Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: google group | github issues

Project: apache-nutch

Scan Information (show all):

Display: Showing Vulnerable Dependencies (click to show all)

DependencyCPECoordinatesHighest SeverityCVE CountCPE ConfidenceEvidence Count
ST4-4.0.8.jarorg.antlr:ST4:4.0.8 017
amqp-client-5.2.0.jarcpe:/a:pivotal_software:rabbitmq:5.2.0com.rabbitmq:amqp-client:5.2.0 0Low36
animal-sniffer-annotations-1.14.jarorg.codehaus.mojo:animal-sniffer-annotations:1.14 020
antlr-runtime-3.5.2.jarorg.antlr:antlr-runtime:3.5.2 022
antlr4-4.5.1.jarorg.antlr:antlr4:4.5.1  022
aopalliance-1.0.jaraopalliance:aopalliance:1.0  020
apacheds-i18n-2.0.0-M15.jarorg.apache.directory.server:apacheds-i18n:2.0.0-M15  038
apacheds-kerberos-codec-2.0.0-M15.jarorg.apache.directory.server:apacheds-kerberos-codec:2.0.0-M15  038
api-asn1-api-1.0.0-M20.jarorg.apache.directory.api:api-asn1-api:1.0.0-M20  038
api-util-1.0.0-M20.jarcpe:/a:apache:directory_ldap_api:1.0.0.m30org.apache.directory.api:api-util:1.0.0-M20Medium1Low23
args4j-2.0.16.jarargs4j:args4j:2.0.16 017
ascii-utf-themes-0.0.1.jarde.vandermeer:ascii-utf-themes:0.0.1 019
asciitable-0.3.2.jarde.vandermeer:asciitable:0.3.2 019
asm-3.3.1.jarasm:asm:3.3.1  021
asm-5.0.4.jarorg.ow2.asm:asm:5.0.4  030
avro-1.7.4.jarorg.apache.avro:avro:1.7.4 024
bootstrap-3.0.3.jarorg.webjars:bootstrap:3.0.3 014
cglib-2.2.1-v20090111.jarorg.sonatype.sisu.inject:cglib:2.2.1-v20090111  024
cglib-2.2.2.jarcglib:cglib:2.2.2  022
char-translation-0.0.2.jarde.vandermeer:char-translation:0.0.2 019
checker-compat-qual-2.0.0.jarorg.checkerframework:checker-compat-qual:2.0.0  023
closure-compiler-v20130603.jarcpe:/a:google:gmail:-com.google.javascript:closure-compiler:v20130603 Medium1Low27
commons-beanutils-1.7.0.jarcpe:/a:apache:commons_beanutils:1.7.0commons-beanutils:commons-beanutils:1.7.0 High1Low22
commons-beanutils-core-1.8.0.jarcpe:/a:apache:commons_beanutils:1.8.0commons-beanutils:commons-beanutils-core:1.8.0 High1Low30
commons-cli-1.2.jarcommons-cli:commons-cli:1.2 031
commons-codec-1.11.jarcommons-codec:commons-codec:1.11 037
commons-collections-3.2.2.jarcpe:/a:apache:commons_collections:3.2.2commons-collections:commons-collections:3.2.2 0Low37
commons-collections4-4.1.jarcpe:/a:apache:commons_collections:4.1org.apache.commons:commons-collections4:4.1 0Low35
commons-compress-1.16.1.jarcpe:/a:apache:commons-compress:1.16.1org.apache.commons:commons-compress:1.16.1 0Low41
commons-configuration-1.6.jarcommons-configuration:commons-configuration:1.6 031
commons-daemon-1.0.13.jarcpe:/a:apache:apache_commons_daemon:1.0.13commons-daemon:commons-daemon:1.0.13 0Low33
commons-digester-1.8.jarcommons-digester:commons-digester:1.8  034
commons-httpclient-3.1.jarcpe:/a:apache:httpclient:3.1
cpe:/a:apache:commons-httpclient:3.1
commons-httpclient:commons-httpclient:3.1  0Low29
commons-io-2.4.jarcommons-io:commons-io:2.4 033
commons-jexl-2.1.1.jarorg.apache.commons:commons-jexl:2.1.1 033
commons-lang-2.6.jarcommons-lang:commons-lang:2.6 031
commons-lang3-3.7.jarorg.apache.commons:commons-lang3:3.7 037
commons-logging-1.2.jarcommons-logging:commons-logging:1.2 033
commons-math3-3.1.1.jarorg.apache.commons:commons-math3:3.1.1 033
commons-net-3.1.jarcommons-net:commons-net:3.1 033
crawler-commons-0.10.jarcom.github.crawler-commons:crawler-commons:0.10 019
curator-client-2.7.1.jarorg.apache.curator:curator-client:2.7.1 023
curator-framework-2.7.1.jarcpe:/a:apache:zookeeper:2.7.1org.apache.curator:curator-framework:2.7.1Medium3Low23
curator-recipes-2.7.1.jarorg.apache.curator:curator-recipes:2.7.1 023
cxf-core-3.1.15.jarcpe:/a:apache:cxf:3.1.15org.apache.cxf:cxf-core:3.1.15Medium1Highest31
dom4j-1.6.1.jardom4j:dom4j:1.6.1  043
error_prone_annotations-2.1.3.jarcom.google.errorprone:error_prone_annotations:2.1.3 019
gson-2.2.4.jarcom.google.code.gson:gson:2.2.4  035
guava-25.0-jre.jarcom.google.guava:guava:25.0-jre 027
guice-3.0.jarcom.google.inject:guice:3.0  033
guice-servlet-3.0.jarcom.google.inject.extensions:guice-servlet:3.0  033
h2-1.4.197.jarcpe:/a:h2database:h2:1.4.197com.h2database:h2:1.4.197 Medium2Highest27
hadoop-client-2.2.0.jarcpe:/a:apache:hadoop:2.2.0org.apache.hadoop:hadoop-client:2.2.0High7Highest16
hadoop-mapreduce-client-core-2.7.4.jarcpe:/a:apache:hadoop:2.7.4org.apache.hadoop:hadoop-mapreduce-client-core:2.7.4Medium1Highest19
htmlparser-1.6.jarorg.htmlparser:htmlparser:1.6  018
htrace-core-3.1.0-incubating.jarcpe:/a:fasterxml:jackson:3.1.0org.apache.htrace:htrace-core:3.1.0-incubating  0Low31
httpclient-4.5.5.jarcpe:/a:apache:httpclient:4.5.5org.apache.httpcomponents:httpclient:4.5.5 0Low30
httpcore-4.4.9.jarorg.apache.httpcomponents:httpcore:4.4.9 030
httpcore-nio-4.4.9.jarorg.apache.httpcomponents:httpcore-nio:4.4.9 030
icu4j-61.1.jarcom.ibm.icu:icu4j:61.1  034
j2objc-annotations-1.1.jarcom.google.j2objc:j2objc-annotations:1.1 019
jackson-annotations-2.9.0.jarcpe:/a:fasterxml:jackson:2.9.0com.fasterxml.jackson.core:jackson-annotations:2.9.0 0Low35
jackson-core-2.9.5.jarcpe:/a:fasterxml:jackson:2.9.5com.fasterxml.jackson.core:jackson-core:2.9.5 0Low37
jackson-core-asl-1.9.13.jarcpe:/a:fasterxml:jackson:1.9.13org.codehaus.jackson:jackson-core-asl:1.9.13  0Low34
jackson-databind-2.9.5.jarcpe:/a:fasterxml:jackson:2.9.5
cpe:/a:fasterxml:jackson-databind:2.9.5
com.fasterxml.jackson.core:jackson-databind:2.9.5 0Low37
java-xmlbuilder-0.4.jarcom.jamesmurty.utils:java-xmlbuilder:0.4 019
javassist-3.12.1.GA.jarjavassist:javassist:3.12.1.GA 016
javax.annotation-api-1.2.jarjavax.annotation:javax.annotation-api:1.2 035
javax.inject-1.jarjavax.inject:javax.inject:1  020
javax.persistence-2.2.0.jarorg.eclipse.persistence:javax.persistence:2.2.0  035
javax.servlet-api-3.1.0.jarjavax.servlet:javax.servlet-api:3.1.0 033
javax.ws.rs-api-2.0.1.jarcpe:/a:ws_project:ws:2.0.1javax.ws.rs:javax.ws.rs-api:2.0.1 0Low33
jaxb-api-2.2.11.jarjavax.xml.bind:jaxb-api:2.2.11 035
jaxb-core-2.2.11.jarcom.sun.xml.bind:jaxb-core:2.2.11  038
jaxb-impl-2.2.11.jarcom.sun.xml.bind:jaxb-impl:2.2.11  041
jersey-client-1.19.4.jarcom.sun.jersey:jersey-client:1.19.4 025
jersey-core-1.9.jarcom.sun.jersey:jersey-core:1.9 025
jersey-guice-1.9.jarcom.sun.jersey.contribs:jersey-guice:1.9 018
jersey-json-1.9.jarcom.sun.jersey:jersey-json:1.9 025
jersey-server-1.9.jarcom.sun.jersey:jersey-server:1.9 025
jettison-1.1.jarorg.codehaus.jettison:jettison:1.1 019
jetty-6.1.26.jarcpe:/a:mortbay_jetty:jetty:6.1.26
cpe:/a:mortbay:jetty:6.1.26
cpe:/a:jetty:jetty:6.1.26
org.mortbay.jetty:jetty:6.1.26Medium1Low29
jetty-http-9.2.22.v20170606.jarcpe:/a:jetty:jetty:9.2.22.v20170606
cpe:/a:eclipse:jetty:9.2.22.v20170606
org.eclipse.jetty:jetty-http:9.2.22.v20170606High4Low31
jetty-io-9.2.22.v20170606.jarorg.eclipse.jetty:jetty-io:9.2.22.v20170606 031
joda-time-2.3.jarjoda-time:joda-time:2.3 031
jquery-2.0.3-1.jarorg.webjars:jquery:2.0.3-1 014
jquery-selectors-0.0.3.jarde.agilecoders.wicket:jquery-selectors:0.0.3 018
jquery-ui-1.10.2-1.jarorg.webjars:jquery-ui:1.10.2-1 014
jquerypp-1.0.1.jarorg.webjars:jquerypp:1.0.1 014
jsch-0.1.54.jarcpe:/a:jcraft:jsch:0.1.54com.jcraft:jsch:0.1.54 0Low21
jsp-api-2.1.jarjavax.servlet.jsp:jsp-api:2.1  024
jsr305-3.0.0.jarcom.google.code.findbugs:jsr305:3.0.0  025
juniversalchardet-1.0.3.jarcom.googlecode.juniversalchardet:juniversalchardet:1.0.3 019
leveldbjni-all-1.8.jarcpe:/a:id:id-software:1.8org.fusesource.leveldbjni:leveldbjni-all:1.8 0Low27
log4j-1.2.17.jarcpe:/a:apache:log4j:1.2.17log4j:log4j:1.2.17 0Low27
maven-parent-config-0.3.4.jarde.agilecoders.maven:maven-parent-config:0.3.4 010
modernizr-2.6.2-1.jarorg.webjars:modernizr:2.6.2-1 014
neethi-3.1.1.jarcpe:/a:apache:apache_test:3.1.1org.apache.neethi:neethi:3.1.1 0Low35
netty-3.6.2.Final.jarcpe:/a:netty_project:netty:3.6.2io.netty:netty:3.6.2.FinalMedium3Highest25
netty-all-4.0.23.Final.jarcpe:/a:netty_project:netty:4.0.23io.netty:netty-all:4.0.23.FinalHigh2Highest16
objenesis-2.6.jarorg.objenesis:objenesis:2.6  039
