}}``` 18:48:24 18:48:24 18:48:24 ## Recommendation 18:48:24 18:48:24 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:48:24 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:48:24 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:24 [INFO] Analysis Complete (1 seconds) 18:48:24 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:48:24 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:48:24 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:48:24 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:48:24 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:48:24 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:48:24 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:48:24 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:48:24 [INFO] 18:48:24 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 18:48:24 [INFO] Building dependencies.wss4j 1.0 [33/69] 18:48:24 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:24 [INFO] 18:48:24 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 18:48:24 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 18:48:24 [INFO] 18:48:24 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 18:48:24 [INFO] 18:48:24 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 18:48:24 [INFO] Executing tasks 18:48:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 18:48:24 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 18:48:24 [INFO] Executed tasks 18:48:24 [INFO] 18:48:24 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.wss4j --- 18:48:24 [INFO] Executing tasks 18:48:29 [INFO] Executed tasks 18:48:29 [INFO] 18:48:29 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.wss4j --- 18:48:29 [INFO] Checking for updates 18:48:29 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:29 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:29 [INFO] Check for updates complete (88 ms) 18:48:29 [INFO] 18:48:29 18:48:29 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:29 18:48:29 18:48:29 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:29 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:29 18:48:29 18:48:29 [INFO] Analysis Started 18:48:29 [INFO] Finished Archive Analyzer (0 seconds) 18:48:29 [INFO] Finished File Name Analyzer (0 seconds) 18:48:29 [INFO] Finished Jar Analyzer (0 seconds) 18:48:29 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:29 [INFO] Finished Hint Analyzer (0 seconds) 18:48:29 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:31 [INFO] Created CPE Index (1 seconds) 18:48:31 [INFO] Finished CPE Analyzer (1 seconds) 18:48:31 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:31 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:31 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:31 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:31 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:31 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18-gov4j-4.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*swagger-codegen-cli-3.0.18.jar.*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=A prototype pollution vulnerability in handlebars is exploitable if an attacker can control the template, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Denial of service, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Prototype pollution, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Disallow calling helperMissing and blockHelperMissing directly, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1495, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=handlebars issue: 1633, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Affected versions of `handlebars` are vulnerable to Denial of Service. The package's parser may be forced into an endless loop while processing specially-crafted templates. This may allow attackers to exhaust system resources leading to Denial of Service. 18:48:31 18:48:31 18:48:31 ## Recommendation 18:48:31 18:48:31 Upgrade to version 4.4.5 or later., regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.2 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting). 18:48:31 18:48:31 The following template can be used to demonstrate the vulnerability: 18:48:31 ```{{#with "constructor"}} 18:48:31 {{#with split as |a|}} 18:48:31 {{pop (push "alert('Vulnerable Handlebars JS');")}} 18:48:31 {{#with (concat (lookup join (slice 0 1)))}} 18:48:31 {{#each (slice 2 3)}} 18:48:31 {{#with (apply 0 a)}} 18:48:31 {{.}} 18:48:31 {{/with}} 18:48:31 {{/each}} 18:48:31 {{/with}} 18:48:31 {{/with}} 18:48:31 {{/with}}``` 18:48:31 18:48:31 18:48:31 ## Recommendation 18:48:31 18:48:31 Upgrade to version 3.0.8, 4.5.2 or later., regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/handlebars@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=Versions of `handlebars` prior to 3.0.8 or 4.5.3 are vulnerable to Arbitrary Code Execution. The package's lookup helper fails to properly validate templates, allowing attackers to submit templates that execute arbitrary JavaScript in the system. It is due to an incomplete fix for a [previous issue](https://www.npmjs.com/advisories/1316). This vulnerability can be used to run arbitrary code in a server processing Handlebars templates or on a victim's browser (effectively serving as Cross-Site Scripting), regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{filePath=PropertyType{value=.*(struts-core-1.3.10.jar|facelets-taglib-jsf.*-spring-4-gov4j-1.jar|jsf-facelets-1.1.15.jar|richfaces-impl-jsf2-3.3.4.Final.jar|richfaces-impl-3.3.4.Final-gov4j-4.jar|javax.faces-2.4.0.jar|javax.servlet.jsp.jstl-1.2.1.jar|richfaces-ui-3.3.4.Final-gov4j-4.jar).*, regex=true, caseSensitive=false},cvssBelow={10.0,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jQuery 1.x and 2.x are End-of-Life and no longer receiving security updates, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:javascript/jquery@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=jquery issue: 162, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:time_project:time, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-52070, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-22949, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.jfree/jfreechart@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-23076, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2022-0869,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-38752, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-41854, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-1471, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2022-3064,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.yaml/snakeyaml@.*$, regex=true, caseSensitive=false},cve={CVE-2021-4235,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2016-1000027,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring\-web@.*$, regex=true, caseSensitive=false},cve={CVE-2025-41234,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring\-security\-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2020-5408, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xerces/xercesImpl@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2017-10355, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-api@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-common\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-dom@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.commons\.axiom/axiom\-impl@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-beanutils/commons\-beanutils@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-chain/commons\-chain@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-cli/commons\-cli@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-codec/commons\-codec@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-collections/commons\-collections@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-compress@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-csv@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-dbcp2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-digester/commons\-digester@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-discovery/commons\-discovery@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-email@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-fileupload/commons\-fileupload@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-jcs3\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-lang/commons\-lang@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-logging/commons\-logging@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-math3@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.commons/commons\-pool2@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-validator/commons\-validator@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/commons\-io/commons\-io@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-apis/xml\-apis@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xml\-resolver/xml\-resolver@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.ws\.xmlschema/xmlschema\-core@.*$, regex=true, caseSensitive=false},cve={CVE-2021-37533,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2023-5072, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:json-java_project:json-java, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.json/json@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2022-45688, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.apache\.cxf/cxf\-rt\-bindings\-soap@.*$, regex=true, caseSensitive=false},cpe={PropertyType{value=cpe:/a:apache:soap, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/xalan/xalan@.*$, regex=true, caseSensitive=false},cve={CVE-2022-42920,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},cve={CVE-2023-4759,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-4949, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/txw2@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/jaxb-runtime@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/xsom@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.glassfish\.jaxb/codemodel@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/com\.sun\.xml\.bind/jaxb-xjc@.*$, regex=true, caseSensitive=false},cve={CVE-2024-9329,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aop@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-aspects@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-beans@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context-support@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-core@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-expression@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-orm@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-tx@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},cve={CVE-2024-38820,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-context@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22233, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework/spring-web@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2024-38828, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-22228, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/org\.gov4j\.thirdparty\.org\.springframework\.security/spring-security-crypto@.*$, regex=true, caseSensitive=false},cve={CVE-2018-1258,}} 18:48:31 [INFO] Suppression Rule had zero matches: SuppressionRule{packageUrl=PropertyType{value=^pkg:maven/net\.sf\.jasperreports/jasperreports@.*$, regex=true, caseSensitive=false},vulnerabilityName={PropertyType{value=CVE-2025-10492, regex=false, caseSensitive=false},}} 18:48:31 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:31 [INFO] Analysis Complete (1 seconds) 18:48:31 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:48:31 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:48:31 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:48:31 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:48:31 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:48:31 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:48:31 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:48:31 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:48:31 [INFO] 18:48:31 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 18:48:31 [INFO] Building dependencies.testsuite 1.0 [34/69] 18:48:31 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:31 [INFO] 18:48:31 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite --- 18:48:31 [INFO] Executing tasks 18:48:36 [INFO] Executed tasks 18:48:36 [INFO] 18:48:36 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite --- 18:48:36 [INFO] Checking for updates 18:48:36 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:36 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:36 [INFO] Check for updates complete (95 ms) 18:48:37 [INFO] 18:48:37 18:48:37 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:37 18:48:37 18:48:37 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:37 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:37 18:48:37 18:48:37 [INFO] Analysis Started 18:48:37 [INFO] Finished File Name Analyzer (0 seconds) 18:48:37 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:37 [INFO] Finished Hint Analyzer (0 seconds) 18:48:37 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:38 [INFO] Created CPE Index (1 seconds) 18:48:38 [INFO] Finished CPE Analyzer (1 seconds) 18:48:38 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:38 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:38 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:38 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:38 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:38 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:38 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:38 [INFO] Analysis Complete (1 seconds) 18:48:38 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.xml 18:48:38 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.html 18:48:38 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.json 18:48:38 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.csv 18:48:38 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-report.sarif 18:48:38 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-jenkins.html 18:48:38 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-junit.xml 18:48:38 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependency-check-result/dependency-check-gitlab.json 18:48:38 [INFO] 18:48:38 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 18:48:38 [INFO] Building dependencies.testsuite.axis14 1.0 [35/69] 18:48:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:38 [INFO] 18:48:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 18:48:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 18:48:38 [INFO] 18:48:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 18:48:38 [INFO] 18:48:38 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 18:48:38 [INFO] Executing tasks 18:48:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 18:48:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 18:48:38 [INFO] Executed tasks 18:48:38 [INFO] 18:48:38 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.axis14 --- 18:48:38 [INFO] Executing tasks 18:48:43 [INFO] Executed tasks 18:48:43 [INFO] 18:48:43 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.axis14 --- 18:48:43 [INFO] Checking for updates 18:48:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:44 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:44 [INFO] Check for updates complete (95 ms) 18:48:44 [INFO] 18:48:44 18:48:44 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:44 18:48:44 18:48:44 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:44 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:44 18:48:44 18:48:44 [INFO] Analysis Started 18:48:44 [INFO] Finished File Name Analyzer (0 seconds) 18:48:44 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:44 [INFO] Finished Hint Analyzer (0 seconds) 18:48:44 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:45 [INFO] Created CPE Index (1 seconds) 18:48:45 [INFO] Finished CPE Analyzer (1 seconds) 18:48:45 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:45 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:45 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:45 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:45 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:45 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:45 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:45 [INFO] Analysis Complete (1 seconds) 18:48:45 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 18:48:45 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 18:48:45 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 18:48:45 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 18:48:45 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 18:48:45 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 18:48:45 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 18:48:45 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 18:48:45 [INFO] 18:48:45 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 18:48:45 [INFO] Building dependencies.testsuite.as 1.0 [36/69] 18:48:45 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:45 [INFO] 18:48:45 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer --- 18:48:45 [INFO] Executing tasks 18:48:50 [INFO] Executed tasks 18:48:50 [INFO] 18:48:50 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer --- 18:48:51 [INFO] Checking for updates 18:48:51 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:51 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:51 [INFO] Check for updates complete (89 ms) 18:48:51 [INFO] 18:48:51 18:48:51 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:51 18:48:51 18:48:51 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:51 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:51 18:48:51 18:48:51 [INFO] Analysis Started 18:48:51 [INFO] Finished File Name Analyzer (0 seconds) 18:48:51 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:51 [INFO] Finished Hint Analyzer (0 seconds) 18:48:51 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:52 [INFO] Created CPE Index (1 seconds) 18:48:52 [INFO] Finished CPE Analyzer (1 seconds) 18:48:52 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:52 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:52 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:52 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:52 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:52 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:52 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:52 [INFO] Analysis Complete (1 seconds) 18:48:52 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 18:48:52 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 18:48:52 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 18:48:52 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 18:48:52 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 18:48:52 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 18:48:52 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 18:48:52 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 18:48:52 [INFO] 18:48:52 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 18:48:52 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/69] 18:48:52 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:52 [INFO] 18:48:52 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:48:52 [INFO] 18:48:52 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:48:52 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 18:48:52 [INFO] 18:48:52 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:48:52 [INFO] Executing tasks 18:48:57 [INFO] Executed tasks 18:48:57 [INFO] 18:48:57 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:48:58 [INFO] Checking for updates 18:48:58 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:48:58 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:48:58 [INFO] Check for updates complete (89 ms) 18:48:58 [INFO] 18:48:58 18:48:58 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:48:58 18:48:58 18:48:58 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:48:58 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:48:58 18:48:58 18:48:58 [INFO] Analysis Started 18:48:58 [INFO] Finished File Name Analyzer (0 seconds) 18:48:58 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:48:58 [INFO] Finished Hint Analyzer (0 seconds) 18:48:58 [INFO] Finished Version Filter Analyzer (0 seconds) 18:48:59 [INFO] Created CPE Index (1 seconds) 18:48:59 [INFO] Finished CPE Analyzer (1 seconds) 18:48:59 [INFO] Finished False Positive Analyzer (0 seconds) 18:48:59 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:48:59 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:48:59 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:48:59 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:48:59 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:48:59 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:48:59 [INFO] Analysis Complete (1 seconds) 18:48:59 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:48:59 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:48:59 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:48:59 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:48:59 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:48:59 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:48:59 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:48:59 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:48:59 [INFO] 18:48:59 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 18:48:59 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/69] 18:48:59 [INFO] --------------------------------[ pom ]--------------------------------- 18:48:59 [INFO] 18:48:59 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:48:59 [INFO] 18:48:59 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:48:59 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 18:48:59 [INFO] 18:48:59 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:48:59 [INFO] Executing tasks 18:49:04 [INFO] Executed tasks 18:49:04 [INFO] 18:49:04 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:49:05 [INFO] Checking for updates 18:49:05 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:05 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:05 [INFO] Check for updates complete (86 ms) 18:49:05 [INFO] 18:49:05 18:49:05 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:05 18:49:05 18:49:05 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:05 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:05 18:49:05 18:49:05 [INFO] Analysis Started 18:49:05 [INFO] Finished File Name Analyzer (0 seconds) 18:49:05 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:05 [INFO] Finished Hint Analyzer (0 seconds) 18:49:05 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:06 [INFO] Created CPE Index (1 seconds) 18:49:06 [INFO] Finished CPE Analyzer (1 seconds) 18:49:06 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:06 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:06 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:06 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:06 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:06 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:06 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:06 [INFO] Analysis Complete (1 seconds) 18:49:06 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:06 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:06 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:06 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:06 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:06 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:06 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:06 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:06 [INFO] 18:49:06 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 18:49:06 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/69] 18:49:06 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:06 [INFO] 18:49:06 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:49:06 [INFO] 18:49:06 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:49:06 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 18:49:06 [INFO] 18:49:06 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:49:06 [INFO] Executing tasks 18:49:11 [INFO] Executed tasks 18:49:11 [INFO] 18:49:11 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:49:11 [INFO] Checking for updates 18:49:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:12 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:12 [INFO] Check for updates complete (88 ms) 18:49:12 [INFO] 18:49:12 18:49:12 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:12 18:49:12 18:49:12 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:12 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:12 18:49:12 18:49:12 [INFO] Analysis Started 18:49:12 [INFO] Finished File Name Analyzer (0 seconds) 18:49:12 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:12 [INFO] Finished Hint Analyzer (0 seconds) 18:49:12 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:13 [INFO] Created CPE Index (1 seconds) 18:49:13 [INFO] Finished CPE Analyzer (1 seconds) 18:49:13 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:13 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:13 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:13 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:13 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:13 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:13 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:13 [INFO] Analysis Complete (1 seconds) 18:49:13 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:13 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:13 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:13 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:13 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:13 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:13 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:13 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:13 [INFO] 18:49:13 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 18:49:13 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/69] 18:49:13 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:13 [INFO] 18:49:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:49:13 [INFO] 18:49:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:49:13 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 18:49:13 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 18:49:13 [INFO] 18:49:13 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:49:13 [INFO] Executing tasks 18:49:18 [INFO] Executed tasks 18:49:18 [INFO] 18:49:18 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:49:18 [INFO] Checking for updates 18:49:18 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:19 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:19 [INFO] Check for updates complete (90 ms) 18:49:19 [INFO] 18:49:19 18:49:19 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:19 18:49:19 18:49:19 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:19 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:19 18:49:19 18:49:19 [INFO] Analysis Started 18:49:19 [INFO] Finished File Name Analyzer (0 seconds) 18:49:19 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:19 [INFO] Finished Hint Analyzer (0 seconds) 18:49:19 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:20 [INFO] Created CPE Index (1 seconds) 18:49:20 [INFO] Finished CPE Analyzer (1 seconds) 18:49:20 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:20 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:20 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:20 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:20 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:20 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:20 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:20 [INFO] Analysis Complete (1 seconds) 18:49:20 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:20 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:20 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:20 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:20 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:20 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:20 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:20 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:20 [INFO] 18:49:20 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 18:49:20 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/69] 18:49:20 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:20 [INFO] 18:49:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:49:20 [INFO] 18:49:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:49:20 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 18:49:20 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 18:49:20 [INFO] 18:49:20 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:49:20 [INFO] Executing tasks 18:49:25 [INFO] Executed tasks 18:49:25 [INFO] 18:49:25 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:49:25 [INFO] Checking for updates 18:49:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:26 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:26 [INFO] Check for updates complete (95 ms) 18:49:26 [INFO] 18:49:26 18:49:26 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:26 18:49:26 18:49:26 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:26 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:26 18:49:26 18:49:26 [INFO] Analysis Started 18:49:26 [INFO] Finished File Name Analyzer (0 seconds) 18:49:26 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:26 [INFO] Finished Hint Analyzer (0 seconds) 18:49:26 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:27 [INFO] Created CPE Index (1 seconds) 18:49:27 [INFO] Finished CPE Analyzer (1 seconds) 18:49:27 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:27 