{ "_class" : "io.jenkins.plugins.analysis.core.restapi.ReportApi", "issues" : [ { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "hazelcast-5.3.8.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/hazelcast-5.3.8.jar", "fingerprint" : "FALLBACK-764e83c4", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-72hv-8253-57qq-jackson-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-72hv-8253-57qq medium vulnerability for jackson-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-72hv-8253-57qq**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | jackson-core | 2.15.2 | 2.18.6 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/hazelcast-5.3.8.jar | github:language:java | [GHSA-72hv-8253-57qq](https://github.com/advisories/GHSA-72hv-8253-57qq) |\u000a\u000a\u000aA medium vulnerability in java-archive package: jackson-core, version 2.15.2 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/hazelcast-5.3.8.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1445", "severity" : "NORMAL", "toString" : "hazelcast-5.3.8.jar(1,0): GHSA-72hv-8253-57qq-jackson-core: : GHSA-72hv-8253-57qq-jackson-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-72hv-8253-57qq medium vulnerability for jackson-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-72hv-8253-57qq**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | jackson-core | 2.15.2 | 2.18.6 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/hazelcast-5.3.8.jar | github:language:java | [GHSA-72hv-8253-57qq](https://github.com/advisories/GHSA-72hv-8253-57qq) |\u000a\u000a\u000aA medium vulnerability in java-archive package: jackson-core, version 2.15.2 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/hazelcast-5.3.8.jar", "type" : "GHSA-72hv-8253-57qq-jackson-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-1.2-api-2.25.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-1.2-api-2.25.3.jar", "fingerprint" : "FALLBACK-9b8f2042", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-h383-gmxw-35v2-log4j-1.2-api: JavaMatcherExactDirectMatch\u000a\u000aGHSA-h383-gmxw-35v2 medium vulnerability for log4j-1.2-api package\u000a\u000aFor additional help see: **Vulnerability GHSA-h383-gmxw-35v2**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-1.2-api | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-1.2-api-2.25.3.jar | github:language:java | [GHSA-h383-gmxw-35v2](https://github.com/advisories/GHSA-h383-gmxw-35v2) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-1.2-api, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-1.2-api-2.25.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1445", "severity" : "NORMAL", "toString" : "log4j-1.2-api-2.25.3.jar(1,0): GHSA-h383-gmxw-35v2-log4j-1.2-api: : GHSA-h383-gmxw-35v2-log4j-1.2-api: JavaMatcherExactDirectMatch\u000a\u000aGHSA-h383-gmxw-35v2 medium vulnerability for log4j-1.2-api package\u000a\u000aFor additional help see: **Vulnerability GHSA-h383-gmxw-35v2**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-1.2-api | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-1.2-api-2.25.3.jar | github:language:java | [GHSA-h383-gmxw-35v2](https://github.com/advisories/GHSA-h383-gmxw-35v2) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-1.2-api, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-1.2-api-2.25.3.jar", "type" : "GHSA-h383-gmxw-35v2-log4j-1.2-api" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.25.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "fingerprint" : "FALLBACK-ef08f755", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-3pxv-7cmr-fjr4-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-3pxv-7cmr-fjr4 medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-3pxv-7cmr-fjr4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.25.3.jar | github:language:java | [GHSA-3pxv-7cmr-fjr4](https://github.com/advisories/GHSA-3pxv-7cmr-fjr4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1445", "severity" : "NORMAL", "toString" : "log4j-core-2.25.3.jar(1,0): GHSA-3pxv-7cmr-fjr4-log4j-core: : GHSA-3pxv-7cmr-fjr4-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-3pxv-7cmr-fjr4 medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-3pxv-7cmr-fjr4**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govwayAPIConfig.war:WEB-INF/lib/log4j-core-2.25.3.jar | github:language:java | [GHSA-3pxv-7cmr-fjr4](https://github.com/advisories/GHSA-3pxv-7cmr-fjr4) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "type" : "GHSA-3pxv-7cmr-fjr4-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.25.