ormlite-core-5.1.jarcom.j256.ormlite:ormlite-core:5.1 014
ormlite-jdbc-5.1.jarcom.j256.ormlite:ormlite-jdbc:5.1 014
paranamer-2.3.jarcom.thoughtworks.paranamer:paranamer:2.3 017
protobuf-java-2.5.0.jarcpe:/a:google:protobuf:2.5.0com.google.protobuf:protobuf-java:2.5.0Medium1Highest25
reflections-0.9.8.jarorg.reflections:reflections:0.9.8 019
servlet-api-2.5-20081211.jarcpe:/a:mortbay:jetty:2.5.200812
cpe:/a:mortbay_jetty:jetty:2.5.200812
cpe:/a:jetty:jetty:2.5.200812
org.mortbay.jetty:servlet-api:2.5-20081211Medium5Low28
servlet-api-2.5.jarjavax.servlet:servlet-api:2.5  035
skb-interfaces-0.0.1.jarde.vandermeer:skb-interfaces:0.0.1 020
slf4j-api-1.7.25.jarcpe:/a:slf4j:slf4j:1.7.25org.slf4j:slf4j-api:1.7.25 0Low27
snappy-java-1.0.4.1.jarorg.xerial.snappy:snappy-java:1.0.4.1 025
spring-core-4.0.9.RELEASE.jarcpe:/a:pivotal_software:spring_framework:4.0.9
cpe:/a:pivotal:spring_framework:4.0.9
org.springframework:spring-core:4.0.9.RELEASE High5Highest28
stax2-api-3.1.4.jarorg.codehaus.woodstox:stax2-api:3.1.4 025
t-digest-3.2.jarcom.tdunning:t-digest:3.2 019
tika-core-1.19.1.jarcpe:/a:apache:tika:1.19.1org.apache.tika:tika-core:1.19.1 0Low41
typeaheadjs-0.9.3.jarorg.webjars:typeaheadjs:0.9.3 014
warc-hadoop-0.1.0.jarcom.martinkl.warc:warc-hadoop:0.1.0  020
webarchive-commons-1.1.5.jarorg.netpreserve.commons:webarchive-commons:1.1.5 017
wicket-bootstrap-core-0.9.2.jarde.agilecoders.wicket:wicket-bootstrap-core:0.9.2 025
wicket-bootstrap-extensions-0.9.2.jarde.agilecoders.wicket:wicket-bootstrap-extensions:0.9.2 025
wicket-core-6.17.0.jarcpe:/a:apache:wicket:6.17.0org.apache.wicket:wicket-core:6.17.0Medium4Highest29
wicket-extensions-6.13.0.jarcpe:/a:apache:wicket:6.13.0org.apache.wicket:wicket-extensions:6.13.0Medium6Highest29
wicket-webjars-0.4.0.jarde.agilecoders.wicket.webjars:wicket-webjars:0.4.0 018
woodstox-core-asl-4.4.1.jarorg.codehaus.woodstox:woodstox-core-asl:4.4.1  034
wsdl4j-1.6.3.jarwsdl4j:wsdl4j:1.6.3  027
xercesImpl-2.11.0.jarcpe:/a:apache:xerces2_java:2.11.0xerces:xercesImpl:2.11.0 High1Highest55
xml-apis-1.4.01.jarxml-apis:xml-apis:1.4.01  050
xml-resolver-1.2.jarxml-resolver:xml-resolver:1.2  028
xmlParserAPIs-2.6.2.jarxerces:xmlParserAPIs:2.6.1  038
xmlenc-0.52.jarxmlenc:xmlenc:0.52  023
xmlschema-core-2.2.3.jarcpe:/a:ws_project:ws:2.2.3org.apache.ws.xmlschema:xmlschema-core:2.2.3 0Low26
zookeeper-3.4.6.jarcpe:/a:apache:zookeeper:3.4.6org.apache.zookeeper:zookeeper:3.4.6 Medium4Highest25
any23.jar 09
apache-any23-api-2.2.jarorg.apache.any23:apache-any23-api:2.2 028
apache-any23-core-2.2.jarorg.apache.any23:apache-any23-core:2.2 028
apache-any23-csvutils-2.2.jarorg.apache.any23:apache-any23-csvutils:2.2 028
apache-any23-encoding-2.2.jarorg.apache.any23:apache-any23-encoding:2.2 028
apache-any23-mime-2.2.jarorg.apache.any23:apache-any23-mime:2.2 028
apache-mime4j-core-0.8.1.jarcpe:/a:apache:james:0.8.1org.apache.james:apache-mime4j-core:0.8.1 0Low27
bcmail-jdk15on-1.54.jarorg.bouncycastle:bcmail-jdk15on:1.54  045
bcpkix-jdk15on-1.54.jarorg.bouncycastle:bcpkix-jdk15on:1.54  041
bcprov-jdk15on-1.54.jarcpe:/a:bouncycastle:bouncy_castle_crypto_package:1.54
cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.54
org.bouncycastle:bcprov-jdk15on:1.54  0Low41
boilerpipe-1.1.0.jarcpe:/a:html-pages_project:html-pages:1.1.0de.l3s.boilerpipe:boilerpipe:1.1.0  0Low22
bzip2-0.9.1.jarcpe:/a:bzip:bzip2:0.9.1org.itadaki:bzip2:0.9.1Medium3Low17
c3p0-0.9.1.1.jarc3p0:c3p0:0.9.1.1  026
caffeine-2.5.6.jarcom.github.ben-manes.caffeine:caffeine:2.5.6  028
cdm-4.5.5.jaredu.ucar:cdm:4.5.5 022
commons-codec-1.10.jarcommons-codec:commons-codec:1.10 035
commons-csv-1.5.jarorg.apache.commons:commons-csv:1.5 037
commons-exec-1.3.jarorg.apache.commons:commons-exec:1.3 035
commons-rdf-api-0.5.0.jarorg.apache.commons:commons-rdf-api:0.5.0  046
curvesapi-1.04.jarcom.github.virtuald:curvesapi:1.04 017
cxf-core-3.0.16.jarcpe:/a:apache:cxf:3.0.16org.apache.cxf:cxf-core:3.0.16Medium3Highest31
ehcache-core-2.6.2.jarnet.sf.ehcache:ehcache-core:2.6.2 016
fluent-hc-4.5.3.jarcpe:/a:apache:httpclient:4.5.3org.apache.httpcomponents:fluent-hc:4.5.3 0Low28
fontbox-2.0.8.jarcpe:/a:apache:pdfbox:2.0.8org.apache.pdfbox:fontbox:2.0.8 0Low33
geoapi-3.0.0.jarorg.opengis:geoapi:3.0.0 025
grib-4.5.5.jaredu.ucar:grib:4.5.5 022
gson-2.8.1.jarcom.google.code.gson:gson:2.8.1 025
guava-20.0.jarcom.google.guava:guava:20.0 025
guice-4.1.0.jarcglib:cglib:3.2.0 024
guice-assistedinject-4.1.0.jarcom.google.inject.extensions:guice-assistedinject:4.1.0  033
guice-multibindings-4.1.0.jarcom.google.inject.extensions:guice-multibindings:4.1.0  033
httpclient-4.5.3.jarcpe:/a:apache:httpclient:4.5.3org.apache.httpcomponents:httpclient:4.5.3 0Low28
httpcore-4.4.6.jarorg.apache.httpcomponents:httpcore:4.4.6 030
httpcore-nio-4.4.6.jarorg.apache.httpcomponents:httpcore-nio:4.4.6 028
httpcore-osgi-4.4.6.jarorg.apache.httpcomponents:httpcore-osgi:4.4.6  041
httpmime-4.5.3.jarorg.apache.httpcomponents:httpmime:4.5.3 028
httpservices-4.5.5.jaredu.ucar:httpservices:4.5.5 020
isoparser-1.1.18.jarcom.googlecode.mp4parser:isoparser:1.1.18 015
jackcess-2.1.8.jarcom.healthmarketscience.jackcess:jackcess:2.1.8 025
jackcess-encrypt-2.1.2.jarcom.healthmarketscience.jackcess:jackcess-encrypt:2.1.2 025
jackson-core-2.9.2.jarcpe:/a:fasterxml:jackson:2.9.2com.fasterxml.jackson.core:jackson-core:2.9.2 0Low37
jackson-databind-2.9.0.jarcpe:/a:fasterxml:jackson-databind:2.9.0
cpe:/a:fasterxml:jackson:2.9.0
com.fasterxml.jackson.core:jackson-databind:2.9.0High3Highest35
java-libpst-0.8.1.jarcom.pff:java-libpst:0.8.1 015
jcip-annotations-1.0.jarnet.jcip:jcip-annotations:1.0  020
jcl-over-slf4j-1.7.25.jarcpe:/a:slf4j:slf4j:1.7.25org.slf4j:jcl-over-slf4j:1.7.25 0Low27
jcommander-1.30.jarcom.beust:jcommander:1.30 019
jdom2-2.0.4.jarorg.jdom:jdom2:2.0.4  043
jempbox-1.8.13.jarcpe:/a:apache:pdfbox:1.8.13org.apache.pdfbox:jempbox:1.8.13 0Low31
jhighlight-1.0.2.jarorg.codelibs:jhighlight:1.0.2 019
jmatio-1.2.jarorg.tallison:jmatio:1.2 017
jna-4.1.0.jarnet.java.dev.jna:jna:4.1.0  034
joda-time-2.2.jarjoda-time:joda-time:2.2 031
json-1.8.jarcom.tdunning:json:1.8 015
json-simple-1.1.1.jarcom.googlecode.json-simple:json-simple:1.1.1 019
jsonld-java-0.11.1.jarcom.github.jsonld-java:jsonld-java:0.11.1 023
jsoup-1.11.2.jarcpe:/a:jsoup:jsoup:1.11.2org.jsoup:jsoup:1.11.2 0Low27
jsr-275-0.9.3.jarjavax.measure:jsr-275:0.9.3 023
jsr305-3.0.1.jarcom.google.code.findbugs:jsr305:3.0.1 019
jul-to-slf4j-1.7.24.jarcpe:/a:slf4j:slf4j:1.7.24org.slf4j:jul-to-slf4j:1.7.24 0Low26
junrar-0.7.jarcom.github.junrar:junrar:0.7 016
mapdb-1.0.8.jarorg.mapdb:mapdb:1.0.8 019
metadata-extractor-2.10.1.jarcpe:/a:id:id-software:2.10.1com.drewnoakes:metadata-extractor:2.10.1 0Low20
nekohtml-1.9.20.jarnet.sourceforge.nekohtml:nekohtml:1.9.20  023
netcdf4-4.5.5.jaredu.ucar:netcdf4:4.5.5 018
opennlp-tools-1.8.3.jarcpe:/a:apache:opennlp:1.8.3org.apache.opennlp:opennlp-tools:1.8.3 0Low33
owlapi-api-5.1.3.jarnet.sourceforge.owlapi:owlapi-api:5.1.3 015
owlapi-apibinding-5.1.3.jarnet.sourceforge.owlapi:owlapi-apibinding:5.1.3 017
owlapi-impl-5.1.3.jarnet.sourceforge.owlapi:owlapi-impl:5.1.3 018
owlapi-oboformat-5.1.3.jarnet.sourceforge.owlapi:owlapi-oboformat:5.1.3 019
owlapi-parsers-5.1.3.jarnet.sourceforge.owlapi:owlapi-parsers:5.1.3 015
owlapi-rio-5.1.3.jarnet.sourceforge.owlapi:owlapi-rio:5.1.3 019
owlapi-tools-5.1.3.jarnet.sourceforge.owlapi:owlapi-tools:5.1.3 012
pdfbox-2.0.8.jarcpe:/a:apache:pdfbox:2.0.8org.apache.pdfbox:pdfbox:2.0.8 0Low31
poi-3.16.jarcpe:/a:apache:poi:3.16org.apache.poi:poi:3.16  0Low30
quartz-2.2.0.jarorg.quartz-scheduler:quartz:2.2.0 035
rdf4j-http-client-2.2.4.jarorg.eclipse.rdf4j:rdf4j-http-client:2.2.4 022
rdf4j-http-protocol-2.2.4.jarorg.eclipse.rdf4j:rdf4j-http-protocol:2.2.4 022
rdf4j-model-2.2.4.jarorg.eclipse.rdf4j:rdf4j-model:2.2.4 021
rdf4j-query-2.2.4.jarorg.eclipse.rdf4j:rdf4j-query:2.2.4 021
rdf4j-queryalgebra-evaluation-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryalgebra-evaluation:2.2.4 022