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:27 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:27 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:27 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:27 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:27 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:27 [INFO] Analysis Complete (1 seconds) 18:49:27 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:27 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:27 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:27 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:27 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:27 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:27 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:27 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:27 [INFO] 18:49:27 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 18:49:27 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/69] 18:49:27 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:27 [INFO] 18:49:27 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:49:27 [INFO] 18:49:27 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:49:27 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 18:49:27 [INFO] 18:49:27 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:49:27 [INFO] Executing tasks 18:49:32 [INFO] Executed tasks 18:49:32 [INFO] 18:49:32 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:49:33 [INFO] Checking for updates 18:49:33 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:33 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:33 [INFO] Check for updates complete (89 ms) 18:49:33 [INFO] 18:49:33 18:49:33 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:33 18:49:33 18:49:33 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:33 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:33 18:49:33 18:49:33 [INFO] Analysis Started 18:49:33 [INFO] Finished File Name Analyzer (0 seconds) 18:49:33 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:33 [INFO] Finished Hint Analyzer (0 seconds) 18:49:33 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:34 [INFO] Created CPE Index (1 seconds) 18:49:34 [INFO] Finished CPE Analyzer (1 seconds) 18:49:34 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:34 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:34 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:34 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:34 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:34 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:34 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:34 [INFO] Analysis Complete (1 seconds) 18:49:34 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:34 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:34 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:34 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:34 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:34 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:34 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:34 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:34 [INFO] 18:49:34 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 18:49:34 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/69] 18:49:34 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:34 [INFO] 18:49:34 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:49:34 [INFO] 18:49:34 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:49:34 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 18:49:34 [INFO] 18:49:34 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:49:34 [INFO] Executing tasks 18:49:39 [INFO] Executed tasks 18:49:39 [INFO] 18:49:39 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:49:39 [INFO] Checking for updates 18:49:39 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:40 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:40 [INFO] Check for updates complete (87 ms) 18:49:40 [INFO] 18:49:40 18:49:40 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:40 18:49:40 18:49:40 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:40 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:40 18:49:40 18:49:40 [INFO] Analysis Started 18:49:40 [INFO] Finished File Name Analyzer (0 seconds) 18:49:40 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:40 [INFO] Finished Hint Analyzer (0 seconds) 18:49:40 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:41 [INFO] Created CPE Index (1 seconds) 18:49:41 [INFO] Finished CPE Analyzer (1 seconds) 18:49:41 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:41 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:41 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:41 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:41 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:41 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:41 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:41 [INFO] Analysis Complete (1 seconds) 18:49:41 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:41 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:41 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:41 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:41 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:41 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:41 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:41 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:41 [INFO] 18:49:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 18:49:41 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/69] 18:49:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:41 [INFO] 18:49:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:49:41 [INFO] 18:49:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:49:41 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 18:49:41 [INFO] 18:49:41 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:49:41 [INFO] Executing tasks 18:49:46 [INFO] Executed tasks 18:49:46 [INFO] 18:49:46 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:49:46 [INFO] Checking for updates 18:49:46 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:47 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:47 [INFO] Check for updates complete (87 ms) 18:49:47 [INFO] 18:49:47 18:49:47 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:47 18:49:47 18:49:47 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:47 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:47 18:49:47 18:49:47 [INFO] Analysis Started 18:49:47 [INFO] Finished File Name Analyzer (0 seconds) 18:49:47 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:47 [INFO] Finished Hint Analyzer (0 seconds) 18:49:47 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:48 [INFO] Created CPE Index (1 seconds) 18:49:48 [INFO] Finished CPE Analyzer (1 seconds) 18:49:48 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:48 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:48 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:48 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:48 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:48 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:48 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:48 [INFO] Analysis Complete (1 seconds) 18:49:48 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:48 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:48 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:48 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:48 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:48 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:48 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:48 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:48 [INFO] 18:49:48 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 18:49:48 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/69] 18:49:48 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:48 [INFO] 18:49:48 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:49:48 [INFO] 18:49:48 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:49:48 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 18:49:48 [INFO] 18:49:48 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:49:48 [INFO] Executing tasks 18:49:53 [INFO] Executed tasks 18:49:53 [INFO] 18:49:53 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:49:53 [INFO] Checking for updates 18:49:53 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:49:54 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:49:54 [INFO] Check for updates complete (87 ms) 18:49:54 [INFO] 18:49:54 18:49:54 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:49:54 18:49:54 18:49:54 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:49:54 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:49:54 18:49:54 18:49:54 [INFO] Analysis Started 18:49:54 [INFO] Finished File Name Analyzer (0 seconds) 18:49:54 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:49:54 [INFO] Finished Hint Analyzer (0 seconds) 18:49:54 [INFO] Finished Version Filter Analyzer (0 seconds) 18:49:55 [INFO] Created CPE Index (1 seconds) 18:49:55 [INFO] Finished CPE Analyzer (1 seconds) 18:49:55 [INFO] Finished False Positive Analyzer (0 seconds) 18:49:55 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:49:55 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:49:55 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:49:55 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:49:55 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:49:55 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:49:55 [INFO] Analysis Complete (1 seconds) 18:49:55 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:49:55 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:49:55 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:49:55 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:49:55 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:49:55 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:49:55 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:49:55 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:49:55 [INFO] 18:49:55 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 18:49:55 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/69] 18:49:55 [INFO] --------------------------------[ pom ]--------------------------------- 18:49:55 [INFO] 18:49:55 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:49:55 [INFO] 18:49:55 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:49:55 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 18:49:55 [INFO] 18:49:55 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:49:55 [INFO] Executing tasks 18:50:00 [INFO] Executed tasks 18:50:00 [INFO] 18:50:00 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:50:01 [INFO] Checking for updates 18:50:01 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:01 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:01 [INFO] Check for updates complete (91 ms) 18:50:01 [INFO] 18:50:01 18:50:01 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:01 18:50:01 18:50:01 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:01 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:01 18:50:01 18:50:01 [INFO] Analysis Started 18:50:01 [INFO] Finished File Name Analyzer (0 seconds) 18:50:01 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:01 [INFO] Finished Hint Analyzer (0 seconds) 18:50:01 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:02 [INFO] Created CPE Index (1 seconds) 18:50:02 [INFO] Finished CPE Analyzer (1 seconds) 18:50:02 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:02 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:02 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:02 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:02 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:02 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:02 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:02 [INFO] Analysis Complete (1 seconds) 18:50:02 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:02 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:02 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:02 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:02 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:02 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:02 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:02 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:02 [INFO] 18:50:02 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 18:50:02 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/69] 18:50:02 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:02 [INFO] 18:50:02 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:50:02 [INFO] 18:50:02 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:50:02 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 18:50:02 [INFO] 18:50:02 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:50:02 [INFO] Executing tasks 18:50:07 [INFO] Executed tasks 18:50:07 [INFO] 18:50:07 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:50:08 [INFO] Checking for updates 18:50:08 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:08 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:08 [INFO] Check for updates complete (89 ms) 18:50:08 [INFO] 18:50:08 18:50:08 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:08 18:50:08 18:50:08 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:08 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:08 18:50:08 18:50:08 [INFO] Analysis Started 18:50:08 [INFO] Finished File Name Analyzer (0 seconds) 18:50:08 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:08 [INFO] Finished Hint Analyzer (0 seconds) 18:50:08 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:09 [INFO] Created CPE Index (1 seconds) 18:50:09 [INFO] Finished CPE Analyzer (1 seconds) 18:50:09 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:09 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:09 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:09 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:09 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:09 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:09 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:09 [INFO] Analysis Complete (1 seconds) 18:50:09 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:09 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:09 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:09 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:09 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:09 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:09 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:09 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:09 [INFO] 18:50:09 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 18:50:09 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/69] 18:50:09 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:09 [INFO] 18:50:09 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:50:09 [INFO] 18:50:09 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:50:09 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 18:50:09 [INFO] 18:50:09 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:50:09 [INFO] Executing tasks 18:50:14 [INFO] Executed tasks 18:50:14 [INFO] 18:50:14 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:50:14 [INFO] Checking for updates 18:50:14 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:15 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:15 [INFO] Check for updates complete (87 ms) 18:50:15 [INFO] 18:50:15 18:50:15 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:15 18:50:15 18:50:15 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:15 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:15 18:50:15 18:50:15 [INFO] Analysis Started 18:50:15 [INFO] Finished File Name Analyzer (0 seconds) 18:50:15 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:15 [INFO] Finished Hint Analyzer (0 seconds) 18:50:15 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:16 [INFO] Created CPE Index (1 seconds) 18:50:16 [INFO] Finished CPE Analyzer (1 seconds) 18:50:16 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:16 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:16 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:16 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:16 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:16 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:16 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:16 [INFO] Analysis Complete (1 seconds) 18:50:16 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:16 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:16 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:16 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:16 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:16 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:16 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:16 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:16 [INFO] 18:50:16 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 18:50:16 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/69] 18:50:16 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:16 [INFO] 18:50:16 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:50:16 [INFO] 18:50:16 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:50:16 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 18:50:16 [INFO] 18:50:16 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:50:16 [INFO] Executing tasks 18:50:21 [INFO] Executed tasks 18:50:21 [INFO] 18:50:21 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:50:21 [INFO] Checking for updates 18:50:21 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:22 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:22 [INFO] Check for updates complete (88 ms) 18:50:22 [INFO] 18:50:22 18:50:22 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:22 18:50:22 18:50:22 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:22 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:22 18:50:22 18:50:22 [INFO] Analysis Started 18:50:22 [INFO] Finished File Name Analyzer (0 seconds) 18:50:22 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:22 [INFO] Finished Hint Analyzer (0 seconds) 18:50:22 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:23 [INFO] Created CPE Index (1 seconds) 18:50:23 [INFO] Finished CPE Analyzer (1 seconds) 18:50:23 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:23 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:23 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:23 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:23 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:23 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:23 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:23 [INFO] Analysis Complete (1 seconds) 18:50:23 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:23 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:23 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:23 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:23 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:23 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:23 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:23 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:23 [INFO] 18:50:23 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 18:50:23 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/69] 18:50:23 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:23 [INFO] 18:50:23 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:50:23 [INFO] 18:50:23 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:50:23 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 18:50:23 [INFO] 18:50:23 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:50:23 [INFO] Executing tasks 18:50:28 [INFO] Executed tasks 18:50:28 [INFO] 18:50:28 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:50:29 [INFO] Checking for updates 18:50:29 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:29 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:29 [INFO] Check for updates complete (86 ms) 18:50:29 [INFO] 18:50:29 18:50:29 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:29 18:50:29 18:50:29 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:29 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:29 18:50:29 18:50:29 [INFO] Analysis Started 18:50:29 [INFO] Finished File Name Analyzer (0 seconds) 18:50:29 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:29 [INFO] Finished Hint Analyzer (0 seconds) 18:50:29 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:30 [INFO] Created CPE Index (1 seconds) 18:50:30 [INFO] Finished CPE Analyzer (1 seconds) 18:50:30 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:30 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:30 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:30 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:30 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:30 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:30 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:30 [INFO] Analysis Complete (1 seconds) 18:50:30 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:30 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:30 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:30 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:30 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:30 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:30 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:30 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:30 [INFO] 18:50:30 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 18:50:30 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/69] 18:50:30 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:30 [INFO] 18:50:30 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:50:30 [INFO] 18:50:30 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:50:30 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 18:50:30 [INFO] 18:50:30 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:50:30 [INFO] Executing tasks 18:50:35 [INFO] Executed tasks 18:50:35 [INFO] 18:50:35 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:50:36 [INFO] Checking for updates 18:50:36 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:36 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:36 [INFO] Check for updates complete (87 ms) 18:50:36 [INFO] 18:50:36 18:50:36 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:36 18:50:36 18:50:36 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:36 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:36 18:50:36 18:50:36 [INFO] Analysis Started 18:50:36 [INFO] Finished File Name Analyzer (0 seconds) 18:50:36 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:36 [INFO] Finished Hint Analyzer (0 seconds) 18:50:36 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:37 [INFO] Created CPE Index (1 seconds) 18:50:37 [INFO] Finished CPE Analyzer (1 seconds) 18:50:37 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:37 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:37 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:37 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:37 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:37 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:37 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:37 [INFO] Analysis Complete (1 seconds) 18:50:37 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:37 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:37 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:37 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:37 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:37 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:37 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:37 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:37 [INFO] 18:50:37 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 18:50:37 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/69] 18:50:37 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:37 [INFO] 18:50:37 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:50:37 [INFO] 18:50:37 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:50:37 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 18:50:37 [INFO] 18:50:37 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:50:37 [INFO] Executing tasks 18:50:42 [INFO] Executed tasks 18:50:42 [INFO] 18:50:42 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:50:43 [INFO] Checking for updates 18:50:43 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:43 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:43 [INFO] Check for updates complete (87 ms) 18:50:43 [INFO] 18:50:43 18:50:43 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:43 18:50:43 18:50:43 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:43 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:43 18:50:43 18:50:43 [INFO] Analysis Started 18:50:43 [INFO] Finished File Name Analyzer (0 seconds) 18:50:43 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:43 [INFO] Finished Hint Analyzer (0 seconds) 18:50:43 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:44 [INFO] Created CPE Index (1 seconds) 18:50:44 [INFO] Finished CPE Analyzer (1 seconds) 18:50:44 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:44 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:44 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:44 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:44 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:44 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:44 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:44 [INFO] Analysis Complete (1 seconds) 18:50:44 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:44 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:44 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:44 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:44 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:44 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:44 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:44 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:44 [INFO] 18:50:44 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 18:50:44 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/69] 18:50:44 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:44 [INFO] 18:50:44 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:50:44 [INFO] 18:50:44 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:50:44 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 18:50:44 [INFO] 18:50:44 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:50:44 [INFO] Executing tasks 18:50:49 [INFO] Executed tasks 18:50:49 [INFO] 18:50:49 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:50:50 [INFO] Checking for updates 18:50:50 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:50 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:50 [INFO] Check for updates complete (88 ms) 18:50:50 [INFO] 18:50:50 18:50:50 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:50 18:50:50 18:50:50 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:50 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:50 18:50:50 18:50:50 [INFO] Analysis Started 18:50:50 [INFO] Finished File Name Analyzer (0 seconds) 18:50:50 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:50 [INFO] Finished Hint Analyzer (0 seconds) 18:50:50 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:51 [INFO] Created CPE Index (1 seconds) 18:50:51 [INFO] Finished CPE Analyzer (1 seconds) 18:50:51 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:51 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:51 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:51 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:51 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:51 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:51 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:51 [INFO] Analysis Complete (1 seconds) 18:50:51 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:51 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:51 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:51 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:51 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:51 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:51 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:51 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:51 [INFO] 18:50:51 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 18:50:51 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/69] 18:50:51 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:51 [INFO] 18:50:51 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:50:51 [INFO] 18:50:51 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:50:51 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 18:50:51 [INFO] 18:50:51 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:50:51 [INFO] Executing tasks 18:50:56 [INFO] Executed tasks 18:50:56 [INFO] 18:50:56 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:50:57 [INFO] Checking for updates 18:50:57 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:50:57 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:50:57 [INFO] Check for updates complete (89 ms) 18:50:57 [INFO] 18:50:57 18:50:57 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:50:57 18:50:57 18:50:57 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:50:57 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:50:57 18:50:57 18:50:57 [INFO] Analysis Started 18:50:57 [INFO] Finished File Name Analyzer (0 seconds) 18:50:57 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:50:57 [INFO] Finished Hint Analyzer (0 seconds) 18:50:57 [INFO] Finished Version Filter Analyzer (0 seconds) 18:50:58 [INFO] Created CPE Index (1 seconds) 18:50:58 [INFO] Finished CPE Analyzer (1 seconds) 18:50:58 [INFO] Finished False Positive