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "fingerprint" : "FALLBACK-e127ea56", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-445c-vh5m-36rj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-445c-vh5m-36rj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-445c-vh5m-36rj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar | github:language:java | [GHSA-445c-vh5m-36rj](https://github.com/advisories/GHSA-445c-vh5m-36rj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1445", "severity" : "NORMAL", "toString" : "log4j-core-2.25.3.jar(1,0): GHSA-445c-vh5m-36rj-log4j-core: : GHSA-445c-vh5m-36rj-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-445c-vh5m-36rj medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-445c-vh5m-36rj**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar | github:language:java | [GHSA-445c-vh5m-36rj](https://github.com/advisories/GHSA-445c-vh5m-36rj) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "type" : "GHSA-445c-vh5m-36rj-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-core-2.25.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "fingerprint" : "FALLBACK-c52ae8e5", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-6hg6-v5c8-fphq-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-6hg6-v5c8-fphq medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-6hg6-v5c8-fphq**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.25.3.jar | github:language:java | [GHSA-6hg6-v5c8-fphq](https://github.com/advisories/GHSA-6hg6-v5c8-fphq) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1445", "severity" : "NORMAL", "toString" : "log4j-core-2.25.3.jar(1,0): GHSA-6hg6-v5c8-fphq-log4j-core: : GHSA-6hg6-v5c8-fphq-log4j-core: JavaMatcherExactDirectMatch\u000a\u000aGHSA-6hg6-v5c8-fphq medium vulnerability for log4j-core package\u000a\u000aFor additional help see: **Vulnerability GHSA-6hg6-v5c8-fphq**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-core | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govwayMonitor.war:WEB-INF/lib/log4j-core-2.25.3.jar | github:language:java | [GHSA-6hg6-v5c8-fphq](https://github.com/advisories/GHSA-6hg6-v5c8-fphq) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-core, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-core-2.25.3.jar", "type" : "GHSA-6hg6-v5c8-fphq-log4j-core" }, { "addedAt" : 0, "authorEmail" : "-", "authorName" : "-", "baseName" : "log4j-layout-template-json-2.25.3.jar", "category" : "", "columnEnd" : 0, "columnStart" : 0, "commit" : "-", "description" : "", "fileName" : "govway//usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-layout-template-json-2.25.3.jar", "fingerprint" : "FALLBACK-f3d2e779", "lineEnd" : 1, "lineStart" : 1, "message" : "GHSA-w35j-pv5h-q9q9-log4j-layout-template-json: JavaMatcherExactDirectMatch\u000a\u000aGHSA-w35j-pv5h-q9q9 medium vulnerability for log4j-layout-template-json package\u000a\u000aFor additional help see: **Vulnerability GHSA-w35j-pv5h-q9q9**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-layout-template-json | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-layout-template-json-2.25.3.jar | github:language:java | [GHSA-w35j-pv5h-q9q9](https://github.com/advisories/GHSA-w35j-pv5h-q9q9) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-layout-template-json, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-layout-template-json-2.25.3.jar", "moduleName" : "", "origin" : "grype", "originName" : "Grype Security Scanner", "packageName" : "-", "reference" : "1445", "severity" : "NORMAL", "toString" : "log4j-layout-template-json-2.25.3.jar(1,0): GHSA-w35j-pv5h-q9q9-log4j-layout-template-json: : GHSA-w35j-pv5h-q9q9-log4j-layout-template-json: JavaMatcherExactDirectMatch\u000a\u000aGHSA-w35j-pv5h-q9q9 medium vulnerability for log4j-layout-template-json package\u000a\u000aFor additional help see: **Vulnerability GHSA-w35j-pv5h-q9q9**\u000a| Severity | Package | Version | Fix Version | Type | Location | Data Namespace | Link |\u000a| --- | --- | --- | --- | --- | --- | --- | --- |\u000a| medium | log4j-layout-template-json | 2.25.3 | 2.25.4 | java-archive | /usr/local/tomcat/webapps/govwayAPIMonitor.war:WEB-INF/lib/log4j-layout-template-json-2.25.3.jar | github:language:java | [GHSA-w35j-pv5h-q9q9](https://github.com/advisories/GHSA-w35j-pv5h-q9q9) |\u000a\u000a\u000aA medium vulnerability in java-archive package: log4j-layout-template-json, version 2.25.3 was found in image linkitaly/govway:master4 at: /usr/local/tomcat/webapps/govway.war:WEB-INF/lib/log4j-layout-template-json-2.25.3.jar", "type" : "GHSA-w35j-pv5h-q9q9-log4j-layout-template-json" } ], "size" : 6, "toString" : "6 warnings (normal: 6)" }