rdf4j-queryalgebra-model-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryalgebra-model:2.2.4 022
rdf4j-queryparser-api-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryparser-api:2.2.4 022
rdf4j-queryparser-serql-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryparser-serql:2.2.4 022
rdf4j-queryparser-sparql-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryparser-sparql:2.2.4 022
rdf4j-queryresultio-api-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryresultio-api:2.2.4 022
rdf4j-queryresultio-sparqlxml-2.2.4.jarorg.eclipse.rdf4j:rdf4j-queryresultio-sparqlxml:2.2.4 022
rdf4j-repository-api-2.2.4.jarorg.eclipse.rdf4j:rdf4j-repository-api:2.2.4 021
rdf4j-repository-sail-2.2.4.jarorg.eclipse.rdf4j:rdf4j-repository-sail:2.2.4 022
rdf4j-repository-sparql-2.2.4.jarorg.eclipse.rdf4j:rdf4j-repository-sparql:2.2.4 022
rdf4j-rio-api-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-api:2.2.4 022
rdf4j-rio-binary-2.2.2.jarorg.eclipse.rdf4j:rdf4j-rio-binary:2.2.2 022
rdf4j-rio-datatypes-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-datatypes:2.2.4 022
rdf4j-rio-jsonld-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-jsonld:2.2.4 022
rdf4j-rio-languages-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-languages:2.2.4 022
rdf4j-rio-n3-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-n3:2.2.4 022
rdf4j-rio-nquads-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-nquads:2.2.4 022
rdf4j-rio-ntriples-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-ntriples:2.2.4 022
rdf4j-rio-rdfjson-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-rdfjson:2.2.4 022
rdf4j-rio-rdfxml-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-rdfxml:2.2.4 022
rdf4j-rio-trig-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-trig:2.2.4 022
rdf4j-rio-trix-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-trix:2.2.4 022
rdf4j-rio-turtle-2.2.4.jarorg.eclipse.rdf4j:rdf4j-rio-turtle:2.2.4 022
rdf4j-sail-api-2.2.4.jarcpe:/a:storage_api_project:storage_api:2.2.4org.eclipse.rdf4j:rdf4j-sail-api:2.2.4 0Low21
rdf4j-sail-base-2.2.4.jarorg.eclipse.rdf4j:rdf4j-sail-base:2.2.4 022
rdf4j-sail-inferencer-2.2.4.jarorg.eclipse.rdf4j:rdf4j-sail-inferencer:2.2.4 022
rdf4j-sail-memory-2.2.4.jarorg.eclipse.rdf4j:rdf4j-sail-memory:2.2.4 022
rdf4j-sail-model-2.2.4.jarorg.eclipse.rdf4j:rdf4j-sail-model:2.2.4 022
rdf4j-util-2.2.4.jarorg.eclipse.rdf4j:rdf4j-util:2.2.4 021
rome-1.5.1.jarcom.rometools:rome:1.5.1 022
rome-utils-1.5.1.jarcom.rometools:rome-utils:1.5.1 021
semargl-core-0.7.jarorg.semarglproject:semargl-core:0.7 015
semargl-rdf-0.7.jarorg.semarglproject:semargl-rdf:0.7 017
semargl-rdf4j-0.7.jarorg.semarglproject:semargl-rdf4j:0.7 020
semargl-rdfa-0.7.jarorg.semarglproject:semargl-rdfa:0.7 019
sentiment-analysis-parser-0.1.jaredu.usc.ir:sentiment-analysis-parser:0.1 019
sis-metadata-0.6.jarorg.apache.sis.core:sis-metadata:0.6  045
sis-netcdf-0.6.jarorg.apache.sis.storage:sis-netcdf:0.6  044
sis-referencing-0.6.jarorg.apache.sis.core:sis-referencing:0.6  045
sis-storage-0.6.jarorg.apache.sis.storage:sis-storage:0.6  044
sis-utility-0.6.jarorg.apache.sis.core:sis-utility:0.6  043
snakeyaml-1.17.jarorg.yaml:snakeyaml:1.17 023
tagsoup-1.2.1.jarorg.ccil.cowan.tagsoup:tagsoup:1.2.1  022
tika-core-1.17.jarcpe:/a:apache:tika:1.17org.apache.tika:tika-core:1.17Medium2Highest39
trove4j-3.0.3.jarnet.sf.trove4j:trove4j:3.0.3  024
udunits-4.5.5.jaredu.ucar:udunits:4.5.5 022
vorbis-java-core-0.8.jarorg.gagravarr:vorbis-java-core:0.8 017
vorbis-java-tika-0.8.jarcpe:/a:apache:tika:0.8org.gagravarr:vorbis-java-tika:0.8High3Highest19
xmlbeans-2.6.0.jarorg.apache.xmlbeans:xmlbeans:2.6.0  028
xmlschema-core-2.2.2.jarcpe:/a:ws_project:ws:2.2.2org.apache.ws.xmlschema:xmlschema-core:2.2.2 0Low26
xmpcore-5.1.3.jarcom.adobe.xmp:xmpcore:5.1.3  034
xz-1.6.jarcpe:/a:tukaani:xz:1.6org.tukaani:xz:1.6 Medium1Low29
creativecommons.jar 05
exchange-jexl.jar 08
feed.jar 06
jdom-2.0.2.jarorg.jdom:jdom:2.0.2  043
headings.jar 08
index-anchor.jar 08
index-basic.jar 08
geoip2-2.10.0.jarcpe:/a:geoip:geoip:2.10.0com.maxmind.geoip2:geoip2:2.10.0 0Low25
index-geoip.jarcpe:/a:geoip:geoip:- 0Low8
jackson-databind-2.9.2.jarcpe:/a:fasterxml:jackson-databind:2.9.2
cpe:/a:fasterxml:jackson:2.9.2
com.fasterxml.jackson.core:jackson-databind:2.9.2High3Highest37
maxmind-db-1.2.2.jarcom.maxmind.db:maxmind-db:1.2.2 021
index-jexl-filter.jar 08
index-links.jarcpe:/a:links:links:- 0Low8
index-metadata.jar 08
index-more.jar 08
index-replace.jar 08
index-static.jar 08
aws-java-sdk-cloudsearch-1.10.0.jarcom.amazonaws:aws-java-sdk-cloudsearch:1.10.0 022
aws-java-sdk-core-1.10.0.jarcom.amazonaws:aws-java-sdk-core:1.10.0 019
commons-codec-1.6.jarcommons-codec:commons-codec:1.6 033
commons-logging-1.1.3.jarcommons-logging:commons-logging:1.1.3 033
httpclient-4.3.6.jarcpe:/a:apache:httpclient:4.3.6org.apache.httpcomponents:httpclient:4.3.6 0Low28
httpcore-4.3.3.jarorg.apache.httpcomponents:httpcore:4.3.3 028
indexer-cloudsearch.jar 08
jackson-annotations-2.5.0.jarcpe:/a:fasterxml:jackson:2.5.0com.fasterxml.jackson.core:jackson-annotations:2.5.0 0Low35
jackson-core-2.5.3.jarcpe:/a:fasterxml:jackson:2.5.3com.fasterxml.jackson.core:jackson-core:2.5.3 0Low35
jackson-databind-2.5.3.jarcpe:/a:fasterxml:jackson-databind:2.5.3
cpe:/a:fasterxml:jackson:2.5.3
com.fasterxml.jackson.core:jackson-databind:2.5.3High5Highest35
joda-time-2.8.jarjoda-time:joda-time:2.8 033
indexer-csv.jar 08
indexer-dummy.jar 08
commons-codec-1.9.jarcommons-codec:commons-codec:1.9 033
commons-lang3-3.4.jarorg.apache.commons:commons-lang3:3.4 035
gson-2.6.2.jarcom.google.code.gson:gson:2.6.2 025
guava-19.0.jarcom.google.guava:guava:19.0 023
httpasyncclient-4.1.1.jarcpe:/a:apache:httpasyncclient:4.1.1org.apache.httpcomponents:httpasyncclient:4.1.1 0Low28
httpclient-4.5.2.jarcpe:/a:apache:httpclient:4.5.2org.apache.httpcomponents:httpclient:4.5.2 0Low28
httpcore-4.4.4.jarorg.apache.httpcomponents:httpcore:4.4.4 030
httpcore-nio-4.4.4.jarorg.apache.httpcomponents:httpcore-nio:4.4.4 028
indexer-elastic-rest.jar 08
jest-2.0.3.jario.searchbox:jest:2.0.3 021
jest-common-2.0.3.jario.searchbox:jest-common:2.0.3 019
slf4j-api-1.7.21.jarcpe:/a:slf4j:slf4j:1.7.21org.slf4j:slf4j-api:1.7.21 0Low27
HdrHistogram-2.1.6.jarorg.hdrhistogram:HdrHistogram:2.1.6 025
compiler-0.9.3.jarcom.github.spullara.mustache.java:compiler:0.9.3 021
elasticsearch-5.3.0.jarcpe:/a:elasticsearch:elasticsearch:5.3.0org.elasticsearch:elasticsearch:5.3.0  0Low30
hppc-0.7.1.jarcom.carrotsearch:hppc:0.7.1 019
httpasyncclient-4.1.2.jarcpe:/a:apache:httpasyncclient:4.1.2org.apache.httpcomponents:httpasyncclient:4.1.2 0Low28
httpcore-4.4.5.jarorg.apache.httpcomponents:httpcore:4.4.5 030
httpcore-nio-4.4.5.jarorg.apache.httpcomponents:httpcore-nio:4.4.5 028
indexer-elastic.jar 08
jackson-core-2.8.6.jarcpe:/a:fasterxml:jackson:2.8.6com.fasterxml.jackson.core:jackson-core:2.8.6 0Low35
jna-4.2.2.jarnet.java.dev.jna:jna:4.2.2  034
joda-time-2.9.5.jarjoda-time:joda-time:2.9.5 033
jopt-simple-5.0.2.jarnet.sf.jopt-simple:jopt-simple:5.0.2 019
lang-mustache-client-5.3.0.jarcpe:/a:elasticsearch:elasticsearch:5.3.0org.elasticsearch.plugin:lang-mustache-client:5.3.0  0Low44
log4j-core-2.7.jarcpe:/a:apache:log4j:2.7org.apache.logging.log4j:log4j-core:2.7High1Highest33
lucene-analyzers-common-6.4.1.jarorg.apache.lucene:lucene-analyzers-common:6.4.1  030
lucene-backward-codecs-6.4.1.jarorg.apache.lucene:lucene-backward-codecs:6.4.1  031
lucene-core-6.4.1.jarorg.apache.lucene:lucene-core:6.4.1  028
lucene-grouping-6.4.1.jarorg.apache.lucene:lucene-grouping:6.4.1  031
lucene-highlighter-6.4.1.jarorg.apache.lucene:lucene-highlighter:6.4.1  030
lucene-join-6.4.1.jarorg.apache.lucene:lucene-join:6.4.1  031
lucene-memory-6.4.1.jarorg.apache.lucene:lucene-memory:6.4.1  031
lucene-misc-6.4.1.jarorg.apache.lucene:lucene-misc:6.4.1  030
lucene-queries-6.4.1.jarorg.apache.lucene:lucene-queries:6.4.1  031