Analyzer (0 seconds) 18:50:58 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:50:58 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:50:58 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:50:58 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:50:58 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:50:58 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:50:58 [INFO] Analysis Complete (1 seconds) 18:50:58 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:50:58 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:50:58 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:50:58 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:50:58 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:50:58 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:50:58 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:50:58 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:50:58 [INFO] 18:50:58 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 18:50:58 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/69] 18:50:58 [INFO] --------------------------------[ pom ]--------------------------------- 18:50:58 [INFO] 18:50:58 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:50:58 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 18:50:58 [INFO] 18:50:58 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:50:58 [INFO] 18:50:58 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:50:58 [INFO] Executing tasks 18:51:03 [INFO] Executed tasks 18:51:03 [INFO] 18:51:03 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:51:04 [INFO] Checking for updates 18:51:04 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:51:04 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:51:04 [INFO] Check for updates complete (90 ms) 18:51:04 [INFO] 18:51:04 18:51:04 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:51:04 18:51:04 18:51:04 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:51:04 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:51:04 18:51:04 18:51:04 [INFO] Analysis Started 18:51:04 [INFO] Finished File Name Analyzer (0 seconds) 18:51:04 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:51:04 [INFO] Finished Hint Analyzer (0 seconds) 18:51:04 [INFO] Finished Version Filter Analyzer (0 seconds) 18:51:05 [INFO] Created CPE Index (1 seconds) 18:51:05 [INFO] Finished CPE Analyzer (1 seconds) 18:51:05 [INFO] Finished False Positive Analyzer (0 seconds) 18:51:05 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:51:05 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:51:05 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:51:05 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:51:05 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:51:05 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:51:05 [INFO] Analysis Complete (1 seconds) 18:51:05 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.xml 18:51:05 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.html 18:51:05 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.json 18:51:05 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.csv 18:51:05 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-report.sarif 18:51:05 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-jenkins.html 18:51:05 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-junit.xml 18:51:05 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/testsuite/dependency-check-result/dependency-check-gitlab.json 18:51:05 [INFO] 18:51:05 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 18:51:05 [INFO] Building dependencies.testsuite.test 1.0 [56/69] 18:51:05 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:05 [INFO] 18:51:05 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 18:51:05 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 18:51:05 [INFO] 18:51:05 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 18:51:05 [INFO] 18:51:05 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 18:51:05 [INFO] Executing tasks 18:51:05 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 18:51:05 [INFO] Executed tasks 18:51:05 [INFO] 18:51:05 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.test --- 18:51:06 [INFO] Executing tasks 18:51:11 [INFO] Executed tasks 18:51:11 [INFO] 18:51:11 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.test --- 18:51:11 [INFO] Checking for updates 18:51:11 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:51:11 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:51:11 [INFO] Check for updates complete (187 ms) 18:51:11 [INFO] 18:51:11 18:51:11 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:51:11 18:51:11 18:51:11 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:51:11 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:51:11 18:51:11 18:51:11 [INFO] Analysis Started 18:51:11 [INFO] Finished File Name Analyzer (0 seconds) 18:51:11 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:51:11 [INFO] Finished Hint Analyzer (0 seconds) 18:51:11 [INFO] Finished Version Filter Analyzer (0 seconds) 18:51:12 [INFO] Created CPE Index (1 seconds) 18:51:12 [INFO] Finished CPE Analyzer (1 seconds) 18:51:12 [INFO] Finished False Positive Analyzer (0 seconds) 18:51:12 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:51:12 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:51:12 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:51:12 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:51:12 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:51:12 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:51:12 [INFO] Analysis Complete (1 seconds) 18:51:12 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 18:51:12 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 18:51:12 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 18:51:12 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 18:51:12 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 18:51:12 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 18:51:12 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 18:51:13 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 18:51:13 [INFO] 18:51:13 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 18:51:13 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/69] 18:51:13 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:13 [INFO] 18:51:13 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 18:51:13 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 18:51:13 [INFO] 18:51:13 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 18:51:13 [INFO] 18:51:13 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.staticAnalysis --- 18:51:13 [INFO] Executing tasks 18:51:18 [INFO] Executed tasks 18:51:18 [INFO] 18:51:18 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.staticAnalysis --- 18:51:18 [INFO] Checking for updates 18:51:18 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:51:18 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:51:18 [INFO] Check for updates complete (92 ms) 18:51:18 [INFO] 18:51:18 18:51:18 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:51:18 18:51:18 18:51:18 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:51:18 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:51:18 18:51:18 18:51:18 [INFO] Analysis Started 18:51:18 [INFO] Finished File Name Analyzer (0 seconds) 18:51:18 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:51:18 [INFO] Finished Hint Analyzer (0 seconds) 18:51:18 [INFO] Finished Version Filter Analyzer (0 seconds) 18:51:19 [INFO] Created CPE Index (1 seconds) 18:51:19 [INFO] Finished CPE Analyzer (1 seconds) 18:51:19 [INFO] Finished False Positive Analyzer (0 seconds) 18:51:19 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:51:19 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:51:19 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:51:19 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:51:19 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:51:19 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:51:19 [INFO] Analysis Complete (1 seconds) 18:51:19 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 18:51:19 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 18:51:19 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 18:51:19 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 18:51:19 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 18:51:19 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 18:51:19 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 18:51:19 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 18:51:20 [INFO] 18:51:20 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 18:51:20 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/69] 18:51:20 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:20 [INFO] 18:51:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:51:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 18:51:20 [INFO] 18:51:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:51:20 [INFO] 18:51:20 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:51:20 [INFO] Executing tasks 18:51:25 [INFO] Executed tasks 18:51:25 [INFO] 18:51:25 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:51:25 [INFO] Checking for updates 18:51:25 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:51:25 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:51:25 [INFO] Check for updates complete (98 ms) 18:51:25 [INFO] 18:51:25 18:51:25 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:51:25 18:51:25 18:51:25 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:51:25 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:51:25 18:51:25 18:51:25 [INFO] Analysis Started 18:51:25 [INFO] Finished File Name Analyzer (0 seconds) 18:51:25 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:51:25 [INFO] Finished Hint Analyzer (0 seconds) 18:51:25 [INFO] Finished Version Filter Analyzer (0 seconds) 18:51:26 [INFO] Created CPE Index (1 seconds) 18:51:26 [INFO] Finished CPE Analyzer (1 seconds) 18:51:26 [INFO] Finished False Positive Analyzer (0 seconds) 18:51:26 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:51:26 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:51:26 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:51:26 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:51:26 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:51:26 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:51:26 [INFO] Analysis Complete (1 seconds) 18:51:26 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 18:51:26 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 18:51:26 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 18:51:26 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 18:51:26 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 18:51:26 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 18:51:26 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 18:51:26 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 18:51:26 [INFO] 18:51:26 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 18:51:26 [INFO] Building dependencies.testsuite.coverage 1.0 [59/69] 18:51:26 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:26 [INFO] 18:51:26 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 18:51:26 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 18:51:26 [INFO] 18:51:26 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 18:51:26 [INFO] 18:51:26 [INFO] --- maven-antrun-plugin:3.1.0:run (sleep-for-a-while) @ org.openspcoop2.testsuite.coverage --- 18:51:27 [INFO] Executing tasks 18:51:32 [INFO] Executed tasks 18:51:32 [INFO] 18:51:32 [INFO] --- dependency-check-maven:12.2.0:aggregate (check owasp) @ org.openspcoop2.testsuite.coverage --- 18:51:32 [INFO] Checking for updates 18:51:32 [INFO] Skipping the NVD API Update as it was completed within the last 240 minutes 18:51:32 [INFO] Skipping Known Exploited Vulnerabilities update check since last check was within 24 hours. 18:51:32 [INFO] Check for updates complete (94 ms) 18:51:32 [INFO] 18:51:32 18:51:32 Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user's risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report. 18:51:32 18:51:32 18:51:32 About ODC: https://dependency-check.github.io/DependencyCheck/general/internals.html 18:51:32 False Positives: https://dependency-check.github.io/DependencyCheck/general/suppression.html 18:51:32 18:51:32 18:51:32 [INFO] Analysis Started 18:51:32 [INFO] Finished File Name Analyzer (0 seconds) 18:51:32 [INFO] Finished Dependency Merging Analyzer (0 seconds) 18:51:32 [INFO] Finished Hint Analyzer (0 seconds) 18:51:32 [INFO] Finished Version Filter Analyzer (0 seconds) 18:51:33 [INFO] Created CPE Index (1 seconds) 18:51:33 [INFO] Finished CPE Analyzer (1 seconds) 18:51:33 [INFO] Finished False Positive Analyzer (0 seconds) 18:51:33 [INFO] Finished NVD CVE Analyzer (0 seconds) 18:51:33 [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) 18:51:33 [INFO] Finished Vulnerability Suppression Analyzer (0 seconds) 18:51:33 [INFO] Finished Known Exploited Vulnerability Analyzer (0 seconds) 18:51:33 [INFO] Finished Dependency Bundling Analyzer (0 seconds) 18:51:33 [INFO] Finished Unused Suppression Rule Analyzer (0 seconds) 18:51:33 [INFO] Analysis Complete (1 seconds) 18:51:33 [INFO] Writing XML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.xml 18:51:33 [INFO] Writing HTML report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.html 18:51:33 [INFO] Writing JSON report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.json 18:51:33 [INFO] Writing CSV report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.csv 18:51:33 [INFO] Writing SARIF report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-report.sarif 18:51:33 [INFO] Writing JENKINS report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-jenkins.html 18:51:33 [INFO] Writing JUNIT report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-junit.xml 18:51:33 [INFO] Writing GITLAB report to: /var/lib/jenkins/workspace/GovWay/mvn/dependencies/dependency-check-result/dependency-check-gitlab.json 18:51:33 [INFO] 18:51:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 18:51:33 [INFO] Building compile 1.0 [60/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 18:51:33 [INFO] Building package 1.0 [61/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 18:51:33 [INFO] Building testsuite.utils 1.0 [62/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 18:51:33 [INFO] Building testsuite.utils.sql 1.0 [63/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 18:51:33 [INFO] Building testsuite.pdd.core 1.0 [64/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 18:51:33 [INFO] Building testsuite.pdd.core.sql 1.0 [65/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 18:51:33 [INFO] Building static_analysis.spotbugs 1.0 [66/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 18:51:33 [INFO] Building static_analysis.sonarqube 1.0 [67/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 18:51:33 [INFO] Building dynamic_analysis.zap 1.0 [68/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] 18:51:33 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 18:51:33 [INFO] Building coverage.jacoco 1.0 [69/69] 18:51:33 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:33 [INFO] ------------------------------------------------------------------------ 18:51:33 [INFO] Reactor Summary for govway 1.0: 18:51:33 [INFO] 18:51:33 [INFO] govway ............................................. SUCCESS [ 0.004 s] 18:51:33 [INFO] dependencies ....................................... SUCCESS [01:25 min] 18:51:33 [INFO] dependencies.ant ................................... SUCCESS [ 10.183 s] 18:51:33 [INFO] dependencies.antinstaller .......................... SUCCESS [ 8.160 s] 18:51:33 [INFO] dependencies.axiom ................................. SUCCESS [ 7.971 s] 18:51:33 [INFO] dependencies.bean-validation ....................... SUCCESS [ 7.361 s] 18:51:33 [INFO] dependencies.cxf ................................... SUCCESS [ 8.675 s] 18:51:33 [INFO] dependencies.commons ............................... SUCCESS [ 8.160 s] 18:51:33 [INFO] dependencies.faces ................................. SUCCESS [ 17.432 s] 18:51:33 [INFO] dependencies.git ................................... SUCCESS [ 7.577 s] 18:51:33 [INFO] dependencies.httpcore .............................. SUCCESS [ 7.509 s] 18:51:33 [INFO] dependencies.jackson ............................... SUCCESS [ 7.619 s] 18:51:33 [INFO] dependencies.javax ................................. SUCCESS [ 7.789 s] 18:51:33 [INFO] dependencies.jax ................................... SUCCESS [ 7.689 s] 18:51:33 [INFO] dependencies.jetty ................................. SUCCESS [ 7.073 s] 18:51:33 [INFO] dependencies.jminix ................................ SUCCESS [ 8.851 s] 18:51:33 [INFO] dependencies.json .................................. SUCCESS [ 7.527 s] 18:51:33 [INFO] dependencies.log ................................... SUCCESS [ 7.462 s] 18:51:33 [INFO] dependencies.lucene ................................ SUCCESS [ 7.484 s] 18:51:33 [INFO] dependencies.openapi4j ............................. SUCCESS [ 7.305 s] 18:51:33 [INFO] dependencies.opensaml .............................. SUCCESS [ 7.760 s] 18:51:33 [INFO] dependencies.pdf ................................... SUCCESS [ 7.334 s] 18:51:33 [INFO] dependencies.redis ................................. SUCCESS [ 7.325 s] 18:51:33 [INFO] dependencies.reports ............................... SUCCESS [ 7.618 s] 18:51:33 [INFO] dependencies.saaj .................................. SUCCESS [ 7.242 s] 18:51:33 [INFO] dependencies.security .............................. SUCCESS [ 7.814 s] 18:51:33 [INFO] dependencies.shared ................................ SUCCESS [ 9.884 s] 18:51:33 [INFO] dependencies.spring ................................ SUCCESS [ 7.632 s] 18:51:33 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 7.171 s] 18:51:33 [INFO] dependencies.spring-security ....................... SUCCESS [ 7.312 s] 18:51:33 [INFO] dependencies.swagger ............................... SUCCESS [ 17.623 s] 18:51:33 [INFO] dependencies.wadl .................................. SUCCESS [ 7.481 s] 18:51:33 [INFO] dependencies.wss4j ................................. SUCCESS [ 7.291 s] 18:51:33 [INFO] dependencies.testsuite ............................. SUCCESS [ 7.204 s] 18:51:33 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 7.093 s] 18:51:33 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 7.041 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 6.987 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 6.963 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 6.978 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 6.995 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 7.023 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 7.011 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 6.962 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 6.983 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 7.058 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 6.988 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 6.975 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 6.950 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 7.120 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 7.005 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 7.038 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 6.949 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 7.003 s] 18:51:33 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 6.959 s] 18:51:33 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 7.034 s] 18:51:33 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 7.126 s] 18:51:33 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 6.958 s] 18:51:33 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 6.973 s] 18:51:33 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 6.958 s] 18:51:33 [INFO] compile ............................................ SUCCESS [ 0.000 s] 18:51:33 [INFO] package ............................................ SUCCESS [ 0.001 s] 18:51:33 [INFO] testsuite.utils .................................... SUCCESS [ 0.001 s] 18:51:33 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.000 s] 18:51:33 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 18:51:33 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 18:51:33 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.001 s] 18:51:33 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.000 s] 18:51:33 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.001 s] 18:51:33 [INFO] coverage.jacoco .................................... SUCCESS [ 0.000 s] 18:51:33 [INFO] ------------------------------------------------------------------------ 18:51:33 [INFO] BUILD SUCCESS 18:51:33 [INFO] ------------------------------------------------------------------------ 18:51:33 [INFO] Total time: 08:49 min 18:51:33 [INFO] Finished at: 2026-02-11T18:51:33+01:00 18:51:33 [INFO] ------------------------------------------------------------------------ 18:51:34 [GovWay] $ /bin/bash /tmp/jenkins16284216991651572615.sh 18:51:34 Pubblicazione risultati dependency check ... 18:51:34 cp: cannot create directory ‘/opt/apache-tomcat-9.0.91/webapps/dependency-check/result’: No such file or directory 18:51:34 Pubblicazione risultati dependency check effettuata 18:51:34 Pubblicazione installer su risultati testsuite ... 18:51:34 Pubblicazione installer su risultati testsuite effettuata 18:51:34 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage=none -Dcompile=compile -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true compile 18:51:36 [INFO] Scanning for projects... 18:51:36 [INFO] ------------------------------------------------------------------------ 18:51:36 [INFO] Reactor Build Order: 18:51:36 [INFO] 18:51:36 [INFO] govway [pom] 18:51:36 [INFO] dependencies [pom] 18:51:36 [INFO] dependencies.ant [pom] 18:51:36 [INFO] dependencies.antinstaller [pom] 18:51:36 [INFO] dependencies.axiom [pom] 18:51:36 [INFO] dependencies.bean-validation [pom] 18:51:36 [INFO] dependencies.cxf [pom] 18:51:36 [INFO] dependencies.commons [pom] 18:51:36 [INFO] dependencies.faces [pom] 18:51:36 [INFO] dependencies.git [pom] 18:51:36 [INFO] dependencies.httpcore [pom] 18:51:36 [INFO] dependencies.jackson [pom] 18:51:36 [INFO] dependencies.javax [pom] 18:51:36 [INFO] dependencies.jax [pom] 18:51:36 [INFO] dependencies.jetty [pom] 18:51:36 [INFO] dependencies.jminix [pom] 18:51:36 [INFO] dependencies.json [pom] 18:51:36 [INFO] dependencies.log [pom] 18:51:36 [INFO] dependencies.lucene [pom] 18:51:36 [INFO] dependencies.openapi4j [pom] 18:51:36 [INFO] dependencies.opensaml [pom] 18:51:36 [INFO] dependencies.pdf [pom] 18:51:36 [INFO] dependencies.redis [pom] 18:51:36 [INFO] dependencies.reports [pom] 18:51:36 [INFO] dependencies.saaj [pom] 18:51:36 [INFO] dependencies.security [pom] 18:51:36 [INFO] dependencies.shared [pom] 18:51:36 [INFO] dependencies.spring [pom] 18:51:36 [INFO] dependencies.spring-ldap [pom] 18:51:36 [INFO] dependencies.spring-security [pom] 18:51:36 [INFO] dependencies.swagger [pom] 18:51:36 [INFO] dependencies.wadl [pom] 18:51:36 [INFO] dependencies.wss4j [pom] 18:51:36 [INFO] dependencies.testsuite [pom] 18:51:36 [INFO] dependencies.testsuite.axis14 [pom] 18:51:36 [INFO] dependencies.testsuite.as [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly9 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly10 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly11 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly12 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly13 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly14 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly15 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly16 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly17 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly18 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly19 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly20 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly21 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly22 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly23 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly24 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly25 [pom] 18:51:36 [INFO] dependencies.testsuite.as.wildfly26 [pom] 18:51:36 [INFO] dependencies.testsuite.as.tomcat9 [pom] 18:51:36 [INFO] dependencies.testsuite.test [pom] 18:51:36 [INFO] dependencies.testsuite.staticAnalysis [pom] 18:51:36 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 18:51:36 [INFO] dependencies.testsuite.coverage [pom] 18:51:36 [INFO] dependencies.soapbox [pom] 18:51:36 [INFO] compile [pom] 18:51:36 [INFO] package [pom] 18:51:36 [INFO] testsuite.utils [pom] 18:51:36 [INFO] testsuite.utils.sql [pom] 18:51:36 [INFO] testsuite.pdd.core [pom] 18:51:36 [INFO] testsuite.pdd.core.sql [pom] 18:51:36 [INFO] static_analysis.spotbugs [pom] 18:51:36 [INFO] static_analysis.sonarqube [pom] 18:51:36 [INFO] dynamic_analysis.zap [pom] 18:51:36 [INFO] coverage.jacoco [pom] 18:51:36 [INFO] 18:51:36 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 18:51:36 [INFO] Building govway 1.0 [1/70] 18:51:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:36 [INFO] 18:51:36 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 18:51:36 [INFO] Building dependencies 1.0 [2/70] 18:51:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:36 [INFO] 18:51:36 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 18:51:36 [INFO] Building dependencies.ant 1.0 [3/70] 18:51:36 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:36 [INFO] 18:51:36 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 18:51:36 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 18:51:36 [INFO] 18:51:36 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 18:51:38 [INFO] 18:51:38 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 18:51:38 [INFO] Building dependencies.antinstaller 1.0 [4/70] 18:51:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:38 [INFO] 18:51:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 18:51:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 18:51:38 [INFO] 18:51:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 18:51:38 [INFO] 18:51:38 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 18:51:38 [INFO] Building dependencies.axiom 1.0 [5/70] 18:51:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:38 [INFO] 18:51:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 18:51:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 18:51:38 [INFO] 18:51:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 18:51:38 [INFO] 18:51:38 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 18:51:38 [INFO] Executing tasks 18:51:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 18:51:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 18:51:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 18:51:38 [INFO] Executed tasks 18:51:38 [INFO] 18:51:38 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 18:51:38 [INFO] Building dependencies.bean-validation 1.0 [6/70] 18:51:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:38 [INFO] 18:51:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 18:51:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 18:51:38 [INFO] 18:51:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 18:51:38 [INFO] 18:51:38 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 18:51:38 [INFO] Building dependencies.cxf 1.0 [7/70] 18:51:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:38 [INFO] 18:51:38 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 18:51:38 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 18:51:38 [INFO] 18:51:38 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 18:51:38 [INFO] 18:51:38 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 18:51:38 [INFO] Executing tasks 18:51:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 18:51:38 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 18:51:38 [INFO] Executed tasks 18:51:38 [INFO] 18:51:38 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 18:51:38 [INFO] Building dependencies.commons 1.0 [8/70] 18:51:38 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 18:51:39 [INFO] 18:51:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 18:51:39 [INFO] Building dependencies.faces 1.0 [9/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 18:51:39 [INFO] 18:51:39 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 18:51:39 [INFO] Building dependencies.git 1.0 [10/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 18:51:39 [INFO] 18:51:39 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 18:51:39 [INFO] Building dependencies.httpcore 1.0 [11/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 18:51:39 [INFO] Executing tasks 18:51:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 18:51:39 [INFO] Executed tasks 18:51:39 [INFO] 18:51:39 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 18:51:39 [INFO] Building dependencies.jackson 1.0 [12/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 18:51:39 [INFO] 18:51:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 18:51:39 [INFO] Building dependencies.javax 1.0 [13/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 18:51:39 [INFO] 18:51:39 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 18:51:39 [INFO] Building dependencies.jax 1.0 [14/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 18:51:39 [INFO] 18:51:39 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 18:51:39 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 18:51:39 [INFO] 18:51:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 18:51:39 [INFO] Executing tasks 18:51:39 [INFO] Executed tasks 18:51:39 [INFO] 18:51:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 18:51:39 [INFO] Building dependencies.jetty 1.0 [15/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 18:51:39 [INFO] 18:51:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 18:51:39 [INFO] Building