lucene-queryparser-6.4.1.jarorg.apache.lucene:lucene-queryparser:6.4.1  031
lucene-sandbox-6.4.1.jarorg.apache.lucene:lucene-sandbox:6.4.1  028
lucene-spatial-6.4.1.jarorg.apache.lucene:lucene-spatial:6.4.1  031
lucene-spatial-extras-6.4.1.jarorg.apache.lucene:lucene-spatial-extras:6.4.1  031
lucene-spatial3d-6.4.1.jarorg.apache.lucene:lucene-spatial3d:6.4.1  031
lucene-suggest-6.4.1.jarorg.apache.lucene:lucene-suggest:6.4.1  031
netty-3.10.6.Final.jarcpe:/a:netty_project:netty:3.10.6io.netty:netty:3.10.6.Final 0Low25
netty-transport-4.1.7.Final.jarcpe:/a:netty_project:netty:4.1.7io.netty:netty-transport:4.1.7.Final 0Low27
percolator-client-5.3.0.jarcpe:/a:elasticsearch:elasticsearch:5.3.0org.codelibs.elasticsearch.module:percolator:5.3.0  0Low42
reindex-client-5.3.0.jarcpe:/a:elasticsearch:elasticsearch:5.3.0org.codelibs.elasticsearch.module:reindex:5.3.0  0Low44
rest-5.3.0.jarcpe:/a:elasticsearch:elasticsearch:5.3.0org.elasticsearch.client:rest:5.3.0  0Low32
securesm-1.1.jarorg.elasticsearch:securesm:1.1 013
snakeyaml-1.15.jarorg.yaml:snakeyaml:1.15 023
t-digest-3.0.jarcom.tdunning:t-digest:3.0 019
transport-5.3.0.jarcpe:/a:elasticsearch:elasticsearch:5.3.0org.elasticsearch.client:transport:5.3.0  0Low35
indexer-rabbit.jar 08
commons-io-2.5.jarcommons-io:commons-io:2.5 037
commons-math3-3.6.1.jarorg.apache.commons:commons-math3:3.6.1 037
indexer-solr.jarcpe:/a:apache:solr:-High8Low8
jcl-over-slf4j-1.7.24.jarcpe:/a:slf4j:slf4j:1.7.24org.slf4j:jcl-over-slf4j:1.7.24 0Low27
noggit-0.8.jarorg.noggit:noggit:0.8 015
slf4j-api-1.7.24.jarcpe:/a:slf4j:slf4j:1.7.24org.slf4j:slf4j-api:1.7.24 0Low27
solr-solrj-7.3.1.jarcpe:/a:apache:solr:7.3.1org.apache.solr:solr-solrj:7.3.1 Low1Highest31
zookeeper-3.4.11.jarcpe:/a:apache:zookeeper:3.4.11org.apache.zookeeper:zookeeper:3.4.11 Medium2Low27
language-identifier.jar 08
cglib-nodep-2.1_3.jarcglib:cglib-nodep:2.1_3  020
commons-collections-3.2.1.jarcpe:/a:apache:commons_collections:3.2.1commons-collections:commons-collections:3.2.1High2Highest31
commons-exec-1.1.jarorg.apache.commons:commons-exec:1.1 031
commons-jxpath-1.3.jarcommons-jxpath:commons-jxpath:1.3 031
commons-lang3-3.3.2.jarorg.apache.commons:commons-lang3:3.3.2 033
cssparser-0.9.14.jarnet.sourceforge.cssparser:cssparser:0.9.14 019
gson-2.3.jarcom.google.code.gson:gson:2.3  035
guava-18.0.jarcom.google.guava:guava:18.0 023
htmlunit-2.15.jarnet.sourceforge.htmlunit:htmlunit:2.15 026
htmlunit-core-js-2.15.jarnet.sourceforge.htmlunit:htmlunit-core-js:2.15  023
httpclient-4.3.4.jarcpe:/a:apache:httpclient:4.3.4org.apache.httpcomponents:httpclient:4.3.4Medium2Highest28
httpcore-4.3.2.jarorg.apache.httpcomponents:httpcore:4.3.2 028
httpmime-4.3.3.jarorg.apache.httpcomponents:httpmime:4.3.3 028
ini4j-0.5.2.jarorg.ini4j:ini4j:0.5.2 015
jetty-http-8.1.15.v20140411.jarcpe:/a:jetty:jetty:8.1.15.v20140411
cpe:/a:eclipse:jetty:8.1.15.v20140411
org.eclipse.jetty:jetty-http:8.1.15.v20140411High4Low31
jetty-io-8.1.15.v20140411.jarorg.eclipse.jetty:jetty-io:8.1.15.v20140411 031
jna-3.4.0.jarnet.java.dev.jna:jna:3.4.0  024
lib-htmlunit.jar 08
nekohtml-1.9.21.jarnet.sourceforge.nekohtml:nekohtml:1.9.21  023
netty-3.5.2.Final.jarcpe:/a:netty_project:netty:3.5.2io.netty:netty:3.5.2.FinalMedium2Low25
operadriver-1.5.jarcpe:/a:opera:opera:1.5
cpe:/a:opera_software:opera:1.5
com.opera:operadriver:1.5High16Low20
operalaunchers-1.1.jarcpe:/a:opera:opera:1.1
cpe:/a:opera_software:opera:1.1
com.opera:operalaunchers:1.1High16Low20
phantomjsdriver-1.2.1.jarcom.codeborne:phantomjsdriver:1.2.1  024
platform-3.4.0.jarnet.java.dev.jna:platform:3.4.0  024
protobuf-java-2.4.1.jarcpe:/a:google:protobuf:2.4.1com.google.protobuf:protobuf-java:2.4.1Medium1Highest21
sac-1.3.jarorg.w3c.css:sac:1.3  026
selenium-api-2.44.0.jarorg.seleniumhq.selenium:selenium-api:2.44.0 017
selenium-chrome-driver-2.44.0.jarorg.seleniumhq.selenium:selenium-chrome-driver:2.44.0 019
selenium-firefox-driver-2.44.0.jarorg.seleniumhq.selenium:selenium-firefox-driver:2.44.0 019
selenium-htmlunit-driver-2.44.0.jarorg.seleniumhq.selenium:selenium-htmlunit-driver:2.44.0 019
selenium-ie-driver-2.44.0.jarorg.seleniumhq.selenium:selenium-ie-driver:2.44.0 019
selenium-java-2.44.0.jarorg.seleniumhq.selenium:selenium-java:2.44.0 020
selenium-remote-driver-2.44.0.jarorg.seleniumhq.selenium:selenium-remote-driver:2.44.0 019
selenium-safari-driver-2.44.0.jarorg.seleniumhq.selenium:selenium-safari-driver:2.44.0 019
selenium-support-2.44.0.jarorg.seleniumhq.selenium:selenium-support:2.44.0 019
serializer-2.7.1.jarcpe:/a:apache:xalan-java:2.7.1xalan:serializer:2.7.1 High1Highest31
webbit-0.4.14.jarcpe:/a:id:id-software:0.4.14org.webbitserver:webbit:0.4.14 0Low15
xalan-2.7.1.jarcpe:/a:apache:xalan-java:2.7.1xalan:xalan:2.7.1 High1Highest41
lib-http.jar 08
nekohtml-1.9.19.jarnet.sourceforge.nekohtml:nekohtml:1.9.19  023
gson-2.8.4.jarcom.google.code.gson:gson:2.8.4 025
lib-rabbitmq.jar 07
lib-regex-filter.jar 08
cssparser-0.9.16.jarnet.sourceforge.cssparser:cssparser:0.9.16 019
gson-2.3.1.jarcom.google.code.gson:gson:2.3.1  035
htmlunit-2.18.jarnet.sourceforge.htmlunit:htmlunit:2.19-SNAPSHOT 029
htmlunit-core-js-2.17.jarnet.sourceforge.htmlunit:htmlunit-core-js:2.17  023
httpclient-4.5.1.jarcpe:/a:apache:httpclient:4.5.1org.apache.httpcomponents:httpclient:4.5.1 0Low28
httpcore-4.4.3.jarorg.apache.httpcomponents:httpcore:4.4.3 030
httpmime-4.5.jarorg.apache.httpcomponents:httpmime:4.5 028
jetty-io-9.2.12.v20150709.jarorg.eclipse.jetty:jetty-io:9.2.12.v20150709 031
jetty-util-9.2.12.v20150709.jarcpe:/a:jetty:jetty:9.2.12.v20150709
cpe:/a:eclipse:jetty:9.2.12.v20150709
org.eclipse.jetty:jetty-util:9.2.12.v20150709High4Low33
jna-platform-4.1.0.jarnet.java.dev.jna:jna-platform:4.1.0  037
lib-selenium.jar 08
nekohtml-1.9.22.jarnet.sourceforge.nekohtml:nekohtml:1.9.22  023
selenium-api-2.48.2.jarorg.seleniumhq.selenium:selenium-api:2.48.2 017
selenium-chrome-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-chrome-driver:2.48.2 019
selenium-edge-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-edge-driver:2.48.2 019
selenium-firefox-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-firefox-driver:2.48.2 019
selenium-htmlunit-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-htmlunit-driver:2.48.2 019
selenium-ie-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-ie-driver:2.48.2 019
selenium-java-2.48.2.jarorg.seleniumhq.selenium:selenium-java:2.48.2 014
selenium-leg-rc-2.48.2.jarorg.seleniumhq.selenium:selenium-leg-rc:2.48.2 020
selenium-remote-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-remote-driver:2.48.2 019
selenium-safari-driver-2.48.2.jarorg.seleniumhq.selenium:selenium-safari-driver:2.48.2 019
selenium-support-2.48.2.jarorg.seleniumhq.selenium:selenium-support:2.48.2 019
serializer-2.7.2.jarcpe:/a:apache:xalan-java:2.7.2xalan:serializer:2.7.2  0Low31
websocket-api-9.2.12.v20150709.jarorg.eclipse.jetty.websocket:websocket-api:9.2.12.v20150709 029
websocket-client-9.2.12.v20150709.jarcpe:/a:jetty:jetty:9.2.12.v20150709
cpe:/a:eclipse:jetty:9.2.12.v20150709
org.eclipse.jetty.websocket:websocket-client:9.2.12.v20150709High4Low29
xalan-2.7.2.jarcpe:/a:apache:xalan-java:2.7.2xalan:xalan:2.7.2  0Low41
jaxen-1.1.1.jarjaxen:jaxen:1.1.1  029
jdom-1.1.jarorg.jdom:jdom:1.1  039
lib-xml.jar 02
microformats-reltag.jar 08
mimetype-filter.jar 08
parse-ext.jar 08
parse-html.jar 08
parse-js.jar 08
parse-metatags.jar 08
javaswf.jar 05
parse-swf.jar 08
FastInfoset-1.2.13.jarcom.sun.xml.fastinfoset:FastInfoset:1.2.13 035
activation-1.1.1.jarjavax.activation:activation:1.1.1  027
apache-mime4j-core-0.8.2.jarcpe:/a:apache:james:0.8.2org.apache.james:apache-mime4j-core:0.8.2 0Low27
asm-6.2.jarorg.ow2.asm:asm:6.2  036
bcmail-jdk15on-1.60.jarorg.bouncycastle:bcmail-jdk15on:1.60  047
bcpkix-jdk15on-1.60.jarorg.bouncycastle:bcpkix-jdk15on:1.60  043
bcprov-jdk15on-1.60.jarcpe:/a:bouncycastle:bouncy_castle_crypto_package:1.60
cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.60