dependencies.jminix 1.0 [16/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 18:51:39 [INFO] Executing tasks 18:51:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 18:51:39 [INFO] Executed tasks 18:51:39 [INFO] 18:51:39 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 18:51:39 [INFO] Building dependencies.json 1.0 [17/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 18:51:39 [INFO] Executing tasks 18:51:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 18:51:39 [INFO] Executed tasks 18:51:39 [INFO] 18:51:39 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 18:51:39 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 18:51:39 [INFO] 18:51:39 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 18:51:39 [INFO] Building dependencies.log 1.0 [18/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 18:51:39 [INFO] Executing tasks 18:51:39 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 18:51:39 [INFO] Executed tasks 18:51:39 [INFO] 18:51:39 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 18:51:39 [INFO] Building dependencies.lucene 1.0 [19/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:39 [INFO] 18:51:39 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 18:51:39 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 18:51:39 [INFO] 18:51:39 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 18:51:39 [INFO] 18:51:39 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 18:51:39 [INFO] Building dependencies.openapi4j 1.0 [20/70] 18:51:39 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 18:51:40 [INFO] Building dependencies.opensaml 1.0 [21/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 18:51:40 [INFO] 18:51:40 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 18:51:40 [INFO] Building dependencies.pdf 1.0 [22/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 18:51:40 [INFO] 18:51:40 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 18:51:40 [INFO] Building dependencies.redis 1.0 [23/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 18:51:40 [INFO] 18:51:40 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 18:51:40 [INFO] Building dependencies.reports 1.0 [24/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 18:51:40 [INFO] 18:51:40 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 18:51:40 [INFO] Building dependencies.saaj 1.0 [25/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 18:51:40 [INFO] Building dependencies.security 1.0 [26/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 18:51:40 [INFO] Building dependencies.shared 1.0 [27/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 18:51:40 [INFO] Building dependencies.spring 1.0 [28/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 18:51:40 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 18:51:40 [INFO] 18:51:40 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 18:51:40 [INFO] Building dependencies.spring-security 1.0 [30/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 18:51:40 [INFO] Building dependencies.swagger 1.0 [31/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 18:51:40 [INFO] Building dependencies.wadl 1.0 [32/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 18:51:40 [INFO] 18:51:40 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 18:51:40 [INFO] Building dependencies.wss4j 1.0 [33/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 18:51:40 [INFO] Executing tasks 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 18:51:40 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 18:51:40 [INFO] Executed tasks 18:51:40 [INFO] 18:51:40 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 18:51:40 [INFO] Building dependencies.testsuite 1.0 [34/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 18:51:40 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 18:51:40 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 18:51:40 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 18:51:40 [INFO] 18:51:40 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 18:51:40 [INFO] 18:51:40 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 18:51:41 [INFO] Executing tasks 18:51:41 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 18:51:41 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 18:51:41 [INFO] Executed tasks 18:51:41 [INFO] 18:51:41 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 18:51:41 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 18:51:41 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 18:51:41 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 18:51:41 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 18:51:41 [INFO] 18:51:41 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 18:51:41 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:51:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 18:51:41 [INFO] 18:51:41 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 18:51:41 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 18:51:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 18:51:41 [INFO] Executing tasks 18:51:41 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 18:51:41 [INFO] Executed tasks 18:51:41 [INFO] 18:51:41 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 18:51:41 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 18:51:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 18:51:41 [INFO] 18:51:41 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 18:51:41 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:51:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 18:51:41 [INFO] 18:51:41 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 18:51:41 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 18:51:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 18:51:41 [INFO] 18:51:41 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 18:51:41 [INFO] Building dependencies.soapbox 1.0 [60/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 18:51:41 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 18:51:41 [INFO] 18:51:41 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 18:51:41 [INFO] 18:51:41 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 18:51:41 [INFO] Building compile 1.0 [61/70] 18:51:41 [INFO] --------------------------------[ pom ]--------------------------------- 18:51:41 [INFO] 18:51:41 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.compile --- 18:51:41 [INFO] Executing tasks 18:51:46 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist 18:51:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build 18:51:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/tmp 18:51:49 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 18:51:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:51:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:51:54 [WARNING] [echo] **************************************** 18:51:54 [WARNING] [echo] **** DEBUG MODE ON ***** 18:51:54 [WARNING] [echo] **************************************** 18:51:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils 18:51:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:51:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils] 18:51:54 [INFO] [javac] Compiling 37 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:51:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils_RELEASE.jar 18:51:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:02 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:02 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:02 [WARNING] [echo] **************************************** 18:52:02 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:02 [WARNING] [echo] **************************************** 18:52:02 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:02 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/instrument] 18:52:02 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-instrument_RELEASE.jar 18:52:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:06 [WARNING] [echo] **************************************** 18:52:06 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:06 [WARNING] [echo] **************************************** 18:52:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/resources] 18:52:07 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-resources_RELEASE.jar 18:52:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:11 [WARNING] [echo] **************************************** 18:52:11 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:11 [WARNING] [echo] **************************************** 18:52:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mime] 18:52:11 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mime_RELEASE.jar 18:52:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:15 [WARNING] [echo] **************************************** 18:52:15 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:15 [WARNING] [echo] **************************************** 18:52:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/date] 18:52:15 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-date_RELEASE.jar 18:52:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:20 [WARNING] [echo] **************************************** 18:52:20 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:20 [WARNING] [echo] **************************************** 18:52:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/io] 18:52:20 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-io_RELEASE.jar 18:52:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:24 [WARNING] [echo] **************************************** 18:52:24 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:24 [WARNING] [echo] **************************************** 18:52:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/random] 18:52:24 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-random_RELEASE.jar 18:52:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:28 [WARNING] [echo] **************************************** 18:52:28 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:28 [WARNING] [echo] **************************************** 18:52:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/properties] 18:52:28 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-properties_RELEASE.jar 18:52:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:32 [WARNING] [echo] **************************************** 18:52:32 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:32 [WARNING] [echo] **************************************** 18:52:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxb] 18:52:32 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:52:32 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxb_RELEASE.jar 18:52:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:36 [WARNING] [echo] **************************************** 18:52:36 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:36 [WARNING] [echo] **************************************** 18:52:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jaxrs] 18:52:36 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jaxrs_RELEASE.jar 18:52:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:40 [WARNING] [echo] **************************************** 18:52:40 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:40 [WARNING] [echo] **************************************** 18:52:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml] 18:52:40 [INFO] [javac] Compiling 41 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml_RELEASE.jar 18:52:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:45 [WARNING] [echo] **************************************** 18:52:45 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:45 [WARNING] [echo] **************************************** 18:52:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/json] 18:52:45 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-json_RELEASE.jar 18:52:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:50 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:50 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:50 [WARNING] [echo] **************************************** 18:52:50 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:50 [WARNING] [echo] **************************************** 18:52:50 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:50 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xml2json] 18:52:50 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xml2json_RELEASE.jar 18:52:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:54 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:54 [WARNING] [echo] **************************************** 18:52:54 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:54 [WARNING] [echo] **************************************** 18:52:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:54 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/digest] 18:52:54 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-digest_RELEASE.jar 18:52:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:52:58 [WARNING] [echo] **************************************** 18:52:58 [WARNING] [echo] **** DEBUG MODE ON ***** 18:52:58 [WARNING] [echo] **************************************** 18:52:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:52:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/regexp] 18:52:58 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:52:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-regexp_RELEASE.jar 18:52:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:01 [WARNING] [echo] **************************************** 18:53:01 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:01 [WARNING] [echo] **************************************** 18:53:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate] 18:53:01 [INFO] [javac] Compiling 46 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate_RELEASE.jar 18:53:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:06 [WARNING] [echo] **************************************** 18:53:06 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:06 [WARNING] [echo] **************************************** 18:53:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/transport] 18:53:06 [INFO] [javac] Compiling 68 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-transport_RELEASE.jar 18:53:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:11 [WARNING] [echo] **************************************** 18:53:11 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:11 [WARNING] [echo] **************************************** 18:53:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/ocsp] 18:53:11 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-ocsp_RELEASE.jar 18:53:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:15 [WARNING] [echo] **************************************** 18:53:15 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:15 [WARNING] [echo] **************************************** 18:53:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/remote] 18:53:15 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-remote_RELEASE.jar 18:53:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:19 [WARNING] [echo] **************************************** 18:53:19 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:19 [WARNING] [echo] **************************************** 18:53:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/certificate/byok] 18:53:19 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-certificate-byok_RELEASE.jar 18:53:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:23 [WARNING] [echo] **************************************** 18:53:23 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:23 [WARNING] [echo] **************************************** 18:53:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jmx] 18:53:23 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jmx_RELEASE.jar 18:53:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:27 [WARNING] [echo] **************************************** 18:53:27 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:27 [WARNING] [echo] **************************************** 18:53:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/cache] 18:53:27 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-cache_RELEASE.jar 18:53:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:31 [WARNING] [echo] **************************************** 18:53:31 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:31 [WARNING] [echo] **************************************** 18:53:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/checksum] 18:53:31 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-checksum_RELEASE.jar 18:53:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:34 [WARNING] [echo] **************************************** 18:53:34 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:34 [WARNING] [echo] **************************************** 18:53:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:34 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/crypt] 18:53:34 [INFO] [javac] Compiling 23 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-crypt_RELEASE.jar 18:53:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:38 [WARNING] [echo] **************************************** 18:53:38 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:38 [WARNING] [echo] **************************************** 18:53:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/csv] 18:53:38 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:39 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-csv_RELEASE.jar 18:53:39 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:42 [WARNING] [echo] **************************************** 18:53:42 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:42 [WARNING] [echo] **************************************** 18:53:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/dch] 18:53:42 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-dch_RELEASE.jar 18:53:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:46 [WARNING] [echo] **************************************** 18:53:46 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:46 [WARNING] [echo] **************************************** 18:53:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sql] 18:53:46 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sql_RELEASE.jar 18:53:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:51 [WARNING] [echo] **************************************** 18:53:51 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:51 [WARNING] [echo] **************************************** 18:53:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/jdbc] 18:53:51 [INFO] [javac] Compiling 37 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-jdbc_RELEASE.jar 18:53:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:55 [WARNING] [echo] **************************************** 18:53:55 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:55 [WARNING] [echo] **************************************** 18:53:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/id] 18:53:55 [INFO] [javac] Compiling 45 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-id_RELEASE.jar 18:53:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:53:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:53:59 [WARNING] [echo] **************************************** 18:53:59 [WARNING] [echo] **** DEBUG MODE ON ***** 18:53:59 [WARNING] [echo] **************************************** 18:53:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:53:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/serialization] 18:53:59 [INFO] [javac] Compiling 26 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-serialization_RELEASE.jar 18:54:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:03 [WARNING] [echo] **************************************** 18:54:03 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:03 [WARNING] [echo] **************************************** 18:54:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/logger] 18:54:03 [INFO] [javac] Compiling 77 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-logger_RELEASE.jar 18:54:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:07 [WARNING] [echo] **************************************** 18:54:07 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:07 [WARNING] [echo] **************************************** 18:54:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/service] 18:54:07 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-service_RELEASE.jar 18:54:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:12 [WARNING] [echo] **************************************** 18:54:12 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:12 [WARNING] [echo] **************************************** 18:54:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/beans] 18:54:12 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-beans_RELEASE.jar 18:54:13 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:16 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:16 [WARNING] [echo] **************************************** 18:54:16 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:16 [WARNING] [echo] **************************************** 18:54:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:16 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/security] 18:54:16 [INFO] [javac] Compiling 41 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-security_RELEASE.jar 18:54:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:20 [WARNING] [echo] **************************************** 18:54:20 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:20 [WARNING] [echo] **************************************** 18:54:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/pdf] 18:54:20 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-pdf_RELEASE.jar 18:54:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:24 [WARNING] [echo] **************************************** 18:54:24 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:24 [WARNING] [echo] **************************************** 18:54:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wsdl] 18:54:24 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wsdl_RELEASE.jar 18:54:25 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:28 [WARNING] [echo] **************************************** 18:54:28 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:28 [WARNING] [echo] **************************************** 18:54:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/rest] 18:54:28 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-rest_RELEASE.jar 18:54:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:32 [WARNING] [echo] **************************************** 18:54:32 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:32 [WARNING] [echo] **************************************** 18:54:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/wadl] 18:54:32 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-wadl_RELEASE.jar 18:54:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:36 [WARNING] [echo] **************************************** 18:54:36 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:36 [WARNING] [echo] **************************************** 18:54:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/openapi] 18:54:36 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-openapi_RELEASE.jar 18:54:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:40 [WARNING] [echo] **************************************** 18:54:40 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:40 [WARNING] [echo] **************************************** 18:54:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/xacml] 18:54:40 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-xacml_RELEASE.jar 18:54:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:44 [WARNING] [echo] **************************************** 18:54:44 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:44 [WARNING] [echo] **************************************** 18:54:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/mail] 18:54:44 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-mail_RELEASE.jar 18:54:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:48 [WARNING] [echo] **************************************** 18:54:48 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:48 [WARNING] [echo] **************************************** 18:54:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:48 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/datasource] 18:54:48 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-datasource_RELEASE.jar 18:54:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:52 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:52 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:52 [WARNING] [echo] **************************************** 18:54:52 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:52 [WARNING] [echo] **************************************** 18:54:52 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:52 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/sonde] 18:54:52 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:53 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-sonde_RELEASE.jar 18:54:53 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:56 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:54:56 [WARNING] [echo] **************************************** 18:54:56 [WARNING] [echo] **** DEBUG MODE ON ***** 18:54:56 [WARNING] [echo] **************************************** 18:54:56 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:54:56 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/semaphore] 18:54:56 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:54:57 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-semaphore_RELEASE.jar 18:54:57 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:00 [WARNING] [echo] **************************************** 18:55:00 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:00 [WARNING] [echo] **************************************** 18:55:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/threads] 18:55:00 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:01 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-threads_RELEASE.jar 18:55:01 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:04 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:04 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:04 [WARNING] [echo] **************************************** 18:55:04 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:04 [WARNING] [echo] **************************************** 18:55:04 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:04 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/oauth2] 18:55:04 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils/openspcoop2_utils-oauth2_RELEASE.jar 18:55:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:08 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:55:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils_RELEASE.jar 18:55:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:15 [WARNING] [echo] **************************************** 18:55:15 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:15 [WARNING] [echo] **************************************** 18:55:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/utils-test 18:55:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/utils/src/org/openspcoop2/utils/test] 18:55:15 [INFO] [javac] Compiling 67 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/utils-test/openspcoop2_utils-test_RELEASE.jar 18:55:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:19 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:55:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_utils-test_RELEASE.jar 18:55:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:26 [WARNING] [echo] **************************************** 18:55:26 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:26 [WARNING] [echo] **************************************** 18:55:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/generic_project/src/] 18:55:27 [INFO] [javac] Compiling 211 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_generic-project_RELEASE.jar 18:55:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:38 [WARNING] [echo] **************************************** 18:55:38 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:38 [WARNING] [echo] **************************************** 18:55:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/schemi 18:55:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-openspcoop2_RELEASE.jar 18:55:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:42 [WARNING] [echo] **************************************** 18:55:42 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:42 [WARNING] [echo] **************************************** 18:55:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/schemi/openspcoop2_schemi-xsd-standard_RELEASE.jar 18:55:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:45 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:55:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_schemi-xsd_RELEASE.jar 18:55:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:48 [WARNING] [echo] **************************************** 18:55:48 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:48 [WARNING] [echo] **************************************** 18:55:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/message 18:55:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message/context] 18:55:49 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:55:49 [INFO] [javac] Compiling 42 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:50 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message-context_RELEASE.jar 18:55:50 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:53 [WARNING] [echo] **************************************** 18:55:53 [WARNING] [echo] **** DEBUG MODE ON ***** 18:55:53 [WARNING] [echo] **************************************** 18:55:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/message] 18:55:53 [INFO] [javac] Compiling 110 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/message/openspcoop2_message_RELEASE.jar 18:55:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:55:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:55:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:55:58 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:55:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_message_RELEASE.jar 18:56:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:05 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:05 [WARNING] [echo] **************************************** 18:56:05 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:05 [WARNING] [echo] **************************************** 18:56:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/core 18:56:05 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:05 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core] 18:56:05 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core_RELEASE.jar 18:56:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:09 [WARNING] [echo] **************************************** 18:56:09 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:09 [WARNING] [echo] **************************************** 18:56:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/id] 18:56:09 [INFO] [javac] Compiling 20 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-id_RELEASE.jar 18:56:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:13 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:13 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:13 [WARNING] [echo] **************************************** 18:56:13 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:13 [WARNING] [echo] **************************************** 18:56:13 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:13 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons] 18:56:13 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:14 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons_RELEASE.jar 18:56:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:17 [WARNING] [echo] **************************************** 18:56:17 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:17 [WARNING] [echo] **************************************** 18:56:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/byok] 18:56:17 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-byok_RELEASE.jar 18:56:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:21 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:21 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:21 [WARNING] [echo] **************************************** 18:56:21 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:21 [WARNING] [echo] **************************************** 18:56:21 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:21 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config] 18:56:21 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:21 [INFO] [javac] Compiling 346 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:28 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:56:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config_RELEASE.jar 18:56:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:31 [WARNING] [echo] **************************************** 18:56:31 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:31 [WARNING] [echo] **************************************** 18:56:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry] 18:56:31 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:31 [INFO] [javac] Compiling 139 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:34 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:56:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry_RELEASE.jar 18:56:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:37 [WARNING] [echo] **************************************** 18:56:37 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:37 [WARNING] [echo] **************************************** 18:56:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/tracciamento] 18:56:37 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:37 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:38 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:56:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-tracciamento_RELEASE.jar 18:56:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:41 [WARNING] [echo] **************************************** 18:56:41 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:41 [WARNING] [echo] **************************************** 18:56:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/diagnostica] 18:56:41 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:41 [INFO] [javac] Compiling 28 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-diagnostica_RELEASE.jar 18:56:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:45 [WARNING] [echo] **************************************** 18:56:45 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:45 [WARNING] [echo] **************************************** 18:56:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/transazioni] 18:56:45 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:45 [INFO] [javac] Compiling 144 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:48 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:56:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-transazioni_RELEASE.jar 18:56:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:51 [WARNING] [echo] **************************************** 18:56:51 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:51 [WARNING] [echo] **************************************** 18:56:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eventi] 18:56:51 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:51 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:52 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:56:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eventi_RELEASE.jar 18:56:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:56:55 [WARNING] [echo] **************************************** 18:56:55 [WARNING] [echo] **** DEBUG MODE ON ***** 18:56:55 [WARNING] [echo] **************************************** 18:56:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:56:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/statistiche] 18:56:55 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:56:55 [INFO] [javac] Compiling 108 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:56:58 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:56:58 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-statistiche_RELEASE.jar 18:56:58 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:01 [WARNING] [echo] **************************************** 18:57:01 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:01 [WARNING] [echo] **************************************** 18:57:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/plugins] 18:57:01 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:01 [INFO] [javac] Compiling 94 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:02 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:57:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-plugins_RELEASE.jar 18:57:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:06 [WARNING] [echo] **************************************** 18:57:06 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:06 [WARNING] [echo] **************************************** 18:57:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/controllo_traffico] 18:57:06 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:06 [INFO] [javac] Compiling 128 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:08 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:57:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-controllo_traffico_RELEASE.jar 18:57:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:11 [WARNING] [echo] **************************************** 18:57:11 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:11 [WARNING] [echo] **************************************** 18:57:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/allarmi] 18:57:11 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:11 [INFO] [javac] Compiling 76 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:13 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:57:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-allarmi_RELEASE.jar 18:57:13 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:16 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:16 [WARNING] [echo] **************************************** 18:57:16 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:16 [WARNING] [echo] **************************************** 18:57:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:16 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mapping] 18:57:16 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mapping_RELEASE.jar 18:57:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:20 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:20 [WARNING] [echo] **************************************** 18:57:20 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:20 [WARNING] [echo] **************************************** 18:57:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:20 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/details] 18:57:20 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:20 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:20 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:57:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-details_RELEASE.jar 18:57:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:23 [WARNING] [echo] **************************************** 18:57:23 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:23 [WARNING] [echo] **************************************** 18:57:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/router_details] 18:57:23 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:23 [INFO] [javac] Compiling 25 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-router_details_RELEASE.jar 18:57:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:27 [WARNING] [echo] **************************************** 18:57:27 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:27 [WARNING] [echo] **************************************** 18:57:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/eccezione/errore_applicativo] 18:57:27 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:27 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:28 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:57:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-eccezione-errore_applicativo_RELEASE.jar 18:57:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:31 [WARNING] [echo] **************************************** 18:57:31 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:31 [WARNING] [echo] **************************************** 18:57:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/integrazione] 18:57:31 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:57:31 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-integrazione_RELEASE.jar 18:57:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:35 [WARNING] [echo] **************************************** 18:57:35 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:35 [WARNING] [echo] **************************************** 18:57:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver] 18:57:35 [INFO] [javac] Compiling 18 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver_RELEASE.jar 18:57:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:39 [WARNING] [echo] **************************************** 18:57:39 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:39 [WARNING] [echo] **************************************** 18:57:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/db] 18:57:39 [INFO] [javac] Compiling 38 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:41 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-db_RELEASE.jar 18:57:41 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:44 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:44 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:44 [WARNING] [echo] **************************************** 18:57:44 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:44 [WARNING] [echo] **************************************** 18:57:44 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:44 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/xml] 18:57:44 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-xml_RELEASE.jar 18:57:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:48 [WARNING] [echo] **************************************** 18:57:48 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:48 [WARNING] [echo] **************************************** 18:57:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:48 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/config/driver/utils] 18:57:49 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-config-driver-utils_RELEASE.jar 18:57:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:53 [WARNING] [echo] **************************************** 18:57:53 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:53 [WARNING] [echo] **************************************** 18:57:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver] 18:57:53 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver_RELEASE.jar 18:57:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:57:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:57:59 [WARNING] [echo] **************************************** 18:57:59 [WARNING] [echo] **** DEBUG MODE ON ***** 18:57:59 [WARNING] [echo] **************************************** 18:57:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:57:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/wsdl] 18:57:59 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-wsdl_RELEASE.jar 18:58:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:03 [WARNING] [echo] **************************************** 18:58:03 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:03 [WARNING] [echo] **************************************** 18:58:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/rest] 18:58:03 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-rest_RELEASE.jar 18:58:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:07 [WARNING] [echo] **************************************** 18:58:07 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:07 [WARNING] [echo] **************************************** 18:58:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/db] 18:58:07 [INFO] [javac] Compiling 36 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-db_RELEASE.jar 18:58:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:12 [WARNING] [echo] **************************************** 18:58:12 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:12 [WARNING] [echo] **************************************** 18:58:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/xml] 18:58:12 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-xml_RELEASE.jar 18:58:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:15 [WARNING] [echo] **************************************** 18:58:15 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:15 [WARNING] [echo] **************************************** 18:58:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/web] 18:58:15 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-web_RELEASE.jar 18:58:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:19 [WARNING] [echo] **************************************** 18:58:19 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:19 [WARNING] [echo] **************************************** 18:58:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/uddi] 18:58:19 [INFO] [javac] Compiling 3 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-uddi_RELEASE.jar 18:58:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:24 [WARNING] [echo] **************************************** 18:58:24 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:24 [WARNING] [echo] **************************************** 18:58:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:24 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/ws] 18:58:24 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-ws_RELEASE.jar 18:58:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:28 [WARNING] [echo] **************************************** 18:58:28 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:28 [WARNING] [echo] **************************************** 18:58:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/registry/driver/utils] 18:58:28 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-registry-driver-utils_RELEASE.jar 18:58:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:31 [WARNING] [echo] **************************************** 18:58:31 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:31 [WARNING] [echo] **************************************** 18:58:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/search] 18:58:31 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:58:31 [INFO] [javac] Compiling 184 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:35 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:58:35 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-search_RELEASE.jar 18:58:35 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:38 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:38 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:38 [WARNING] [echo] **************************************** 18:58:38 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:38 [WARNING] [echo] **************************************** 18:58:38 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:38 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/commons/dao] 18:58:38 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-commons-dao_RELEASE.jar 18:58:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:41 [WARNING] [echo] **************************************** 18:58:41 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:41 [WARNING] [echo] **************************************** 18:58:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/core/mvc/properties] 18:58:41 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:58:41 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:42 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:58:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/core/openspcoop2_core-mvc_properties_RELEASE.jar 18:58:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:45 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:58:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_core_RELEASE.jar 18:58:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:53 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:53 [WARNING] [echo] **************************************** 18:58:53 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:53 [WARNING] [echo] **************************************** 18:58:53 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol-api 18:58:53 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:53 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/manifest] 18:58:53 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:58:53 [INFO] [javac] Compiling 131 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:55 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:58:55 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-manifest_RELEASE.jar 18:58:55 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:58:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:58:58 [WARNING] [echo] **************************************** 18:58:58 [WARNING] [echo] **** DEBUG MODE ON ***** 18:58:58 [WARNING] [echo] **************************************** 18:58:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:58:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/information_missing] 18:58:58 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:58:58 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:00 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:59:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-information_missing_RELEASE.jar 18:59:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:03 [WARNING] [echo] **************************************** 18:59:03 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:03 [WARNING] [echo] **************************************** 18:59:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/sdk] 18:59:03 [INFO] [javac] Compiling 226 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-sdk_RELEASE.jar 18:59:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:07 [WARNING] [echo] **************************************** 18:59:07 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:07 [WARNING] [echo] **************************************** 18:59:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/utils] 18:59:07 [INFO] [javac] Compiling 19 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-utils_RELEASE.jar 18:59:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:11 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:11 [WARNING] [echo] **************************************** 18:59:11 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:11 [WARNING] [echo] **************************************** 18:59:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/registry] 18:59:11 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-registry_RELEASE.jar 18:59:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:15 [WARNING] [echo] **************************************** 18:59:15 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:15 [WARNING] [echo] **************************************** 18:59:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/abstraction] 18:59:15 [WARNING] [javac] anomalous package-info.java path: package-info.java 18:59:15 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:16 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 18:59:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-abstraction_RELEASE.jar 18:59:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:19 [WARNING] [echo] **************************************** 18:59:19 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:19 [WARNING] [echo] **************************************** 18:59:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/basic] 18:59:19 [INFO] [javac] Compiling 63 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:21 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol-api/openspcoop2_protocol-basic_RELEASE.jar 18:59:21 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:25 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:25 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:25 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:59:25 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol-api_RELEASE.jar 18:59:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:31 [WARNING] [echo] **************************************** 18:59:31 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:31 [WARNING] [echo] **************************************** 18:59:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor-api 18:59:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:32 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/sdk] 18:59:32 [INFO] [javac] Compiling 69 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor-api/openspcoop2_monitor-sdk_RELEASE.jar 18:59:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:36 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 18:59:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor-api_RELEASE.jar 18:59:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:43 [WARNING] [echo] **************************************** 18:59:43 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:43 [WARNING] [echo] **************************************** 18:59:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/security 18:59:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security] 18:59:43 [INFO] [javac] Compiling 50 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-core_RELEASE.jar 18:59:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:47 [WARNING] [echo] **************************************** 18:59:47 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:47 [WARNING] [echo] **************************************** 18:59:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message] 18:59:47 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message_RELEASE.jar 18:59:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:51 [WARNING] [echo] **************************************** 18:59:51 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:51 [WARNING] [echo] **************************************** 18:59:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/engine] 18:59:51 [INFO] [javac] Compiling 9 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-engine_RELEASE.jar 18:59:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:55 [WARNING] [echo] **************************************** 18:59:55 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:55 [WARNING] [echo] **************************************** 18:59:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/jose] 18:59:55 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-jose_RELEASE.jar 18:59:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 18:59:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 18:59:59 [WARNING] [echo] **************************************** 18:59:59 [WARNING] [echo] **** DEBUG MODE ON ***** 18:59:59 [WARNING] [echo] **************************************** 18:59:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 18:59:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/xml] 18:59:59 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-xml_RELEASE.jar 19:00:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:03 [WARNING] [echo] **************************************** 19:00:03 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:03 [WARNING] [echo] **************************************** 19:00:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/wss4j] 19:00:03 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-wss4j_RELEASE.jar 19:00:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:07 [WARNING] [echo] **************************************** 19:00:07 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:07 [WARNING] [echo] **************************************** 19:00:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/security/message/soapbox] 19:00:07 [INFO] [javac] Compiling 17 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:08 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/security/openspcoop2_security-message-soapbox_RELEASE.jar 19:00:08 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:11 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:00:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_security_RELEASE.jar 19:00:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:19 [WARNING] [echo] **************************************** 19:00:19 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:19 [WARNING] [echo] **************************************** 19:00:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/protocol 19:00:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/protocol/engine] 19:00:19 [INFO] [javac] Compiling 83 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/protocol/openspcoop2_protocol_RELEASE.jar 19:00:22 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:26 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:00:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_protocol_RELEASE.jar 19:00:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:32 [WARNING] [echo] **************************************** 19:00:32 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:32 [WARNING] [echo] **************************************** 19:00:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/monitor 19:00:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:33 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/transazioni] 19:00:33 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:00:33 [INFO] [javac] Compiling 54 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:34 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 19:00:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-transazioni_RELEASE.jar 19:00:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:37 [WARNING] [echo] **************************************** 19:00:37 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:37 [WARNING] [echo] **************************************** 19:00:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/ricerche] 19:00:37 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:00:37 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-ricerche_RELEASE.jar 19:00:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:42 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:42 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:42 [WARNING] [echo] **************************************** 19:00:42 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:42 [WARNING] [echo] **************************************** 19:00:42 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:42 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine/config/statistiche] 19:00:42 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:00:42 [INFO] [javac] Compiling 40 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-statistiche_RELEASE.jar 19:00:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:46 [WARNING] [echo] **************************************** 19:00:46 [WARNING] [echo] **** DEBUG MODE ON ***** 19:00:46 [WARNING] [echo] **************************************** 19:00:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:46 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/monitor/engine] 19:00:46 [INFO] [javac] Compiling 240 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:49 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/statistiche/package-info.class 19:00:49 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/ricerche/package-info.class 19:00:49 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/constants/package-info.class 19:00:49 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/config/transazioni/package-info.class 19:00:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/monitor/openspcoop2_monitor-engine_RELEASE.jar 19:00:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:00:52 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:00:52 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:00:52 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:00:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_monitor_RELEASE.jar 19:00:56 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 19:00:56 [INFO] [copy] Copying 1150 files to /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd 19:00:56 [WARNING] [echo] Raccolta informazioni git per impostazione versione... 