org.bouncycastle:bcprov-jdk15on:1.60  0Low43
commons-collections4-4.2.jarcpe:/a:apache:commons_collections:4.2org.apache.commons:commons-collections4:4.2 0Low37
commons-compress-1.18.jarcpe:/a:apache:commons-compress:1.18org.apache.commons:commons-compress:1.18 0Low41
commons-io-2.6.jarcommons-io:commons-io:2.6 037
cxf-core-3.2.6.jarcpe:/a:apache:cxf:3.2.6org.apache.cxf:cxf-core:3.2.6 0Low35
dec-0.1.2.jarcpe:/a:id:id-software:0.1.2org.brotli:dec:0.1.2 0Low23
fontbox-2.0.12.jarcpe:/a:apache:pdfbox:2.0.12org.apache.pdfbox:fontbox:2.0.12 0Low33
geoapi-3.0.1.jarorg.opengis:geoapi:3.0.1 030
gson-2.8.5.jarcom.google.code.gson:gson:2.8.5 025
guava-17.0.jarcom.google.guava:guava:17.0 021
httpmime-4.5.6.jarorg.apache.httpcomponents:httpmime:4.5.6 028
isoparser-1.1.22.jarcom.googlecode.mp4parser:isoparser:1.1.22 015
istack-commons-runtime-3.0.5.jarcom.sun.istack:istack-commons-runtime:3.0.5 029
jackcess-2.1.12.jarcom.healthmarketscience.jackcess:jackcess:2.1.12 025
jackcess-encrypt-2.1.4.jarcom.healthmarketscience.jackcess:jackcess-encrypt:2.1.4 025
jackson-core-2.9.6.jarcpe:/a:fasterxml:jackson:2.9.6com.fasterxml.jackson.core:jackson-core:2.9.6 0Low37
jackson-databind-2.9.6.jarcpe:/a:fasterxml:jackson:2.9.6
cpe:/a:fasterxml:jackson-databind:2.9.6
com.fasterxml.jackson.core:jackson-databind:2.9.6 0Low37
jai-imageio-core-1.4.0.jarcom.github.jai-imageio:jai-imageio-core:1.4.0 036
javax.annotation-api-1.3.jarjavax.annotation:javax.annotation-api:1.3 035
javax.ws.rs-api-2.1.jarcpe:/a:ws_project:ws:2.1javax.ws.rs:javax.ws.rs-api:2.1 0Low35
jaxb-api-2.3.0.jarjavax.xml.bind:jaxb-api:2.3.0 028
jaxb-core-2.3.0.1.jarorg.glassfish.jaxb:jaxb-core:2.3.0.1 022
jaxb-runtime-2.3.0.1.jarorg.glassfish.jaxb:jaxb-runtime:2.3.0.1 022
jbig2-imageio-3.0.2.jarcpe:/a:apache:pdfbox:3.0.2org.apache.pdfbox:jbig2-imageio:3.0.2 0Low28
jcommander-1.35.jarcom.beust:jcommander:1.35 019
jdom2-2.0.6.jarorg.jdom:jdom2:2.0.6  043
jempbox-1.8.16.jarcpe:/a:apache:pdfbox:1.8.16org.apache.pdfbox:jempbox:1.8.16 0Low31
jhighlight-1.0.3.jarorg.codelibs:jhighlight:1.0.3 019
jmatio-1.5.jarorg.tallison:jmatio:1.5 017
jna-4.3.0.jarnet.java.dev.jna:jna:4.3.0  034
jsoup-1.11.3.jarcpe:/a:jsoup:jsoup:1.11.3org.jsoup:jsoup:1.11.3 0Low29
jul-to-slf4j-1.7.25.jarcpe:/a:slf4j:slf4j:1.7.25org.slf4j:jul-to-slf4j:1.7.25 0Low26
junrar-2.0.0.jarcom.github.junrar:junrar:2.0.0 016
metadata-extractor-2.11.0.jarcpe:/a:id:id-software:2.11.0com.drewnoakes:metadata-extractor:2.11.0 0Low20
openjson-1.0.10.jarcom.github.openjson:openjson:1.0.10 025
opennlp-tools-1.9.0.jarcpe:/a:apache:opennlp:1.9.0org.apache.opennlp:opennlp-tools:1.9.0 0Low33
parse-tika.jarcpe:/a:apache:tika:-High1Low8
parso-2.0.9.jarcom.epam:parso:2.0.9  022
pdfbox-2.0.12.jarcpe:/a:apache:pdfbox:2.0.12org.apache.pdfbox:pdfbox:2.0.12 0Low31
poi-4.0.0.jarcpe:/a:apache:poi:4.0.0org.apache.poi:poi:4.0.0  0Low30
sis-feature-0.8.jarorg.apache.sis.core:sis-feature:0.8  043
sis-metadata-0.8.jarorg.apache.sis.core:sis-metadata:0.8  045
sis-netcdf-0.8.jarorg.apache.sis.storage:sis-netcdf:0.8  044
sis-referencing-0.8.jarorg.apache.sis.core:sis-referencing:0.8  045
sis-storage-0.8.jarorg.apache.sis.storage:sis-storage:0.8  044
sis-utility-0.8.jarorg.apache.sis.core:sis-utility:0.8  043
stax-ex-1.7.8.jarorg.jvnet.staxex:stax-ex:1.7.8 028
stax2-api-4.1.jarorg.codehaus.woodstox:stax2-api:4.1 041
tika-parsers-1.19.1.jarcpe:/a:apache:tika:1.19.1org.apache.tika:tika-parsers:1.19.1 0Low39
txw2-2.3.0.1.jarorg.glassfish.jaxb:txw2:2.3.0.1 022
uimafit-core-2.2.0.jarcpe:/a:apache:apache_test:2.2.0org.apache.uima:uimafit-core:2.2.0 0Low27
uimaj-core-2.9.0.jarcpe:/a:apache:uimaj:2.9.0org.apache.uima:uimaj-core:2.9.0 0Low27
unit-api-1.0.jarjavax.measure:unit-api:1.0 035
woodstox-core-5.1.0.jarcom.fasterxml.woodstox:woodstox-core:5.1.0 041
xmlbeans-3.0.1.jarorg.apache.xmlbeans:xmlbeans:3.0.1  028
xz-1.8.jarcpe:/a:tukaani:xz:1.8org.tukaani:xz:1.8 Medium1Low31
parse-zip.jarcpe:/a:zip_project:zip:-Medium1Low8
commons-cli-2.0-mahout.jarorg.apache.commons:commons-cli:2.0-SNAPSHOT 031
commons-lang3-3.1.jarorg.apache.commons:commons-lang3:3.1 033
commons-math3-3.2.jarorg.apache.commons:commons-math3:3.2 033
guava-14.0.1.jarcom.google.guava:guava:14.0.1 021
jackson-core-asl-1.9.12.jarcpe:/a:fasterxml:jackson:1.9.12org.codehaus.jackson:jackson-core-asl:1.9.12  0Low34
lucene-analyzers-common-5.5.0.jarorg.apache.lucene:lucene-analyzers-common:5.5.0  030
lucene-core-5.5.0.jarorg.apache.lucene:lucene-core:5.5.0  028
mahout-core-0.9.jarorg.apache.mahout:mahout-core:0.9 022
mahout-math-0.10.1.jarorg.apache.mahout:mahout-math:0.10.1 022
parsefilter-naivebayes.jar 08
slf4j-api-1.7.12.jarcpe:/a:slf4j:slf4j:1.7.12org.slf4j:slf4j-api:1.7.12 0Low27
solr-commons-csv-3.5.0.jarcpe:/a:apache:solr:1.0.0org.apache.commons:commons-csv:1.0-SNAPSHOTHigh9Highest28
t-digest-3.1.jarcom.tdunning:t-digest:3.1 019
xmlpull-1.1.3.1.jarxmlpull:xmlpull:1.1.3.1  018
xpp3_min-1.1.4c.jarxpp3:xpp3_min:1.1.4c  024
xstream-1.4.4.jarcpe:/a:xstream_project:xstream:1.4.4com.thoughtworks.xstream:xstream:1.4.4Medium2Low17
parsefilter-regex.jar 08
protocol-file.jar 08
commons-net-1.2.2.jarcommons-net:commons-net:1.2.2  023
protocol-ftp.jar 08
protocol-htmlunit.jar 08
protocol-http.jar 08
jsoup-1.8.1.jarcpe:/a:jsoup:jsoup:1.8.1org.jsoup:jsoup:1.8.1Medium1Low25
protocol-httpclient.jarcpe:/a:apache:httpclient:- 0Low8
protocol-interactiveselenium.jar 08
okhttp-3.10.0.jarcpe:/a:squareup:okhttp:3.10.0
cpe:/a:squareup:okhttp3:3.10.0
com.squareup.okhttp3:okhttp:3.10.0 0Low16
okio-1.14.0.jarcom.squareup.okio:okio:1.14.0 016
protocol-okhttp.jar 08
protocol-selenium.jar 08
publish-rabbitmq.jar 08
scoring-depth.jar 08
scoring-link.jar 08
scoring-opic.jar 08
scoring-orphan.jar 08
scoring-similarity.jar 08
subcollection.jar 06
tld.jar 06
automaton-1.11-8.jardk.brics.automaton:automaton:1.11-8  022
urlfilter-automaton.jar 08
urlfilter-domain.jar 08
urlfilter-domainblacklist.jar 08
urlfilter-ignoreexempt.jar 08
urlfilter-prefix.jar 08
urlfilter-regex.jar 08
urlfilter-suffix.jar 08
urlfilter-validator.jar 08
urlmeta.jar 06
urlnormalizer-ajax.jar 08
urlnormalizer-basic.jar 08
urlnormalizer-host.jar 08
urlnormalizer-pass.jar 08
urlnormalizer-protocol.jar 08
urlnormalizer-querystring.jar 08
urlnormalizer-regex.jar 08
urlnormalizer-slash.jar 08
leveldbjni-all-1.8.jar: leveldbjni.dll 02
leveldbjni-all-1.8.jar: leveldbjni.dll 02
snappy-java-1.0.4.1.jar: snappyjava.dll 02
snappy-java-1.0.4.1.jar: snappyjava.dll 02
ehcache-core-2.6.2.jar: sizeof-agent.jarnet.sf.ehcache:sizeof-agent:1.0.1 026
jna-4.1.0.jar: jnidispatch.dll 02
jna-4.1.0.jar: jnidispatch.dll 02
jna-4.1.0.jar: jnidispatch.dll 02
jna-4.2.2.jar: jnidispatch.dll 02
jna-4.2.2.jar: jnidispatch.dll 02
jna-3.4.0.jar: jnidispatch.dll 02
jna-3.4.0.jar: jnidispatch.dll 02
jna-3.4.0.jar: jnidispatch.dll 02
operalaunchers-1.1.jar: launcher-win32-i86pc.exe 04
jna-4.3.0.jar: jnidispatch.dll 02
jna-4.3.0.jar: jnidispatch.dll 02
antlr4-4.5.1.jar (shaded: org.antlr:antlr4-runtime:4.5.1)org.antlr:antlr4-runtime:4.5.1 013
antlr4-4.5.1.jar (shaded: org.abego.treelayout:org.abego.treelayout.core:1.0.1)org.abego.treelayout:org.abego.treelayout.core:1.0.1 015
htrace-core-3.1.0-incubating.jar (shaded: commons-logging:commons-logging:1.1.1)commons-logging:commons-logging:1.1.1 016
jaxb-core-2.2.11.jar (shaded: com.sun.istack:istack-commons-runtime:2.21)com.sun.istack:istack-commons-runtime:2.21 011
jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-core:2.2.11)org.glassfish.jaxb:jaxb-core:2.2.11 013
jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:txw2:2.2.11)org.glassfish.jaxb:txw2:2.2.11 013
jaxb-impl-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.2.11)org.glassfish.jaxb:jaxb-runtime:2.2.11 013
netty-common-4.1.7.Final.jar (shaded: io.netty:netty-common:4.1.7.Final)cpe:/a:netty_project:netty:4.1.7io.netty:netty-common:4.1.7.Final 0Low9
netty-common-4.1.7.Final.jar (shaded: org.jctools:jctools-core:1.2.1)org.jctools:jctools-core:1.2.1 011

Dependencies

ST4-4.0.8.jar

Description:

 StringTemplate is a java template engine for generating source code,
web pages, emails, or any other formatted text output.

StringTemplate is particularly good at multi-targeted code generators,
multiple site skins, and internationalization/localization. 

It evolved over years of effort developing jGuru.com. 

StringTemplate also generates the stringtemplate website: http://www.stringtemplate.org
and powers the ANTLR v3 code generator. Its distinguishing characteristic 
is that unlike other engines, it strictly enforces model-view separation.

Strict separation makes websites and code generators more flexible
and maintainable; it also provides an excellent defense against malicious
template authors.

There are currently about 600 StringTemplate source downloads a month.
    

License:

BSD licence: http://antlr.org/license.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/ST4-4.0.8.jar
MD5: a33afc363c76608dd7f8a723f137dbf1
SHA1: 0a1c55e974f8a94d78e2348fa6ff63f4fa1fae64
SHA256:58caabc40c9f74b0b5993fd868e0f64a50c0759094e6a251aaafad98edfc7a3b

Identifiers

  • maven: org.antlr:ST4:4.0.8  Confidence:High

amqp-client-5.2.0.jar

Description:

 The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.

License:

ASL 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
GPL v2: http://www.gnu.org/licenses/gpl-2.0.txt
MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/amqp-client-5.2.0.jar
MD5: 4b15b64a1c1e683dc9e154b55da746ee
SHA1: 5387675387ae293231f00f4cfc2b9656f510f1e2
SHA256:1adc7ff1842557ccdc04197f59976d3667aa211406d8e19d0807288bf440f421

Identifiers

  • maven: com.rabbitmq:amqp-client:5.2.0  Confidence:High
  • cpe: cpe:/a:pivotal_software:rabbitmq:5.2.0  Confidence:Low  

animal-sniffer-annotations-1.14.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/animal-sniffer-annotations-1.14.jar
MD5: 9d42e46845c874f1710a9f6a741f6c14
SHA1: 775b7e22fb10026eed3f86e8dc556dfafe35f2d5
SHA256:2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905d

Identifiers

  • maven: org.codehaus.mojo:animal-sniffer-annotations:1.14  Confidence:High

antlr-runtime-3.5.2.jar

Description:

 A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/antlr-runtime-3.5.2.jar
MD5: 1fbbae2cb72530207c20b797bdabd029
SHA1: cd9cd41361c155f3af0f653009dcecb08d8b4afd
SHA256:ce3fc8ecb10f39e9a3cddcbb2ce350d272d9cd3d0b1e18e6fe73c3b9389c8734

Identifiers

  • maven: org.antlr:antlr-runtime:3.5.2  Confidence:High

antlr4-4.5.1.jar

Description:

 The ANTLR 4 grammar compiler.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/antlr4-4.5.1.jar
MD5: d1006ee01c7d2fc8098d1b1ee0160ced
SHA1: 19a08f261dc2b7e1bc58c8f1038f766dccade74c
SHA256:59844c92d8afef5e3e0414a3a2faa88bced2b69a252b4796e214ac1c90d5e9cc

Identifiers

aopalliance-1.0.jar

Description:

 AOP Alliance

License:

Public Domain
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256:0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08

Identifiers

apacheds-i18n-2.0.0-M15.jar

Description:

 Internationalization of errors and other messages

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/apacheds-i18n-2.0.0-M15.jar
MD5: f5877c02fd56ade67713560e589c81b9
SHA1: 71c61c84683152ec2a6a65f3f96fe534e304fa22
SHA256:bd3b7cece7fc6364cbce32b9edd0e9628a3e889c6a93cdeff1b5e2131e2a007c

Identifiers

apacheds-kerberos-codec-2.0.0-M15.jar

Description:

 The Kerberos protocol encoder/decoder module

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/apacheds-kerberos-codec-2.0.0-M15.jar
MD5: 3118e22eac44e150c383df1d417772f4
SHA1: 1c16e4e477183641c5f0dd5cdecd27ec331bacb5
SHA256:4996f5b72497e94dd86d64a370158c4fb0049eea9b17ff8b27a4671d6c136ded

Identifiers

api-asn1-api-1.0.0-M20.jar

Description:

 ASN.1 API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/api-asn1-api-1.0.0-M20.jar
MD5: cf4561832dab76e9f37461342ec18d17
SHA1: 5e6486ffa3125ba44dc410ead166e1d6ba8ac76d
SHA256:484aaf4b888b0eb699d95bea265c2d5b6ebec951d70e5c5f7691cd52dd4c8298

Identifiers

api-util-1.0.0-M20.jar

Description:

 Utilities shared across this top level project

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/api-util-1.0.0-M20.jar
MD5: 2c5a6722666882024becdd64301be492
SHA1: a871abf060b3cf83fc6dc4d7e3d151fce50ac3cb
SHA256:fd32fd047ccf143c58d093b58811aa81e539f8cf83c1187809f1a241a1df12d1

Identifiers

  • maven: org.apache.directory.api:api-util:1.0.0-M20  Confidence:High
  • cpe: cpe:/a:apache:directory_ldap_api:1.0.0.m30  Confidence:Low  

CVE-2015-3250  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Apache Directory LDAP API before 1.0.0-M31 allows attackers to conduct timing attacks via unspecified vectors.

Vulnerable Software & Versions:

args4j-2.0.16.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/args4j-2.0.16.jar
MD5: 6571d69d142dd2a003c4ffae6138f0ee
SHA1: 9f00fb12820743b9e05c686eba543d64dd43f2b1
SHA256:c361d3741c1e79550c7fa04d01c699d66e0a16f18a1749eaa1b8b0df61cd0275

Identifiers

  • maven: args4j:args4j:2.0.16  Confidence:High

ascii-utf-themes-0.0.1.jar

Description:

 Base elements (lines, corners, borders) and themes for frames, grids, lists (itemize, enumerate).

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/ascii-utf-themes-0.0.1.jar
MD5: 3b89c54f240c34789e673fd6d47ddc85
SHA1: 4e6354685bb4bf62742dd8f0bc2de338e048e978
SHA256:4e020a8f7ed48e9a7d4795f719f61c2074d2831b2e392bbc6ef074177087cd10

Identifiers

  • maven: de.vandermeer:ascii-utf-themes:0.0.1  Confidence:High

asciitable-0.3.2.jar

Description:

 An ASCII table with various render options and UTF-8 support

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/asciitable-0.3.2.jar
MD5: d12aa8902ab9626ec31bed0c60a1a45f
SHA1: 96ee630413aa5a03ac5cbb34c79c95f91f417caa
SHA256:86e22c9e2fe4077d3b1f1daf3f91a7918ed2d41209454c01d38b088017975686

Identifiers

  • maven: de.vandermeer:asciitable:0.3.2  Confidence:High

asm-3.3.1.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/asm-3.3.1.jar
MD5: 1ad1e8959324b0f680b8e62406955642
SHA1: 1d5f20b4ea675e6fab6ab79f1cd60ec268ddc015
SHA256:c2b39275f8e951bc74750080a1266cdabc39399bc5e13d642bf2d346449df7f3

Identifiers

asm-5.0.4.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/asm-5.0.4.jar
MD5: c8a73cdfdf802ab0220c860d590d0f84
SHA1: 0da08b8cce7bbf903602a25a3a163ae252435795
SHA256:896618ed8ae62702521a78bc7be42b7c491a08e6920a15f89a3ecdec31e9a220

Identifiers

avro-1.7.4.jar

Description:

 Avro core components

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/avro-1.7.4.jar
MD5: de02dfb1f5880c0b422f215ffcaa3379
SHA1: 416e7030879814f52845b97f04bb50ecd1cef372
SHA256:a01d26e9a5ed0754e8c88dbb373fba896c57df0a0c424185767a3857855bb222

Identifiers

  • maven: org.apache.avro:avro:1.7.4  Confidence:High

bootstrap-3.0.3.jar

Description:

 WebJar for Bootstrap

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/bootstrap-3.0.3.jar
MD5: 8a2c981f25963903795453685babda0a
SHA1: 7297fe81dc0e82c44e15232014fd8e1180c0a3bc
SHA256:e84ad1718ab9f5eec39afcdeba0706497328f6e2394bab3dbb501fd367d12548

Identifiers

  • maven: org.webjars:bootstrap:3.0.3  Confidence:High

cglib-2.2.1-v20090111.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/cglib-2.2.1-v20090111.jar
MD5: 88af5931165ac8becab84a157c9bace0
SHA1: 07ce5e983fd0e6c78346f4c9cbfa39d83049dda2
SHA256:42e1dfb26becbf1a633f25b47e39fcc422b85e77e4c0468d9a44f885f5fa0be2

Identifiers

cglib-2.2.2.jar

Description:

 Code generation library

License:

ASF 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/cglib-2.2.2.jar
MD5: b3f681be48fce094cf01a045f5bdca6f
SHA1: a47a971686474124562bdd4a7ccbd8ac8c3e8b11
SHA256:a93e4485d274277177480c4afe6ddd8355cda1cacfe356c134e25d65193935fd

Identifiers

char-translation-0.0.2.jar

Description:

 Set of translators for characters, HTML Elements, and their combinations.

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/char-translation-0.0.2.jar
MD5: 27c8254bb595bb16306f99999600f0d7
SHA1: 1f8a810c0b9a5b8269288b22f842b88b1262f238
SHA256:dbc2d5310d94614a4c64d3101b3977a0d8b3e484d93c9cd858fb762c895cc39f

Identifiers

  • maven: de.vandermeer:char-translation:0.0.2  Confidence:High

checker-compat-qual-2.0.0.jar

Description:

 
        Checker Qual is the set of annotations (qualifiers) and supporting classes
        used by the Checker Framework to type check Java source code.  Please
        see artifact:
        org.checkerframework:checker
    

License:

GNU General Public License, version 2 (GPL2), with the classpath exception: http://www.gnu.org/software/classpath/license.html
The MIT License: http://opensource.org/licenses/MIT
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/checker-compat-qual-2.0.0.jar
MD5: b6fb2610dacd211a3e2c3d8af1b60d0f
SHA1: fc89b03860d11d6213d0154a62bcd1c2f69b9efa
SHA256:a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b

Identifiers

closure-compiler-v20130603.jar

Description:

 
    Closure Compiler is a JavaScript optimizing compiler. It parses your
    JavaScript, analyzes it, removes dead code and rewrites and minimizes
    what's left. It also checks syntax, variable references, and types, and
    warns about common JavaScript pitfalls. It is used in many of Google's
    JavaScript apps, including Gmail, Google Web Search, Google Maps, and
    Google Docs.
  

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/closure-compiler-v20130603.jar
MD5: 49ce4295fcce117f5f242170ec48bd2e
SHA1: b150c1666154435f43bc4665e202dee7c3c95eb7
SHA256:6ca35497d82bb61fc779676c508178f79a2457d1b71466c6bae2aa7612fe7975

Identifiers

commons-beanutils-1.7.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-beanutils-1.7.0.jar
MD5: 0f18acf5fa857f9959675e14d901a7ce
SHA1: 5675fd96b29656504b86029551973d60fb41339b
SHA256:24bcaa20ccbdc7c856ce0c0aea144566943403e2e9f27bd9779cda1d76823ef4

Identifiers

CVE-2014-0114  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.

Vulnerable Software & Versions: (show all)

commons-beanutils-core-1.8.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-beanutils-core-1.8.0.jar
MD5: a33ba25ae637909a97a60ff1d1b38857
SHA1: 175dc721f87e4bc5cc0573f990e28c3cf9117508
SHA256:9038c7ddc61d3d8089eb5a52a24b430a202617d57d2d344a93b68e4eafefefde

Identifiers

CVE-2014-0114  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation

Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1.

Vulnerable Software & Versions: (show all)

commons-cli-1.2.jar

Description:

 
    Commons CLI provides a simple API for presenting, processing and validating a command line interface.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-cli-1.2.jar
MD5: bfdcae1ff93f0c07d733f03bdce28c9e
SHA1: 2bf96b7aa8b611c177d329452af1dc933e14501c
SHA256:e7cd8951956d349b568b7ccfd4f5b2529a8c113e67c32b028f52ffda371259d9

Identifiers

  • maven: commons-cli:commons-cli:1.2  Confidence:High

commons-codec-1.11.jar

Description:

 
     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-codec-1.11.jar
MD5: 567159b1ae257a43e1391a8f59d24cfe
SHA1: 3acb4705652e16236558f0f4f2192cc33c3bd189
SHA256:e599d5318e97aa48f42136a2927e6dfa4e8881dff0e6c8e3109ddbbff51d7b7d

Identifiers

  • maven: commons-codec:commons-codec:1.11  Confidence:High

commons-collections-3.2.2.jar

Description:

 Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256:eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8

Identifiers

  • cpe: cpe:/a:apache:commons_collections:3.2.2  Confidence:Low  
  • maven: commons-collections:commons-collections:3.2.2  Confidence:High

commons-collections4-4.1.jar

Description:

 The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-collections4-4.1.jar
MD5: 45af6a8e5b51d5945de6c7411e290bd1
SHA1: a4cf4688fe1c7e3a63aa636cc96d013af537768e
SHA256:b1fe8b5968b57d8465425357ed2d9dc695504518bed2df5b565c4b8e68c1c8a5

Identifiers

  • maven: org.apache.commons:commons-collections4:4.1  Confidence:High
  • cpe: cpe:/a:apache:commons_collections:4.1  Confidence:Low  

commons-compress-1.16.1.jar

Description:

 
Apache Commons Compress software defines an API for working with
compression and archive formats.  These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-compress-1.16.1.jar
MD5: 3409638d6b6bd23042eeac5cd97e256c
SHA1: 7b5cdabadb4cf12f5ee0f801399e70635583193f
SHA256:a20d8e45315abbe07faf952e095817b9925f38c4fc39e8a211c7d072702e97eb

Identifiers

  • cpe: cpe:/a:apache:commons-compress:1.16.1  Confidence:Low  
  • maven: org.apache.commons:commons-compress:1.16.1  Confidence:High

commons-configuration-1.6.jar

Description:

 
        Tools to assist in the reading of configuration/preferences files in
        various formats
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-configuration-1.6.jar
MD5: b099d9f9b4b99071cc52b259308df69a
SHA1: 32cadde23955d7681b0d94a2715846d20b425235
SHA256:46b71b9656154f6a16ea4b1dc84026b52a9305f8eff046a2b4655fa1738e5eee

Identifiers

  • maven: commons-configuration:commons-configuration:1.6  Confidence:High

commons-daemon-1.0.13.jar

Description:

 
     Apache Commons Daemon software provides an alternative invocation mechanism for unix-daemon-like Java code.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-daemon-1.0.13.jar
MD5: 686f1a2cc85f8f4e939bd3cd28c9720b
SHA1: 750856a1fdb3ddf721ccf73c3518e4211cffc3a3
SHA256:fd63b583fd3e8baeae22efacbd5a4f91c1fd97f56248e62e2615efa7b81daeaa

Identifiers

  • cpe: cpe:/a:apache:apache_commons_daemon:1.0.13  Confidence:Low  
  • maven: commons-daemon:commons-daemon:1.0.13  Confidence:High

commons-digester-1.8.jar

Description:

 The Digester package lets you configure an XML->Java object mapping module
    which triggers certain actions called rules whenever a particular 
    pattern of nested XML elements is recognized.