19:01:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:00 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:00 [WARNING] [echo] **************************************** 19:01:00 [WARNING] [echo] **** DEBUG MODE ON ***** 19:01:00 [WARNING] [echo] **************************************** 19:01:00 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd 19:01:00 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:00 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/build/SRC_VERSION/org/openspcoop2/pdd] 19:01:00 [INFO] [javac] Compiling 1075 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:17 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/constants/package-info.class 19:01:17 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/monitor/package-info.class 19:01:17 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/services/skeleton/package-info.class 19:01:17 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd/openspcoop2_pdd_RELEASE.jar 19:01:17 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:20 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:20 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:20 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:01:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd_RELEASE.jar 19:01:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/SRC_VERSION 19:01:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:28 [WARNING] [echo] **************************************** 19:01:28 [WARNING] [echo] **** DEBUG MODE ON ***** 19:01:28 [WARNING] [echo] **************************************** 19:01:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/pdd-test 19:01:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:28 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/core/src/org/openspcoop2/pdd_test] 19:01:28 [INFO] [javac] Compiling 14 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/pdd-test/openspcoop2_pdd-test_RELEASE.jar 19:01:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:32 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:01:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_pdd-test_RELEASE.jar 19:01:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:41 [WARNING] [echo] **************************************** 19:01:41 [WARNING] [echo] **** DEBUG MODE ON ***** 19:01:41 [WARNING] [echo] **************************************** 19:01:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/modipa 19:01:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 19:01:41 [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-plugin_RELEASE.jar 19:01:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:47 [WARNING] [echo] **************************************** 19:01:47 [WARNING] [echo] **** DEBUG MODE ON ***** 19:01:47 [WARNING] [echo] **************************************** 19:01:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/modipa/src] 19:01:47 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/modipa/openspcoop2_modipa-protocol-config_RELEASE.jar 19:01:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:01:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:01:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:01:51 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:01:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_modipa-protocol_RELEASE.jar 19:02:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:01 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:01 [WARNING] [echo] **************************************** 19:02:01 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:01 [WARNING] [echo] **************************************** 19:02:01 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/spcoop 19:02:01 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:01 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/manifest] 19:02:01 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:02:01 [INFO] [javac] Compiling 73 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:02 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 19:02:03 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-manifest_RELEASE.jar 19:02:03 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:06 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:06 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:06 [WARNING] [echo] **************************************** 19:02:06 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:06 [WARNING] [echo] **************************************** 19:02:06 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:06 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/collprofiles] 19:02:06 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:02:06 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:07 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 19:02:07 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipacollprofiles_RELEASE.jar 19:02:07 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:11 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:11 [WARNING] [echo] **************************************** 19:02:11 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:11 [WARNING] [echo] **************************************** 19:02:11 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:11 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/cnipa/schemas/_2003/egovit/exception1_0] 19:02:11 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:02:11 [INFO] [javac] Compiling 24 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:11 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-cnipaexception_RELEASE.jar 19:02:11 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:14 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:14 [WARNING] [echo] **************************************** 19:02:14 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:14 [WARNING] [echo] **************************************** 19:02:14 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:14 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wscp] 19:02:14 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:02:14 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:15 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 19:02:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wscp_RELEASE.jar 19:02:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:18 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:18 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:18 [WARNING] [echo] **************************************** 19:02:18 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:18 [WARNING] [echo] **************************************** 19:02:18 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:18 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 19:02:18 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica_RELEASE.jar 19:02:19 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:22 [WARNING] [echo] **************************************** 19:02:22 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:22 [WARNING] [echo] **************************************** 19:02:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src/it/gov/spcoop/sica/wsbl] 19:02:22 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:02:22 [INFO] [javac] Compiling 60 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:23 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 19:02:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-sica-wsbl_RELEASE.jar 19:02:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:26 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:26 [WARNING] [echo] **************************************** 19:02:26 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:26 [WARNING] [echo] **************************************** 19:02:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:26 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 19:02:26 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:27 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-plugin_RELEASE.jar 19:02:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:31 [WARNING] [echo] **************************************** 19:02:31 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:31 [WARNING] [echo] **************************************** 19:02:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/spcoop/src] 19:02:31 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-config_RELEASE.jar 19:02:31 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:34 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:34 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:34 [WARNING] [echo] **************************************** 19:02:34 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:34 [WARNING] [echo] **************************************** 19:02:34 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/spcoop/openspcoop2_spcoop-protocol-schemi_RELEASE.jar 19:02:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:37 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:02:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_spcoop-protocol_RELEASE.jar 19:02:47 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:47 [WARNING] [echo] **************************************** 19:02:47 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:47 [WARNING] [echo] **************************************** 19:02:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/trasparente 19:02:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 19:02:47 [INFO] [javac] Compiling 11 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-plugin_RELEASE.jar 19:02:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:51 [WARNING] [echo] **************************************** 19:02:51 [WARNING] [echo] **** DEBUG MODE ON ***** 19:02:51 [WARNING] [echo] **************************************** 19:02:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/trasparente/src] 19:02:51 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/trasparente/openspcoop2_trasparente-protocol-config_RELEASE.jar 19:02:51 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:02:54 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:02:54 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:02:54 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:02:54 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_trasparente-protocol_RELEASE.jar 19:03:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:03 [WARNING] [echo] **************************************** 19:03:03 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:03 [WARNING] [echo] **************************************** 19:03:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/sdi 19:03:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_0] 19:03:03 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:03 [INFO] [javac] Compiling 111 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:06 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v10_RELEASE.jar 19:03:06 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:10 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:10 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:10 [WARNING] [echo] **************************************** 19:03:10 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:10 [WARNING] [echo] **************************************** 19:03:10 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/fatturapa/v1_1] 19:03:10 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:10 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:12 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v11_RELEASE.jar 19:03:12 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:15 [WARNING] [echo] **************************************** 19:03:15 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:15 [WARNING] [echo] **************************************** 19:03:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:15 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_0/] 19:03:15 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:15 [INFO] [javac] Compiling 59 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturasemplificata-v10_RELEASE.jar 19:03:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:19 [WARNING] [echo] **************************************** 19:03:19 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:19 [WARNING] [echo] **************************************** 19:03:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:19 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fatture/v1_2/] 19:03:19 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:19 [INFO] [javac] Compiling 113 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:20 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-fatturapa-v12_RELEASE.jar 19:03:20 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:23 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:23 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:23 [WARNING] [echo] **************************************** 19:03:23 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:23 [WARNING] [echo] **************************************** 19:03:23 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:23 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/messaggi/v1_0] 19:03:23 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:23 [INFO] [javac] Compiling 47 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:24 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-v10_RELEASE.jar 19:03:24 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:27 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:27 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:27 [WARNING] [echo] **************************************** 19:03:27 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:27 [WARNING] [echo] **************************************** 19:03:27 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:27 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/agenziaentrate/ivaservizi/docs/xsd/fattura/messaggi/v1_0] 19:03:27 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:27 [INFO] [javac] Compiling 34 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:28 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-messaggi-fattura-v10_RELEASE.jar 19:03:28 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:31 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:31 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:31 [WARNING] [echo] **************************************** 19:03:31 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:31 [WARNING] [echo] **************************************** 19:03:31 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:31 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/ricezione/v1_0/types] 19:03:31 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:31 [INFO] [javac] Compiling 27 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:32 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wsricezione-v10_RELEASE.jar 19:03:32 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:35 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:35 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:35 [WARNING] [echo] **************************************** 19:03:35 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:35 [WARNING] [echo] **************************************** 19:03:35 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:35 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/it/gov/fatturapa/sdi/ws/trasmissione/v1_0/types] 19:03:35 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:35 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:36 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-wstrasmissione-v10_RELEASE.jar 19:03:36 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:39 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:39 [WARNING] [echo] **************************************** 19:03:39 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:39 [WARNING] [echo] **************************************** 19:03:39 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:39 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src/org/openspcoop2/protocol/sdi] 19:03:39 [INFO] [javac] Compiling 32 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:40 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-plugin_RELEASE.jar 19:03:40 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:43 [WARNING] [echo] **************************************** 19:03:43 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:43 [WARNING] [echo] **************************************** 19:03:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/sdi/src] 19:03:43 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-config_RELEASE.jar 19:03:43 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:46 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:46 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:46 [WARNING] [echo] **************************************** 19:03:46 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:46 [WARNING] [echo] **************************************** 19:03:46 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:46 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/sdi/openspcoop2_sdi-protocol-schemi_RELEASE.jar 19:03:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:49 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:03:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_sdi-protocol_RELEASE.jar 19:03:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:03:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:03:59 [WARNING] [echo] **************************************** 19:03:59 [WARNING] [echo] **** DEBUG MODE ON ***** 19:03:59 [WARNING] [echo] **************************************** 19:03:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/as4 19:03:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:03:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/org/oasis_open/docs/ebxml_msg/ebms/v3_0/ns/core/_200704] 19:03:59 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:03:59 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-ebms-v3_0_RELEASE.jar 19:04:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:03 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:03 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:03 [WARNING] [echo] **************************************** 19:04:03 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:03 [WARNING] [echo] **************************************** 19:04:03 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:03 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/backend/ecodex/org/_1_1] 19:04:03 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:04:03 [INFO] [javac] Compiling 49 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:04 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2/constants/package-info.class 19:04:04 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-backend-ecodex-v1_1_RELEASE.jar 19:04:04 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:07 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:07 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:07 [WARNING] [echo] **************************************** 19:04:07 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:07 [WARNING] [echo] **************************************** 19:04:07 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:07 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src/eu/domibus/configuration] 19:04:07 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:04:07 [INFO] [javac] Compiling 112 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-eu-domibus-configuration_RELEASE.jar 19:04:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:12 [WARNING] [echo] **************************************** 19:04:12 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:12 [WARNING] [echo] **************************************** 19:04:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 19:04:12 [INFO] [javac] Compiling 52 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:13 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-plugin_RELEASE.jar 19:04:13 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:16 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:16 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:16 [WARNING] [echo] **************************************** 19:04:16 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:16 [WARNING] [echo] **************************************** 19:04:16 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:16 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/protocolli/as4/src] 19:04:16 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-config_RELEASE.jar 19:04:16 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:19 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:04:19 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:19 [WARNING] [echo] **************************************** 19:04:19 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:19 [WARNING] [echo] **************************************** 19:04:19 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:19 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/as4/openspcoop2_as4-protocol-schemi_RELEASE.jar 19:04:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:22 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:04:22 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_as4-protocol_RELEASE.jar 19:04:29 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users 19:04:32 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:04:32 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:32 [WARNING] [echo] **************************************** 19:04:32 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:32 [WARNING] [echo] **************************************** 19:04:32 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:33 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 19:04:33 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:04:33 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 19:04:33 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:04:39 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc 19:04:43 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:04:43 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:43 [WARNING] [echo] **************************************** 19:04:43 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:43 [WARNING] [echo] **************************************** 19:04:43 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:43 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 19:04:43 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:04:44 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 19:04:44 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:04:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:04:51 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:51 [WARNING] [echo] **************************************** 19:04:51 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:51 [WARNING] [echo] **************************************** 19:04:51 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc 19:04:51 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:51 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 19:04:51 [INFO] [javac] Compiling 39 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:04:52 warning: Implicitly compiled files were not subject to annotation processing. 19:04:52 Use -proc:none to disable annotation processing or -implicit to specify a policy for implicit compilation. 19:04:52 1 warning 19:04:52 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 19:04:52 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:04:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:04:55 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:55 [WARNING] [echo] **************************************** 19:04:55 [WARNING] [echo] **** DEBUG MODE ON ***** 19:04:55 [WARNING] [echo] **************************************** 19:04:55 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:55 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 19:04:55 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:04:56 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 19:04:56 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:04:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:04:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:04:59 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:04:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 19:05:05 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit 19:05:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:05:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:08 [WARNING] [echo] **************************************** 19:05:08 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:08 [WARNING] [echo] **************************************** 19:05:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/users/src] 19:05:09 [INFO] [javac] Compiling 10 source files to /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:05:09 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-users_RELEASE.jar 19:05:09 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/users/compile-jar-openspcoop2 19:05:17 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:05:17 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:17 [WARNING] [echo] **************************************** 19:05:17 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:17 [WARNING] [echo] **************************************** 19:05:17 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:17 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src] 19:05:17 [INFO] [javac] Compiling 39 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:05:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-core_RELEASE.jar 19:05:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:05:22 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:05:22 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:22 [WARNING] [echo] **************************************** 19:05:22 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:22 [WARNING] [echo] **************************************** 19:05:22 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:22 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/mvc/src/org/openspcoop2/web/lib/mvc/properties] 19:05:22 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:05:23 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/web-lib-mvc/openspcoop2_web-lib-mvc-properties_RELEASE.jar 19:05:23 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/mvc/compile-jar-openspcoop2 19:05:26 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:26 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:26 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:05:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-mvc_RELEASE.jar 19:05:33 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:33 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:33 [WARNING] [echo] **************************************** 19:05:33 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:33 [WARNING] [echo] **************************************** 19:05:33 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/audit 19:05:33 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:33 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/costanti] 19:05:33 [INFO] [javac] Compiling 1 source file to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:34 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-costanti_RELEASE.jar 19:05:34 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:37 [WARNING] [echo] **************************************** 19:05:37 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:37 [WARNING] [echo] **************************************** 19:05:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/log] 19:05:37 [WARNING] [javac] anomalous package-info.java path: package-info.java 19:05:37 [INFO] [javac] Compiling 22 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:38 [INFO] [javac] Creating empty /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2/constants/package-info.class 19:05:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-log_RELEASE.jar 19:05:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:41 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:41 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:41 [WARNING] [echo] **************************************** 19:05:41 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:41 [WARNING] [echo] **************************************** 19:05:41 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:41 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src/org/openspcoop2/web/lib/audit/dao] 19:05:41 [INFO] [javac] Compiling 4 