License:

The Apache Software License, Version 2.0: /LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-digester-1.8.jar
MD5: cf89c593f0378e9509a06fce7030aeba
SHA1: dc6a73fdbd1fa3f0944e8497c6c872fa21dca37e
SHA256:05662373044f3dff112567b7bb5dfa1174e91e074c0c727b4412788013f49d56

Identifiers

commons-httpclient-3.1.jar

Description:

 The HttpClient  component supports the client-side of RFC 1945 (HTTP/1.0)  and RFC 2616 (HTTP/1.1) , several related specifications (RFC 2109 (Cookies) , RFC 2617 (HTTP Authentication) , etc.), and provides a framework by which new request types (methods) or HTTP extensions can be created easily.

License:

Apache License: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-httpclient-3.1.jar
MD5: 8ad8c9229ef2d59ab9f59f7050e846a5
SHA1: 964cd74171f427720480efdec40a7c7f6e58426a
SHA256:dbd4953d013e10e7c1cc3701a3e6ccd8c950c892f08d804fabfac21705930443

Identifiers

  • cpe: cpe:/a:apache:httpclient:3.1  Confidence:Low  
  • cpe: cpe:/a:apache:commons-httpclient:3.1  Confidence:Low  
  • maven: commons-httpclient:commons-httpclient:3.1   Confidence:Highest

commons-io-2.4.jar

Description:

 
The Commons IO library contains utility classes, stream implementations, file filters, 
file comparators, endian transformation classes, and much more.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-io-2.4.jar
MD5: 7f97854dc04c119d461fed14f5d8bb96
SHA1: b1b6ea3b7e4aa4f492509a4952029cd8e48019ad
SHA256:cc6a41dc3eaacc9e440a6bd0d2890b20d36b4ee408fe2d67122f328bb6e01581

Identifiers

  • maven: commons-io:commons-io:2.4  Confidence:High

commons-jexl-2.1.1.jar

Description:

 The Commons Jexl library is an implementation of the JSTL Expression Language with extensions.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-jexl-2.1.1.jar
MD5: 4ad8f5c161dd3a50e190334555675db9
SHA1: 6ecc181debade00230aa1e17666c4ea0371beaaa
SHA256:03c9a9fae5da78ce52c0bf24467cc37355b7e23196dff4839e2c0ff018a01306

Identifiers

  • maven: org.apache.commons:commons-jexl:2.1.1  Confidence:High

commons-lang-2.6.jar

Description:

 
        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256:50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c

Identifiers

  • maven: commons-lang:commons-lang:2.6  Confidence:High

commons-lang3-3.7.jar

Description:

 
  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-lang3-3.7.jar
MD5: f1df5623d78c432b7c3d58ff491e1801
SHA1: 557edd918fd41f9260963583ebf5a61a43a6b423
SHA256:6e8dc31e046508d9953c96534edf0c2e0bfe6f468966b5b842b3f87e43b6a847

Identifiers

  • maven: org.apache.commons:commons-lang3:3.7  Confidence:High

commons-logging-1.2.jar

Description:

 Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256:daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636

Identifiers

  • maven: commons-logging:commons-logging:1.2  Confidence:High

commons-math3-3.1.1.jar

Description:

 The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-math3-3.1.1.jar
MD5: 505ece0d2261b037101e6c4bdf541ca7
SHA1: 6719d757a98ff24a83d9d727bef9cec83f59b6e1
SHA256:a07e39d31c46032879f0a48ae1bd0142b17dd67664c008b50216e9891f346c54

Identifiers

  • maven: org.apache.commons:commons-math3:3.1.1  Confidence:High

commons-net-3.1.jar

Description:

 
Apache Commons Net library contains a collection of network utilities and protocol implementations.
Supported protocols include: Echo, Finger, FTP, NNTP, NTP, POP3(S), SMTP(S), Telnet, Whois
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/commons-net-3.1.jar
MD5: 23c94d51e72f341fb412d6a015e16313
SHA1: 2298164a7c2484406f2aa5ac85b205d39019896f
SHA256:34a58d6d80a50748307e674ec27b4411e6536fd12e78bec428eb2ee49a123007

Identifiers

  • maven: commons-net:commons-net:3.1  Confidence:High

crawler-commons-0.10.jar

Description:

 crawler-commons is a set of reusable Java components that implement 
	functionality common to any web crawler.
	

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/crawler-commons-0.10.jar
MD5: 9008c9876d7ad7e8a39a915120efe867
SHA1: 40a3cb267fd85959902fbbf4a652b6131bc06f8b
SHA256:77dcdc049b1b9481e5a2e4adee0ce0bb70c806b8be03cad72a04df754178490c

Identifiers

  • maven: com.github.crawler-commons:crawler-commons:0.10  Confidence:High

curator-client-2.7.1.jar

Description:

 Low-level API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/curator-client-2.7.1.jar
MD5: 3b43933c18d1dcf15f88db73ee646396
SHA1: a591dfc085db3e9d4d480381cc7e6ae8a26b34af
SHA256:949ac95323bb13b4d9cde33ab1ca73f07a87e6e43cf76629e89fdd74d5b378e4

Identifiers

  • maven: org.apache.curator:curator-client:2.7.1  Confidence:High

curator-framework-2.7.1.jar

Description:

 High-level API that greatly simplifies using ZooKeeper.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/curator-framework-2.7.1.jar
MD5: 35bff30d2a79a8b0731269604b1327ee
SHA1: 8c7b1eeb78e43bb91ea737111ba3dec0512be876
SHA256:a65e3f515b022d84d86c553c99216e384bc82d1de51b5a32b10f33314ad81ceb

Identifiers

  • cpe: cpe:/a:apache:zookeeper:2.7.1  Confidence:Low  
  • maven: org.apache.curator:curator-framework:2.7.1  Confidence:High

CVE-2014-0085  

Severity:Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management

JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source of the flaw as Zookeeper. Previous text: Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.

Vulnerable Software & Versions: (show all)

CVE-2016-5017  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.

Vulnerable Software & Versions: (show all)

CVE-2018-8012  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-285 Improper Authorization

No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.

Vulnerable Software & Versions: (show all)

curator-recipes-2.7.1.jar

Description:

 All of the recipes listed on the ZooKeeper recipes doc (except two phase commit).

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/curator-recipes-2.7.1.jar
MD5: 156ad30fb9995b072175ae60fbb352a5
SHA1: a2c180efc6a38a4f8c9197eb35bb4eb5716cd2fa
SHA256:ce122f137e36268e30082bf1565c51d874ca926801be3ca73b3c0d522b0dfe2c

Identifiers

  • maven: org.apache.curator:curator-recipes:2.7.1  Confidence:High

cxf-core-3.1.15.jar

Description:

 Apache CXF Core

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/cxf-core-3.1.15.jar
MD5: 44f7c10b757cb519794fad1a7101e836
SHA1: 5ce359b4a4da2b0bb412cce501e57cbc256d6602
SHA256:63caaff48adcdf821ae66bf54182f1220762194fe1d75b8ed718dbfb6cdf5352

Identifiers

  • maven: org.apache.cxf:cxf-core:3.1.15  Confidence:High
  • cpe: cpe:/a:apache:cxf:3.1.15  Confidence:Highest  

CVE-2018-8039  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-254 7PK - Security Features

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.

Vulnerable Software & Versions: (show all)

dom4j-1.6.1.jar

Description:

 dom4j: the flexible XML framework for Java

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/dom4j-1.6.1.jar
MD5: 4d8f51d3fe3900efc6e395be48030d6d
SHA1: 5d3ccc056b6f056dbf0dddfdf43894b9065a8f94
SHA256:593552ffea3c5823c6602478b5002a7c525fd904a3c44f1abe4065c22edfac73

Identifiers

error_prone_annotations-2.1.3.jar

License:

Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/error_prone_annotations-2.1.3.jar
MD5: 97504b36cf871722d81a4b9e114f2a16
SHA1: 39b109f2cd352b2d71b52a3b5a1a9850e1dc304b
SHA256:03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8

Identifiers

  • maven: com.google.errorprone:error_prone_annotations:2.1.3  Confidence:High

gson-2.2.4.jar

Description:

 Google Gson library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/gson-2.2.4.jar
MD5: 2f54fc24807a4cad7297012dd8cebf3d
SHA1: a60a5e993c98c864010053cb901b7eab25306568
SHA256:c0328cd07ca9e363a5acd00c1cf4afe8cf554bd6d373834981ba05cebec687fb

Identifiers

guava-25.0-jre.jar

Description:

 
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/guava-25.0-jre.jar
MD5: a8e597a21ea6a9bc661d038b52b01b93
SHA1: 7319c34fa5866a85b6bad445adad69d402323129
SHA256:3fd4341776428c7e0e5c18a7c10de129475b69ab9d30aeafbb5c277bb6074fa9

Identifiers

  • maven: com.google.guava:guava:25.0-jre  Confidence:High

guice-3.0.jar

Description:

 Guice is a lightweight dependency injection framework for Java 5 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/guice-3.0.jar
MD5: ca1c7ba366884cfcd2cfb48d2395c400
SHA1: 9d84f15fe35e2c716a02979fb62f50a29f38aefa
SHA256:1a59d0421ffd355cc0b70b42df1c2e9af744c8a2d0c92da379f5fca2f07f1d22

Identifiers

guice-servlet-3.0.jar

Description:

 Guice is a lightweight dependency injection framework for Java 5 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/guice-servlet-3.0.jar
MD5: c9f66a5f6a0d840d9057b30853f25b85
SHA1: 610cde0e8da5a8b7d8efb8f0b8987466ffebaaf9
SHA256:9e72a4b8582888d53c2f4297e93276a3c14c82880124490f2da7b16a9df1c618

Identifiers

h2-1.4.197.jar

Description:

 H2 Database Engine

License:

MPL 2.0 or EPL 1.0: http://h2database.com/html/license.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/h2-1.4.197.jar
MD5: f9893acfa22b7fe1492dd9c515af2e5b
SHA1: bb391050048ca8ae3e32451b5a3714ecd3596a46
SHA256:37f5216e14af2772930dff9b8734353f0a80e89ba3f33e065441de6537c5e842

Identifiers

CVE-2018-10054  

Severity:Medium
CVSS Score: 6.5 (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code.

Vulnerable Software & Versions:

CVE-2018-14335  

Severity:Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CWE: CWE-275 Permission Issues

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.

Vulnerable Software & Versions:

hadoop-client-2.2.0.jar

Description:

 Apache Hadoop Client

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/hadoop-client-2.2.0.jar
MD5: 1e95dbd1290e541f4753cf6ae305ad84
SHA1: 8bc8c12f1991d1145e40011c8a8935798948246e
SHA256:a55d2a6afd3c0f3ec43b7853d9fe44ff56fb5c89f2ac59cb50c1867757ccf72e

Identifiers

  • maven: org.apache.hadoop:hadoop-client:2.2.0  Confidence:High
  • cpe: cpe:/a:apache:hadoop:2.2.0  Confidence:Highest  

CVE-2014-0229  

Severity:Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Apache Hadoop 0.23.x before 0.23.11 and 2.x before 2.4.1, as used in Cloudera CDH 5.0.x before 5.0.2, do not check authorization for the (1) refreshNamenodes, (2) deleteBlockPool, and (3) shutdownDatanode HDFS admin commands, which allows remote authenticated users to cause a denial of service (DataNodes shutdown) or perform unnecessary operations by issuing a command.