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit-dao_RELEASE.jar 19:05:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:45 [WARNING] [echo] **************************************** 19:05:45 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:45 [WARNING] [echo] **************************************** 19:05:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/audit/src] 19:05:45 [INFO] [javac] Compiling 33 source files to /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/audit/openspcoop2_web-lib-audit_RELEASE.jar 19:05:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/audit/compile-jar-openspcoop2 19:05:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:48 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:05:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-audit_RELEASE.jar 19:05:55 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue 19:05:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 19:05:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:05:58 [WARNING] [echo] **************************************** 19:05:58 [WARNING] [echo] **** DEBUG MODE ON ***** 19:05:58 [WARNING] [echo] **************************************** 19:05:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:05:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/lib/queue/src] 19:05:58 [INFO] [javac] Compiling 15 source files to /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 19:05:59 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-lib-queue_RELEASE.jar 19:05:59 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/queue/compile-jar-openspcoop2 19:06:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole 19:06:08 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 19:06:08 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:06:08 [WARNING] [echo] **************************************** 19:06:08 [WARNING] [echo] **** DEBUG MODE ON ***** 19:06:08 [WARNING] [echo] **************************************** 19:06:08 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:06:09 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/control_station/src] 19:06:09 [INFO] [javac] Compiling 766 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 19:06:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayConsole_RELEASE.jar 19:06:27 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConsole/compile-jar-openspcoop2 19:06:36 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/faces-config.xml 19:06:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor 19:06:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:06:40 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:06:40 [WARNING] [echo] **************************************** 19:06:40 [WARNING] [echo] **** DEBUG MODE ON ***** 19:06:40 [WARNING] [echo] **************************************** 19:06:40 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core 19:06:40 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:06:40 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/] 19:06:40 [INFO] [javac] Compiling 147 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:06:42 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core_RELEASE.jar 19:06:42 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:06:45 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:06:45 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:06:45 [WARNING] [echo] **************************************** 19:06:45 [WARNING] [echo] **** DEBUG MODE ON ***** 19:06:45 [WARNING] [echo] **************************************** 19:06:45 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:06:45 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_core/META-INF/resources] 19:06:45 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/govwayMonitor-core/openspcoop2_web-govwayMonitor-core-resources_RELEASE.jar 19:06:45 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:06:49 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:06:49 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:06:49 [WARNING] [echo] GIT Repo:[/var/lib/jenkins/workspace/GovWay] 19:06:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-core_RELEASE.jar 19:06:55 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/META-INF/faces-config.xml 19:06:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:06:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:06:59 [WARNING] [echo] **************************************** 19:06:59 [WARNING] [echo] **** DEBUG MODE ON ***** 19:06:59 [WARNING] [echo] **************************************** 19:06:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:06:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_transazioni/] 19:06:59 [INFO] [javac] Compiling 81 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:02 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-transazioni_RELEASE.jar 19:07:02 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:08 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/META-INF/faces-config.xml 19:07:12 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:12 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:07:12 [WARNING] [echo] **************************************** 19:07:12 [WARNING] [echo] **** DEBUG MODE ON ***** 19:07:12 [WARNING] [echo] **************************************** 19:07:12 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:07:12 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_stat/] 19:07:12 [INFO] [javac] Compiling 64 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:15 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-statistiche_RELEASE.jar 19:07:15 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/META-INF/faces-config.xml 19:07:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:24 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:07:24 [WARNING] [echo] **************************************** 19:07:24 [WARNING] [echo] **** DEBUG MODE ON ***** 19:07:24 [WARNING] [echo] **************************************** 19:07:24 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:07:25 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_eventi/] 19:07:25 [INFO] [javac] Compiling 6 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:26 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-eventi_RELEASE.jar 19:07:26 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:32 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml 19:07:32 [ERROR] [concat] /var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/META-INF/faces-config.xml.application does not exist. 19:07:36 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:36 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:07:36 [WARNING] [echo] **************************************** 19:07:36 [WARNING] [echo] **** DEBUG MODE ON ***** 19:07:36 [WARNING] [echo] **************************************** 19:07:36 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:07:36 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/monitor/src/src_allarmi/] 19:07:36 [INFO] [javac] Compiling 12 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:37 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-govwayMonitor-allarmi_RELEASE.jar 19:07:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:07:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole 19:07:47 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 19:07:47 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:07:47 [WARNING] [echo] **************************************** 19:07:47 [WARNING] [echo] **** DEBUG MODE ON ***** 19:07:47 [WARNING] [echo] **************************************** 19:07:47 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:07:47 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/web_interfaces/loader/src] 19:07:47 [INFO] [javac] Compiling 21 source files to /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 19:07:48 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_web-loaderConsole_RELEASE.jar 19:07:48 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/loaderConsole/compile-jar-openspcoop2 19:07:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig 19:07:58 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 19:07:58 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:07:58 [WARNING] [echo] **************************************** 19:07:58 [WARNING] [echo] **** DEBUG MODE ON ***** 19:07:58 [WARNING] [echo] **************************************** 19:07:58 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:07:58 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/config/server/src/] 19:07:58 [INFO] [javac] Compiling 467 source files to /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 19:08:05 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-config-server_RELEASE.jar 19:08:05 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayConfig/compile-jar-openspcoop2 19:08:15 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:08:15 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:08:15 [WARNING] [echo] **************************************** 19:08:15 [WARNING] [echo] **** DEBUG MODE ON ***** 19:08:15 [WARNING] [echo] **************************************** 19:08:15 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:08:16 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/src/] 19:08:16 [INFO] [javac] Compiling 126 source files to /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:08:18 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_rs-monitor-server_RELEASE.jar 19:08:18 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/govwayMonitor/compile-jar-openspcoop2 19:08:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/timerStatistiche 19:08:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/timerStatistiche/tmp 19:08:24 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/timerStatisticheWar 19:08:28 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/timerStatistiche/compile-jar-openspcoop2 19:08:28 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:08:28 [WARNING] [echo] **************************************** 19:08:28 [WARNING] [echo] **** DEBUG MODE ON ***** 19:08:28 [WARNING] [echo] **************************************** 19:08:28 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:08:29 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/timer/statistiche/src/] 19:08:29 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/timerStatistiche/compile-jar-openspcoop2 19:08:29 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_timer-statistiche_RELEASE.jar 19:08:29 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/timerStatistiche/compile-jar-openspcoop2 19:08:37 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:37 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:37 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:08:37 [WARNING] [echo] **************************************** 19:08:37 [WARNING] [echo] **** DEBUG MODE ON ***** 19:08:37 [WARNING] [echo] **************************************** 19:08:37 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:08:37 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/statistiche/src/] 19:08:37 [INFO] [javac] Compiling 2 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:38 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-statistiche_RELEASE.jar 19:08:38 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:48 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:48 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:08:48 [WARNING] [echo] **************************************** 19:08:48 [WARNING] [echo] **** DEBUG MODE ON ***** 19:08:48 [WARNING] [echo] **************************************** 19:08:48 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:08:49 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/batch/runtime-repository/src/] 19:08:49 [INFO] [javac] Compiling 7 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:49 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_batch-runtime-repository_RELEASE.jar 19:08:49 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:59 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:08:59 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:08:59 [WARNING] [echo] **************************************** 19:08:59 [WARNING] [echo] **** DEBUG MODE ON ***** 19:08:59 [WARNING] [echo] **************************************** 19:08:59 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:08:59 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/config_loader/src] 19:08:59 [INFO] [javac] Compiling 5 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:09:00 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-configLoader_RELEASE.jar 19:09:00 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:09:09 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:09:09 [WARNING] [echo] Java home: /opt/openjdk-11.0.12_7/ 19:09:09 [WARNING] [echo] **************************************** 19:09:09 [WARNING] [echo] **** DEBUG MODE ON ***** 19:09:09 [WARNING] [echo] **************************************** 19:09:09 [WARNING] [echo] Raccolta informazioni git per inserimento in manifest... 19:09:10 [WARNING] [echo] compileSRC[/var/lib/jenkins/workspace/GovWay/tools/command_line_interfaces/govway_vault/src] 19:09:10 [INFO] [javac] Compiling 8 source files to /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:09:10 [INFO] [jar] Building jar: /var/lib/jenkins/workspace/GovWay/dist/openspcoop2_cli-vault_RELEASE.jar 19:09:10 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build/compile-jar-openspcoop2 19:09:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/build 19:09:14 [INFO] [move] Moving 36 files to /var/lib/jenkins/workspace/GovWay/dist.backup 19:09:14 [INFO] [mkdir] Created dir: /var/lib/jenkins/workspace/GovWay/dist 19:09:14 [INFO] [move] Moving 36 files to /var/lib/jenkins/workspace/GovWay/dist 19:09:14 [INFO] [delete] Deleting directory /var/lib/jenkins/workspace/GovWay/dist.backup 19:09:14 [INFO] Executed tasks 19:09:14 [INFO] 19:09:14 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 19:09:14 [INFO] Building package 1.0 [62/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 19:09:14 [INFO] Building testsuite.utils 1.0 [63/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 19:09:14 [INFO] Building testsuite.utils.sql 1.0 [64/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 19:09:14 [INFO] Building testsuite.pdd.core 1.0 [65/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 19:09:14 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 19:09:14 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 19:09:14 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 19:09:14 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] 19:09:14 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 19:09:14 [INFO] Building coverage.jacoco 1.0 [70/70] 19:09:14 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:14 [INFO] ------------------------------------------------------------------------ 19:09:14 [INFO] Reactor Summary for govway 1.0: 19:09:14 [INFO] 19:09:14 [INFO] govway ............................................. SUCCESS [ 0.004 s] 19:09:14 [INFO] dependencies ....................................... SUCCESS [ 0.002 s] 19:09:14 [INFO] dependencies.ant ................................... SUCCESS [ 1.390 s] 19:09:14 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.062 s] 19:09:14 [INFO] dependencies.axiom ................................. SUCCESS [ 0.506 s] 19:09:14 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.055 s] 19:09:14 [INFO] dependencies.cxf ................................... SUCCESS [ 0.348 s] 19:09:14 [INFO] dependencies.commons ............................... SUCCESS [ 0.147 s] 19:09:14 [INFO] dependencies.faces ................................. SUCCESS [ 0.060 s] 19:09:14 [INFO] dependencies.git ................................... SUCCESS [ 0.019 s] 19:09:14 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.110 s] 19:09:14 [INFO] dependencies.jackson ............................... SUCCESS [ 0.064 s] 19:09:14 [INFO] dependencies.javax ................................. SUCCESS [ 0.092 s] 19:09:14 [INFO] dependencies.jax ................................... SUCCESS [ 0.179 s] 19:09:14 [INFO] dependencies.jetty ................................. SUCCESS [ 0.043 s] 19:09:14 [INFO] dependencies.jminix ................................ SUCCESS [ 0.074 s] 19:09:14 [INFO] dependencies.json .................................. SUCCESS [ 0.099 s] 19:09:14 [INFO] dependencies.log ................................... SUCCESS [ 0.101 s] 19:09:14 [INFO] dependencies.lucene ................................ SUCCESS [ 0.018 s] 19:09:14 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.077 s] 19:09:14 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.067 s] 19:09:14 [INFO] dependencies.pdf ................................... SUCCESS [ 0.025 s] 19:09:14 [INFO] dependencies.redis ................................. SUCCESS [ 0.068 s] 19:09:14 [INFO] dependencies.reports ............................... SUCCESS [ 0.046 s] 19:09:14 [INFO] dependencies.saaj .................................. SUCCESS [ 0.065 s] 19:09:14 [INFO] dependencies.security .............................. SUCCESS [ 0.086 s] 19:09:14 [INFO] dependencies.shared ................................ SUCCESS [ 0.208 s] 19:09:14 [INFO] dependencies.spring ................................ SUCCESS [ 0.083 s] 19:09:14 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 19:09:14 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.055 s] 19:09:14 [INFO] dependencies.swagger ............................... SUCCESS [ 0.092 s] 19:09:14 [INFO] dependencies.wadl .................................. SUCCESS [ 0.011 s] 19:09:14 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.068 s] 19:09:14 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 19:09:14 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.068 s] 19:09:14 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.090 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.026 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.030 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.026 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.024 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.021 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.022 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.024 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.028 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.023 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.023 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.021 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.024 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.022 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.021 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.021 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.020 s] 19:09:14 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.023 s] 19:09:14 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.011 s] 19:09:14 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.100 s] 19:09:14 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.011 s] 19:09:14 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.007 s] 19:09:14 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.021 s] 19:09:14 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.011 s] 19:09:14 [INFO] compile ............................................ SUCCESS [17:32 min] 19:09:14 [INFO] package ............................................ SUCCESS [ 0.001 s] 19:09:14 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 19:09:14 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 19:09:14 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.001 s] 19:09:14 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 19:09:14 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 19:09:14 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 19:09:14 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 19:09:14 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 19:09:14 [INFO] ------------------------------------------------------------------------ 19:09:14 [INFO] BUILD SUCCESS 19:09:14 [INFO] ------------------------------------------------------------------------ 19:09:14 [INFO] Total time: 17:38 min 19:09:14 [INFO] Finished at: 2026-02-11T19:09:14+01:00 19:09:14 [INFO] ------------------------------------------------------------------------ 19:09:14 [GovWay] $ /opt/apache-maven-3.6.3/bin/mvn -Dpackage.git_info.generate=false -Dpackage=package -Dcompile=none -Dowasp=none -Dtestsuite=none -Ddependencies.soapbox=true package 19:09:16 [INFO] Scanning for projects... 19:09:16 [INFO] ------------------------------------------------------------------------ 19:09:16 [INFO] Reactor Build Order: 19:09:16 [INFO] 19:09:16 [INFO] govway [pom] 19:09:16 [INFO] dependencies [pom] 19:09:16 [INFO] dependencies.ant [pom] 19:09:16 [INFO] dependencies.antinstaller [pom] 19:09:16 [INFO] dependencies.axiom [pom] 19:09:16 [INFO] dependencies.bean-validation [pom] 19:09:16 [INFO] dependencies.cxf [pom] 19:09:16 [INFO] dependencies.commons [pom] 19:09:16 [INFO] dependencies.faces [pom] 19:09:16 [INFO] dependencies.git [pom] 19:09:16 [INFO] dependencies.httpcore [pom] 19:09:16 [INFO] dependencies.jackson [pom] 19:09:16 [INFO] dependencies.javax [pom] 19:09:16 [INFO] dependencies.jax [pom] 19:09:16 [INFO] dependencies.jetty [pom] 19:09:16 [INFO] dependencies.jminix [pom] 19:09:16 [INFO] dependencies.json [pom] 19:09:16 [INFO] dependencies.log [pom] 19:09:16 [INFO] dependencies.lucene [pom] 19:09:16 [INFO] dependencies.openapi4j [pom] 19:09:16 [INFO] dependencies.opensaml [pom] 19:09:16 [INFO] dependencies.pdf [pom] 19:09:16 [INFO] dependencies.redis [pom] 19:09:16 [INFO] dependencies.reports [pom] 19:09:16 [INFO] dependencies.saaj [pom] 19:09:16 [INFO] dependencies.security [pom] 19:09:16 [INFO] dependencies.shared [pom] 19:09:16 [INFO] dependencies.spring [pom] 19:09:16 [INFO] dependencies.spring-ldap [pom] 19:09:16 [INFO] dependencies.spring-security [pom] 19:09:16 [INFO] dependencies.swagger [pom] 19:09:16 [INFO] dependencies.wadl [pom] 19:09:16 [INFO] dependencies.wss4j [pom] 19:09:16 [INFO] dependencies.testsuite [pom] 19:09:16 [INFO] dependencies.testsuite.axis14 [pom] 19:09:16 [INFO] dependencies.testsuite.as [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly9 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly10 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly11 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly12 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly13 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly14 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly15 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly16 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly17 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly18 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly19 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly20 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly21 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly22 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly23 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly24 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly25 [pom] 19:09:16 [INFO] dependencies.testsuite.as.wildfly26 [pom] 19:09:16 [INFO] dependencies.testsuite.as.tomcat9 [pom] 19:09:16 [INFO] dependencies.testsuite.test [pom] 19:09:16 [INFO] dependencies.testsuite.staticAnalysis [pom] 19:09:16 [INFO] dependencies.testsuite.dynamicAnalysis [pom] 19:09:16 [INFO] dependencies.testsuite.coverage [pom] 19:09:16 [INFO] dependencies.soapbox [pom] 19:09:16 [INFO] compile [pom] 19:09:16 [INFO] package [pom] 19:09:16 [INFO] testsuite.utils [pom] 19:09:16 [INFO] testsuite.utils.sql [pom] 19:09:16 [INFO] testsuite.pdd.core [pom] 19:09:16 [INFO] testsuite.pdd.core.sql [pom] 19:09:16 [INFO] static_analysis.spotbugs [pom] 19:09:16 [INFO] static_analysis.sonarqube [pom] 19:09:16 [INFO] dynamic_analysis.zap [pom] 19:09:16 [INFO] coverage.jacoco [pom] 19:09:17 [INFO] 19:09:17 [INFO] ------------------< org.openspcoop2:org.openspcoop2 >------------------- 19:09:17 [INFO] Building govway 1.0 [1/70] 19:09:17 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:17 [INFO] 19:09:17 [INFO] ------------< org.openspcoop2:org.openspcoop2.dependencies >------------ 19:09:17 [INFO] Building dependencies 1.0 [2/70] 19:09:17 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:17 [INFO] 19:09:17 [INFO] ----------------< org.openspcoop2:org.openspcoop2.ant >----------------- 19:09:17 [INFO] Building dependencies.ant 1.0 [3/70] 19:09:17 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:17 [INFO] 19:09:17 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.ant --- 19:09:17 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/ant (includes = [*.jar], excludes = []) 19:09:17 [INFO] 19:09:17 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.ant --- 19:09:18 [INFO] 19:09:18 [INFO] ------------< org.openspcoop2:org.openspcoop2.antinstaller >------------ 19:09:18 [INFO] Building dependencies.antinstaller 1.0 [4/70] 19:09:18 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:18 [INFO] 19:09:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.antinstaller --- 19:09:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/antinstaller (includes = [*.jar], excludes = []) 19:09:18 [INFO] 19:09:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.antinstaller --- 19:09:18 [INFO] 19:09:18 [INFO] ---------------< org.openspcoop2:org.openspcoop2.axiom >---------------- 19:09:18 [INFO] Building dependencies.axiom 1.0 [5/70] 19:09:18 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:18 [INFO] 19:09:18 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.axiom --- 19:09:18 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axiom (includes = [*.jar], excludes = []) 19:09:18 [INFO] 19:09:18 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.axiom --- 19:09:18 [INFO] 19:09:18 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.axiom --- 19:09:19 [INFO] Executing tasks 19:09:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-api-1.2.13.jar 19:09:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-dom-1.2.13.jar 19:09:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axiom/axiom-impl-1.2.13.jar 19:09:19 [INFO] Executed tasks 19:09:19 [INFO] 19:09:19 [INFO] ----------< org.openspcoop2:org.openspcoop2.bean-validation >----------- 19:09:19 [INFO] Building dependencies.bean-validation 1.0 [6/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.bean-validation --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/bean-validation (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.bean-validation --- 19:09:19 [INFO] 19:09:19 [INFO] ----------------< org.openspcoop2:org.openspcoop2.cxf >----------------- 19:09:19 [INFO] Building dependencies.cxf 1.0 [7/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.cxf --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/cxf (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.cxf --- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.cxf --- 19:09:19 [INFO] Executing tasks 19:09:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-core-3.6.8.jar 19:09:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/cxf/cxf-rt-rs-security-jose-3.6.8.jar 19:09:19 [INFO] Executed tasks 19:09:19 [INFO] 19:09:19 [INFO] --------------< org.openspcoop2:org.openspcoop2.commons >--------------- 19:09:19 [INFO] Building dependencies.commons 1.0 [8/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.commons --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/commons (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.commons --- 19:09:19 [INFO] 19:09:19 [INFO] ---------------< org.openspcoop2:org.openspcoop2.faces >---------------- 19:09:19 [INFO] Building dependencies.faces 1.0 [9/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.faces --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/faces (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.faces --- 19:09:19 [INFO] 19:09:19 [INFO] ----------------< org.openspcoop2:org.openspcoop2.git >----------------- 19:09:19 [INFO] Building dependencies.git 1.0 [10/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.git --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/git (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.git --- 19:09:19 [INFO] 19:09:19 [INFO] --------------< org.openspcoop2:org.openspcoop2.httpcore >-------------- 19:09:19 [INFO] Building dependencies.httpcore 1.0 [11/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.httpcore --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/httpcore (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.httpcore --- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.httpcore --- 19:09:19 [INFO] Executing tasks 19:09:19 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/httpcore/httpcore-ab-4.4.15.jar 19:09:19 [INFO] Executed tasks 19:09:19 [INFO] 19:09:19 [INFO] --------------< org.openspcoop2:org.openspcoop2.jackson >--------------- 19:09:19 [INFO] Building dependencies.jackson 1.0 [12/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jackson --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jackson (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jackson --- 19:09:19 [INFO] 19:09:19 [INFO] ---------------< org.openspcoop2:org.openspcoop2.javax >---------------- 19:09:19 [INFO] Building dependencies.javax 1.0 [13/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.javax --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/javax (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.javax --- 19:09:19 [INFO] 19:09:19 [INFO] ----------------< org.openspcoop2:org.openspcoop2.jax >----------------- 19:09:19 [INFO] Building dependencies.jax 1.0 [14/70] 19:09:19 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:19 [INFO] 19:09:19 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jax --- 19:09:19 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jax (includes = [*.jar], excludes = []) 19:09:19 [INFO] 19:09:19 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jax --- 19:09:19 [INFO] 19:09:19 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.jax --- 19:09:20 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/jax/jsr181-api-1.0-MR1.jar to /var/lib/jenkins/workspace/GovWay/lib/jax/jaxws-jsr181-api-2.3.1.jar 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jax --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jetty >---------------- 19:09:20 [INFO] Building dependencies.jetty 1.0 [15/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jetty --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jetty (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jetty --- 19:09:20 [INFO] 19:09:20 [INFO] ---------------< org.openspcoop2:org.openspcoop2.jminix >--------------- 19:09:20 [INFO] Building dependencies.jminix 1.0 [16/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.jminix --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/jminix (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.jminix --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.jminix --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/jminix/jminix-1.2.0.jar 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] ----------------< org.openspcoop2:org.openspcoop2.json >---------------- 19:09:20 [INFO] Building dependencies.json 1.0 [17/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.json --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/json (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.json --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.json --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/json/json-path-2.9.0.jar 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] --- copy-rename-maven-plugin:1.0:rename (rename-file) @ org.openspcoop2.json --- 19:09:20 [INFO] Renamed /var/lib/jenkins/workspace/GovWay/lib/json/json-schema-validator-1.0.73.jar to /var/lib/jenkins/workspace/GovWay/lib/json/networknt_json-schema-validator-1.0.73.jar 19:09:20 [INFO] 19:09:20 [INFO] ----------------< org.openspcoop2:org.openspcoop2.log >----------------- 19:09:20 [INFO] Building dependencies.log 1.0 [18/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.log --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/log (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.log --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.log --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/log/slf4j-api-2.0.16.jar 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] ---------------< org.openspcoop2:org.openspcoop2.lucene >--------------- 19:09:20 [INFO] Building dependencies.lucene 1.0 [19/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.lucene --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/lucene (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.lucene --- 19:09:20 [INFO] 19:09:20 [INFO] -------------< org.openspcoop2:org.openspcoop2.openapi4j >-------------- 19:09:20 [INFO] Building dependencies.openapi4j 1.0 [20/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.openapi4j --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/openapi4j (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.openapi4j --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.openapi4j --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-core-1.0.7.jar 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-parser-1.0.7.jar 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-schema-validator-1.0.7.jar 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/openapi4j/openapi-operation-validator-1.0.7.jar 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] --------------< org.openspcoop2:org.openspcoop2.opensaml >-------------- 19:09:20 [INFO] Building dependencies.opensaml 1.0 [21/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.opensaml --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/opensaml (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.opensaml --- 19:09:20 [INFO] 19:09:20 [INFO] ----------------< org.openspcoop2:org.openspcoop2.pdf >----------------- 19:09:20 [INFO] Building dependencies.pdf 1.0 [22/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.pdf --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/pdf (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.pdf --- 19:09:20 [INFO] 19:09:20 [INFO] ---------------< org.openspcoop2:org.openspcoop2.redis >---------------- 19:09:20 [INFO] Building dependencies.redis 1.0 [23/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.redis --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/redis (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.redis --- 19:09:20 [INFO] 19:09:20 [INFO] --------------< org.openspcoop2:org.openspcoop2.reports >--------------- 19:09:20 [INFO] Building dependencies.reports 1.0 [24/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.reports --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/reports (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.reports --- 19:09:20 [INFO] 19:09:20 [INFO] ----------------< org.openspcoop2:org.openspcoop2.saaj >---------------- 19:09:20 [INFO] Building dependencies.saaj 1.0 [25/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.saaj --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/saaj (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.saaj --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.saaj --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/saaj/saaj-impl-1.5.3.jar 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] --------------< org.openspcoop2:org.openspcoop2.security >-------------- 19:09:20 [INFO] Building dependencies.security 1.0 [26/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.security --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/security (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.security --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.security --- 19:09:20 [INFO] Executing tasks 19:09:20 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/security/xmlsec-2.3.4.jar 19:09:20 [INFO] Executed tasks 19:09:20 [INFO] 19:09:20 [INFO] ---------------< org.openspcoop2:org.openspcoop2.shared >--------------- 19:09:20 [INFO] Building dependencies.shared 1.0 [27/70] 19:09:20 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.shared --- 19:09:20 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/shared (includes = [*.jar], excludes = []) 19:09:20 [INFO] 19:09:20 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.shared --- 19:09:20 [INFO] 19:09:20 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.shared --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/commons-jcs3-core-3.1.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/Saxon-HE-11.4.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/shared/snakeyaml-1.33.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] ---------------< org.openspcoop2:org.openspcoop2.spring >--------------- 19:09:21 [INFO] Building dependencies.spring 1.0 [28/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-beans-5.3.39.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-5.3.39.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-context-support-5.3.39.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-core-5.3.39.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-expression-5.3.39.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring/spring-web-5.3.39.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] ------------< org.openspcoop2:org.openspcoop2.spring-ldap >------------- 19:09:21 [INFO] Building dependencies.spring-ldap 1.0 [29/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-ldap --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-ldap (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-ldap --- 19:09:21 [INFO] 19:09:21 [INFO] ----------< org.openspcoop2:org.openspcoop2.spring-security >----------- 19:09:21 [INFO] Building dependencies.spring-security 1.0 [30/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.spring-security --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/spring-security (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.spring-security --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.spring-security --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/spring-security/spring-security-crypto-5.8.16.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] --------------< org.openspcoop2:org.openspcoop2.swagger >--------------- 19:09:21 [INFO] Building dependencies.swagger 1.0 [31/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.swagger --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/swagger (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.swagger --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.swagger --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-parser-v3-2.1.6.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/swagger/swagger-request-validator-core-2.30.0.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] ----------------< org.openspcoop2:org.openspcoop2.wadl >---------------- 19:09:21 [INFO] Building dependencies.wadl 1.0 [32/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wadl --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wadl (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wadl --- 19:09:21 [INFO] 19:09:21 [INFO] ---------------< org.openspcoop2:org.openspcoop2.wss4j >---------------- 19:09:21 [INFO] Building dependencies.wss4j 1.0 [33/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.wss4j --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/wss4j (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.wss4j --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.wss4j --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-common-2.4.1.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/wss4j/wss4j-ws-security-dom-2.4.1.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] -------------< org.openspcoop2:org.openspcoop2.testsuite >-------------- 19:09:21 [INFO] Building dependencies.testsuite 1.0 [34/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.axis14 >---------- 19:09:21 [INFO] Building dependencies.testsuite.axis14 1.0 [35/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.axis14 --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/axis14 (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.axis14 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.axis14 --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-1.4.jar 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/axis14/axis-jaxrpc-1.4.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] ----< org.openspcoop2:org.openspcoop2.testsuite.applicationServer >----- 19:09:21 [INFO] Building dependencies.testsuite.as 1.0 [36/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly9 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly9 1.0 [37/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly9 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:9.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly10 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly10 1.0 [38/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly10 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:10.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly11 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly11 1.0 [39/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly11 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:11.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly12 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly12 1.0 [40/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly12 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:12.0.0.Final already exists in destination. 19:09:21 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly13 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly13 1.0 [41/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly13 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:13.0.0.Final already exists in destination. 19:09:21 [INFO] javax.json:javax.json-api:jar:1.1.2 already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly14 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly14 1.0 [42/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly14 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:14.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly15 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly15 1.0 [43/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly15 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:15.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly16 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly16 1.0 [44/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly16 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:16.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly17 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly17 1.0 [45/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly17 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:17.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly18 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly18 1.0 [46/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly18 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:18.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly19 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly19 1.0 [47/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly19 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:19.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly20 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly20 1.0 [48/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly20 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:20.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly21 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly21 1.0 [49/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly21 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:21.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly22 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly22 1.0 [50/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly22 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:22.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly23 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly23 1.0 [51/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly23 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:23.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly24 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly24 1.0 [52/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly24 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:24.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly25 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly25 1.0 [53/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly25 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:25.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.wildfly26 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.wildfly26 1.0 [54/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.wildfly26 --- 19:09:21 [INFO] org.wildfly:wildfly-client-all:jar:26.0.0.Final already exists in destination. 19:09:21 [INFO] 19:09:21 [INFO] --< org.openspcoop2:org.openspcoop2.testsuite.applicationServer.tomcat9 >-- 19:09:21 [INFO] Building dependencies.testsuite.as.tomcat9 1.0 [55/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/applicationServer/tomcat9 (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.applicationServer.tomcat9 --- 19:09:21 [INFO] 19:09:21 [INFO] -----------< org.openspcoop2:org.openspcoop2.testsuite.test >----------- 19:09:21 [INFO] Building dependencies.testsuite.test 1.0 [56/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.test --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/testsuite (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.test --- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-antrun-plugin:3.1.0:run (delete-dependencies-override-gov4j) @ org.openspcoop2.testsuite.test --- 19:09:21 [INFO] Executing tasks 19:09:21 [INFO] [delete] Deleting: /var/lib/jenkins/workspace/GovWay/lib/testsuite/apacheds-all-2.0.0.AM27.jar 19:09:21 [INFO] Executed tasks 19:09:21 [INFO] 19:09:21 [INFO] ------< org.openspcoop2:org.openspcoop2.testsuite.staticAnalysis >------ 19:09:21 [INFO] Building dependencies.testsuite.staticAnalysis 1.0 [57/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.staticAnalysis --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/staticAnalysis (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.staticAnalysis --- 19:09:21 [INFO] 19:09:21 [INFO] -----< org.openspcoop2:org.openspcoop2.testsuite.dynamicAnalysis >------ 19:09:21 [INFO] Building dependencies.testsuite.dynamicAnalysis 1.0 [58/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:21 [INFO] 19:09:21 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.dynamicAnalysis --- 19:09:21 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/dynamicAnalysis (includes = [*.jar], excludes = []) 19:09:21 [INFO] 19:09:21 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.dynamicAnalysis --- 19:09:21 [INFO] 19:09:21 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.coverage >--------- 19:09:21 [INFO] Building dependencies.testsuite.coverage 1.0 [59/70] 19:09:21 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:22 [INFO] 19:09:22 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.testsuite.coverage --- 19:09:22 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/coverage (includes = [*.jar], excludes = []) 19:09:22 [INFO] 19:09:22 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.testsuite.coverage --- 19:09:22 [INFO] 19:09:22 [INFO] --------------< org.openspcoop2:org.openspcoop2.soapbox >--------------- 19:09:22 [INFO] Building dependencies.soapbox 1.0 [60/70] 19:09:22 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:22 [INFO] 19:09:22 [INFO] --- maven-clean-plugin:3.4.0:clean (clean) @ org.openspcoop2.soapbox --- 19:09:22 [INFO] Deleting /var/lib/jenkins/workspace/GovWay/lib/soapbox (includes = [*.jar], excludes = []) 19:09:22 [INFO] 19:09:22 [INFO] --- maven-dependency-plugin:3.8.1:copy-dependencies (copy-dependencies) @ org.openspcoop2.soapbox --- 19:09:22 [INFO] 19:09:22 [INFO] --------------< org.openspcoop2:org.openspcoop2.compile >--------------- 19:09:22 [INFO] Building compile 1.0 [61/70] 19:09:22 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:22 [INFO] 19:09:22 [INFO] --------------< org.openspcoop2:org.openspcoop2.package >--------------- 19:09:22 [INFO] Building package 1.0 [62/70] 19:09:22 [INFO] --------------------------------[ pom ]--------------------------------- 19:09:22 [INFO] 19:09:22 [INFO] --- maven-antrun-plugin:3.1.0:run (default) @ org.openspcoop2.package --- 19:09:22 [INFO] Executing tasks 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: --------------------------------------- 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: WORK_DIR: /var/lib/jenkins/workspace/GovWay/dist 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: LOG_DIR: /var/lib/jenkins/workspace/GovWay/log 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: TIPO: branches 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: BUILD-SETUP: true 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: BUILD-DOC: false 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: BUILD-LIB: false 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: READ_GIT_INFO: false 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: VERSION: 3.3.18.build-master 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: --------------------------------------- 19:09:22 [INFO] [exec] WARN <2026/02/11 19:09:22>: Generazione distribuzione sorgente non eseguita su richiesta utente. 19:09:22 [INFO] [exec] ANT_OPTS: -Xmx1024m -XX:MaxMetaspaceSize=700m -XX:+UseG1GC 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: Comincio produzione distribuzione binaria 19:09:22 [INFO] [exec] INFO <2026/02/11 19:09:22>: Generazione dei pacchetti software in corso (!!NOTA: questa operazione richiede parecchi minuti) ... 20:00:58 [INFO] [exec] INFO <2026/02/11 20:00:58>: Generazione dei pacchetti software terminata correttamente 20:00:58 [INFO] [exec] INFO <2026/02/11 20:00:58>: Generazione della documentazione (Questa operazione richiede qualche minuto) ... 20:00:58 [ERROR] [exec] Result: 143 20:00:58 [INFO] Executed tasks 20:00:58 [INFO] 20:00:58 [INFO] ----------< org.openspcoop2:org.openspcoop2.testsuite.utils >----------- 20:00:58 [INFO] Building testsuite.utils 1.0 [63/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] --------< org.openspcoop2:org.openspcoop2.testsuite.utils.sql >--------- 20:00:58 [INFO] Building testsuite.utils.sql 1.0 [64/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] ---------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core >--------- 20:00:58 [INFO] Building testsuite.pdd.core 1.0 [65/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] -------< org.openspcoop2:org.openspcoop2.testsuite.pdd.core.sql >------- 20:00:58 [INFO] Building testsuite.pdd.core.sql 1.0 [66/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] ------< org.openspcoop2:org.openspcoop2.static_analysis.spotbugs >------ 20:00:58 [INFO] Building static_analysis.spotbugs 1.0 [67/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] -----< org.openspcoop2:org.openspcoop2.static_analysis.sonarqube >------ 20:00:58 [INFO] Building static_analysis.sonarqube 1.0 [68/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] --------< org.openspcoop2:org.openspcoop2.dynamic_analysis.zap >-------- 20:00:58 [INFO] Building dynamic_analysis.zap 1.0 [69/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] 20:00:58 [INFO] ----------< org.openspcoop2:org.openspcoop2.coverage.jacoco >----------- 20:00:58 [INFO] Building coverage.jacoco 1.0 [70/70] 20:00:58 [INFO] --------------------------------[ pom ]--------------------------------- 20:00:58 [INFO] ------------------------------------------------------------------------ 20:00:58 [INFO] Reactor Summary for govway 1.0: 20:00:58 [INFO] 20:00:58 [INFO] govway ............................................. SUCCESS [ 0.005 s] 20:00:58 [INFO] dependencies ....................................... SUCCESS [ 0.002 s] 20:00:58 [INFO] dependencies.ant ................................... SUCCESS [ 1.500 s] 20:00:58 [INFO] dependencies.antinstaller .......................... SUCCESS [ 0.038 s] 20:00:58 [INFO] dependencies.axiom ................................. SUCCESS [ 0.521 s] 20:00:58 [INFO] dependencies.bean-validation ....................... SUCCESS [ 0.053 s] 20:00:58 [INFO] dependencies.cxf ................................... SUCCESS [ 0.299 s] 20:00:58 [INFO] dependencies.commons ............................... SUCCESS [ 0.128 s] 20:00:58 [INFO] dependencies.faces ................................. SUCCESS [ 0.060 s] 20:00:58 [INFO] dependencies.git ................................... SUCCESS [ 0.020 s] 20:00:58 [INFO] dependencies.httpcore .............................. SUCCESS [ 0.120 s] 20:00:58 [INFO] dependencies.jackson ............................... SUCCESS [ 0.068 s] 20:00:58 [INFO] dependencies.javax ................................. SUCCESS [ 0.047 s] 20:00:58 [INFO] dependencies.jax ................................... SUCCESS [ 0.187 s] 20:00:58 [INFO] dependencies.jetty ................................. SUCCESS [ 0.044 s] 20:00:58 [INFO] dependencies.jminix ................................ SUCCESS [ 0.075 s] 20:00:58 [INFO] dependencies.json .................................. SUCCESS [ 0.147 s] 20:00:58 [INFO] dependencies.log ................................... SUCCESS [ 0.094 s] 20:00:58 [INFO] dependencies.lucene ................................ SUCCESS [ 0.019 s] 20:00:58 [INFO] dependencies.openapi4j ............................. SUCCESS [ 0.063 s] 20:00:58 [INFO] dependencies.opensaml .............................. SUCCESS [ 0.054 s] 20:00:58 [INFO] dependencies.pdf ................................... SUCCESS [ 0.022 s] 20:00:58 [INFO] dependencies.redis ................................. SUCCESS [ 0.054 s] 20:00:58 [INFO] dependencies.reports ............................... SUCCESS [ 0.043 s] 20:00:58 [INFO] dependencies.saaj .................................. SUCCESS [ 0.061 s] 20:00:58 [INFO] dependencies.security .............................. SUCCESS [ 0.077 s] 20:00:58 [INFO] dependencies.shared ................................ SUCCESS [ 0.197 s] 20:00:58 [INFO] dependencies.spring ................................ SUCCESS [ 0.082 s] 20:00:58 [INFO] dependencies.spring-ldap ........................... SUCCESS [ 0.009 s] 20:00:58 [INFO] dependencies.spring-security ....................... SUCCESS [ 0.051 s] 20:00:58 [INFO] dependencies.swagger ............................... SUCCESS [ 0.081 s] 20:00:58 [INFO] dependencies.wadl .................................. SUCCESS [ 0.010 s] 20:00:58 [INFO] dependencies.wss4j ................................. SUCCESS [ 0.059 s] 20:00:58 [INFO] dependencies.testsuite ............................. SUCCESS [ 0.001 s] 20:00:58 [INFO] dependencies.testsuite.axis14 ...................... SUCCESS [ 0.058 s] 20:00:58 [INFO] dependencies.testsuite.as .......................... SUCCESS [ 0.001 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly9 ................. SUCCESS [ 0.019 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly10 ................ SUCCESS [ 0.025 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly11 ................ SUCCESS [ 0.029 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly12 ................ SUCCESS [ 0.025 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly13 ................ SUCCESS [ 0.025 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly14 ................ SUCCESS [ 0.024 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly15 ................ SUCCESS [ 0.025 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly16 ................ SUCCESS [ 0.026 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly17 ................ SUCCESS [ 0.029 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly18 ................ SUCCESS [ 0.024 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly19 ................ SUCCESS [ 0.026 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly20 ................ SUCCESS [ 0.086 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly21 ................ SUCCESS [ 0.023 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly22 ................ SUCCESS [ 0.023 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly23 ................ SUCCESS [ 0.021 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly24 ................ SUCCESS [ 0.021 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly25 ................ SUCCESS [ 0.021 s] 20:00:58 [INFO] dependencies.testsuite.as.wildfly26 ................ SUCCESS [ 0.021 s] 20:00:58 [INFO] dependencies.testsuite.as.tomcat9 .................. SUCCESS [ 0.009 s] 20:00:58 [INFO] dependencies.testsuite.test ........................ SUCCESS [ 0.104 s] 20:00:58 [INFO] dependencies.testsuite.staticAnalysis .............. SUCCESS [ 0.011 s] 20:00:58 [INFO] dependencies.testsuite.dynamicAnalysis ............. SUCCESS [ 0.007 s] 20:00:58 [INFO] dependencies.testsuite.coverage .................... SUCCESS [ 0.022 s] 20:00:58 [INFO] dependencies.soapbox ............................... SUCCESS [ 0.012 s] 20:00:58 [INFO] compile ............................................ SUCCESS [ 0.001 s] 20:00:58 [INFO] package ............................................ SUCCESS [51:36 min] 20:00:58 [INFO] testsuite.utils .................................... SUCCESS [ 0.000 s] 20:00:58 [INFO] testsuite.utils.sql ................................ SUCCESS [ 0.001 s] 20:00:58 [INFO] testsuite.pdd.core ................................. SUCCESS [ 0.000 s] 20:00:58 [INFO] testsuite.pdd.core.sql ............................. SUCCESS [ 0.001 s] 20:00:58 [INFO] static_analysis.spotbugs ........................... SUCCESS [ 0.000 s] 20:00:58 [INFO] static_analysis.sonarqube .......................... SUCCESS [ 0.001 s] 20:00:58 [INFO] dynamic_analysis.zap ............................... SUCCESS [ 0.000 s] 20:00:58 [INFO] coverage.jacoco .................................... SUCCESS [ 0.001 s] 20:00:58 [INFO] ------------------------------------------------------------------------ 20:00:58 [INFO] BUILD SUCCESS 20:00:58 [INFO] ------------------------------------------------------------------------ 20:00:58 [INFO] Total time: 51:42 min 20:00:58 [INFO] Finished at: 2026-02-11T20:00:58+01:00 20:00:58 [INFO] ------------------------------------------------------------------------ 20:00:59 Build was aborted 20:00:59 Aborted by Andrea Poli 20:00:59 INFO: Processing JUnit 20:00:59 INFO: [JUnit] - 2 test report file(s) were found with the pattern 'tools/rs/*/server/testsuite/risultati-testsuite/TEST-*.xml' relative to '/var/lib/jenkins/workspace/GovWay' for the testing framework 'JUnit'. 20:00:59 ERROR: Step ‘Publish xUnit test result report’ failed: Test reports were found but not all of them are new. Did all the tests run? 20:00:59 * /var/lib/jenkins/workspace/GovWay/tools/rs/config/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.config.rs.testsuite.ApiConfigTestSuite.xml is 13 hr old 20:00:59 * /var/lib/jenkins/workspace/GovWay/tools/rs/monitor/server/testsuite/risultati-testsuite/TEST-org.openspcoop2.core.monitor.rs.testsuite.ApiMonitorTestSuite.xml is 13 hr old 20:00:59 20:00:59 Build Aborted. Not looking for any TestNG results. 20:00:59 Collecting Dependency-Check artifact 20:00:59 Parsing file /var/lib/jenkins/workspace/GovWay/dependency-check-result/dependency-check-report.xml 20:00:59 [analysis] Skipping execution of recorder since overall result is 'ABORTED' 20:00:59 Started calculate disk usage of build 20:00:59 Finished Calculation of disk usage of build in 0 seconds 20:00:59 Started calculate disk usage of workspace 20:01:00 Finished Calculation of disk usage of workspace in 0 seconds 20:01:00 Finished: ABORTED