Vulnerable Software & Versions: (show all)

CVE-2014-3627  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-59 Improper Link Resolution Before File Access ('Link Following')

The YARN NodeManager daemon in Apache Hadoop 0.23.0 through 0.23.11 and 2.x before 2.5.2, when using Kerberos authentication, allows remote cluster users to change the permissions of certain files to world-readable via a symlink attack in a public tar archive, which is not properly handled during localization, related to distributed cache.

Vulnerable Software & Versions: (show all)

CVE-2016-5001  

Severity:Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

This is an information disclosure vulnerability in Apache Hadoop before 2.6.4 and 2.7.x before 2.7.2 in the short-circuit reads feature of HDFS. A local user on an HDFS DataNode may be able to craft a block token that grants unauthorized read access to random files by guessing certain fields in the token.

Vulnerable Software & Versions: (show all)

CVE-2016-6811  

Severity:High
CVSS Score: 9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
CWE: CWE-264 Permissions, Privileges, and Access Controls

In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.

Vulnerable Software & Versions: (show all)

CVE-2017-15713  

Severity:Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history server host.

Vulnerable Software & Versions: (show all)

CVE-2017-3161  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The HDFS web UI in Apache Hadoop before 2.7.0 is vulnerable to a cross-site scripting (XSS) attack through an unescaped query parameter.

Vulnerable Software & Versions:

CVE-2017-3162  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation

HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as a query parameter that is not validated in Apache Hadoop before 2.7.0.

Vulnerable Software & Versions:

hadoop-mapreduce-client-core-2.7.4.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/hadoop-mapreduce-client-core-2.7.4.jar
MD5: 7bf3a032acb82ce47d9708c18e32c40d
SHA1: d65431f1fc78577d8fb0db1a5330f26dfe3436d0
SHA256:0594de6f97ea0105fd977ab4e86398199a514141380ca254999d49210e125cf0

Identifiers

  • maven: org.apache.hadoop:hadoop-mapreduce-client-core:2.7.4  Confidence:High
  • cpe: cpe:/a:apache:hadoop:2.7.4  Confidence:Highest  

CVE-2017-15718  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management

The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications.

Vulnerable Software & Versions: (show all)

htmlparser-1.6.jar

Description:

 HTML Parser is a Java library used to parse HTML in either a linear or nested fashion. Primarily used for transformation or extraction, it features filters, visitors, custom tags and easy to use JavaBeans. It is a fast, robust and well tested package.

License:

Common Public License: http://opensource.org/licenses/cpl1.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/htmlparser-1.6.jar
MD5: 1b023d0dd96e641db76f46ddbb19d6ca
SHA1: 9e8b3f44195ba40fcf1fe7d7b787786c0e83edfe
SHA256:00ec0f610f0b7f5e00f8f3d41dc108cace3036a504be439bd1072d693de2f8a7

Identifiers

htrace-core-3.1.0-incubating.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/htrace-core-3.1.0-incubating.jar
MD5: c49a4662d691a09eed10e0a35dd73299
SHA1: f73606e7c9ede5802335c290bf47490ad6d51df3
SHA256:d96c869afaf65315ece8ca09673b187557e9dbaad31df24467a5aa759812188d

Identifiers

httpclient-4.5.5.jar

Description:

 
   Apache HttpComponents Client
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/httpclient-4.5.5.jar
MD5: 97e7e5b135476b7d25a5ab31e1ea4922
SHA1: 1603dfd56ebcd583ccdf337b6c3984ac55d89e58
SHA256:7e97724443ad2a25ad8c73183431d47cc7946271bcbbdfa91a8a17522a566573

Identifiers

  • maven: org.apache.httpcomponents:httpclient:4.5.5  Confidence:High
  • cpe: cpe:/a:apache:httpclient:4.5.5  Confidence:Low  

httpcore-4.4.9.jar

Description:

 
   Apache HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/httpcore-4.4.9.jar
MD5: b89455507839c09d6119661defd2166a
SHA1: a86ce739e5a7175b4b234c290a00a5fdb80957a0
SHA256:1b4a1c0b9b4222eda70108d3c6e2befd4a6be3d9f78ff53dd7a94966fdf51fc5

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.4.9  Confidence:High

httpcore-nio-4.4.9.jar

Description:

 
   Apache HttpComponents Core (non-blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/httpcore-nio-4.4.9.jar
MD5: 82f897e19f09775fa65e9631a638cb58
SHA1: efd20e1f401d7464ffa7cce114f0bbbed8252a73
SHA256:366c7def45fb27816bb2d1ec4017fb1a5855940669123177234c4091ee269fdb

Identifiers

  • maven: org.apache.httpcomponents:httpcore-nio:4.4.9  Confidence:High

icu4j-61.1.jar

Description:

 
    International Component for Unicode for Java (ICU4J) is a mature, widely used Java library
    providing Unicode and Globalization support 
  

License:

Unicode/ICU License: http://source.icu-project.org/repos/icu/trunk/icu4j/main/shared/licenses/LICENSE
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/icu4j-61.1.jar
MD5: 07e6b698917de94886bf0dfb4d042fc0
SHA1: 28d33b5e44e72edcc66a5da7a34a42147f38d987
SHA256:55c98eb1838b2a4bb9a07dc36bd378532d64d0cdcb7ceee914236866a7de4464

Identifiers

j2objc-annotations-1.1.jar

Description:

 
    A set of annotations that provide additional information to the J2ObjC
    translator to modify the result of translation.
  

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/j2objc-annotations-1.1.jar
MD5: 49ae3204bb0bb9b2ac77062641f4a6d7
SHA1: ed28ded51a8b1c6b112568def5f4b455e6809019
SHA256:2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6

Identifiers

  • maven: com.google.j2objc:j2objc-annotations:1.1  Confidence:High

jackson-annotations-2.9.0.jar

Description:

 Core annotations used for value types, used by Jackson data binding package.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jackson-annotations-2.9.0.jar
MD5: c09faa1b063681cf45706c6df50685b6
SHA1: 07c10d545325e3a6e72e06381afe469fd40eb701
SHA256:45d32ac61ef8a744b464c54c2b3414be571016dd46bfc2bec226761cf7ae457a

Identifiers

  • maven: com.fasterxml.jackson.core:jackson-annotations:2.9.0  Confidence:High
  • cpe: cpe:/a:fasterxml:jackson:2.9.0  Confidence:Low  

jackson-core-2.9.5.jar

Description:

 Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jackson-core-2.9.5.jar
MD5: ec59f24f7f8d9acf53301c562722adf2
SHA1: a22ac51016944b06fd9ffbc9541c6e7ce5eea117
SHA256:a2bebaa325ad25455b02149c67e6052367a7d7fc1ce77de000eed284a5214eac

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.9.5  Confidence:Low  
  • maven: com.fasterxml.jackson.core:jackson-core:2.9.5  Confidence:High

jackson-core-asl-1.9.13.jar

Description:

 Jackson is a high-performance JSON processor (parser, generator)

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jackson-core-asl-1.9.13.jar
MD5: 319c49a4304e3fa9fe3cd8dcfc009d37
SHA1: 3c304d70f42f832e0a86d45bd437f692129299a4
SHA256:440a9cb5ca95b215f953d3a20a6b1a10da1f09b529a9ddea5f8a4905ddab4f5a

Identifiers

jackson-databind-2.9.5.jar

Description:

 General data-binding functionality for Jackson: works on core streaming API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jackson-databind-2.9.5.jar
MD5: 34b37affbf74f5d199be10622ddc83cd
SHA1: 3490508379d065fe3fcb80042b62f630f7588606
SHA256:0fb4e079c118e752cc94c15ad22e6782b0dfc5dc09145f4813fb39d82e686047

Identifiers

  • maven: com.fasterxml.jackson.core:jackson-databind:2.9.5  Confidence:High
  • cpe: cpe:/a:fasterxml:jackson:2.9.5  Confidence:Low  
  • cpe: cpe:/a:fasterxml:jackson-databind:2.9.5  Confidence:Low  

java-xmlbuilder-0.4.jar

Description:

 XML Builder is a utility that creates simple XML documents using relatively sparse Java code

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/java-xmlbuilder-0.4.jar
MD5: 0fa474213a6a0282cd9264f6e0dd3658
SHA1: ac5962e48cdee3a0a6e1f8e00fcb594747ac5aaf
SHA256:681e53c4ffd59fa12068803b259e3a83d43f07a47c112e748a187dee179eb31f

Identifiers

  • maven: com.jamesmurty.utils:java-xmlbuilder:0.4  Confidence:High

javassist-3.12.1.GA.jar

Description:

 Javassist (JAVA programming ASSISTant) makes Java bytecode manipulation
     simple.  It is a class library for editing bytecodes in Java.
  

License:

MPL 1.1: http://www.mozilla.org/MPL/MPL-1.1.html
LGPL 2.1: http://www.gnu.org/licenses/lgpl-2.1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/javassist-3.12.1.GA.jar
MD5: 30d9d95456d43005da78d7281accccd1
SHA1: 526633327faa61aee448a519e8a4d53ec3057885
SHA256:3f5780dacb4b28ad147100f74361bb338a45069d8034b24735bb8292d2856614

Identifiers

  • maven: javassist:javassist:3.12.1.GA  Confidence:High

javax.annotation-api-1.2.jar

Description:

 Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/javax.annotation-api-1.2.jar
MD5: 75fe320d2b3763bd6883ae1ede35e987
SHA1: 479c1e06db31c432330183f5cae684163f186146
SHA256:5909b396ca3a2be10d0eea32c74ef78d816e1b4ead21de1d78de1f890d033e04

Identifiers

  • maven: javax.annotation:javax.annotation-api:1.2  Confidence:High

javax.inject-1.jar

Description:

 The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff

Identifiers

javax.persistence-2.2.0.jar

Description:

 javax.persistence build based upon git transaction 06e0f48

License:

Eclipse Public License v1.0: http://www.eclipse.org/legal/epl-v10.html
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/javax.persistence-2.2.0.jar
MD5: 22e2b0d74b49db8fe2139615f06258cf
SHA1: 1c151c4dab60a89b5acc34f61132fc669f0b9e2e
SHA256:93cf6600de75e027985f765929dfd0788e9677fcb961a7372b4ca3d06c57d58f

Identifiers

javax.servlet-api-3.1.0.jar

Description:

 Java(TM) Servlet 3.1 API Design Specification

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/javax.servlet-api-3.1.0.jar
MD5: 79de69e9f5ed8c7fcb8342585732bbf7
SHA1: 3cd63d075497751784b2fa84be59432f4905bf7c
SHA256:af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482

Identifiers

  • maven: javax.servlet:javax.servlet-api:3.1.0  Confidence:High

javax.ws.rs-api-2.0.1.jar

Description:

 Java API for RESTful Web Services (JAX-RS)

License:

CDDL 1.1: http://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/javax.ws.rs-api-2.0.1.jar
MD5: edcd111cf4d3ba8ac8e1f326efc37a17
SHA1: 104e9c2b5583cfcfeac0402316221648d6d8ea6b
SHA256:38607d626f2288d8fbc1b1f8a62c369e63806d9a313ac7cbc5f9d6c94f4b466d

Identifiers

  • cpe: cpe:/a:ws_project:ws:2.0.1  Confidence:Low  
  • maven: javax.ws.rs:javax.ws.rs-api:2.0.1  Confidence:High

jaxb-api-2.2.11.jar

Description:

 JAXB (JSR 222) API

License:

CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-api-2.2.11.jar
MD5: 5983d1e2ec1a9b0604575cd9e9582591
SHA1: 32274d4244967ff43e7a5d967743d94ed3d2aea7
SHA256:273d82f8653b53ad9d00ce2b2febaef357e79a273560e796ff3fcfec765f8910

Identifiers

  • maven: javax.xml.bind:jaxb-api:2.2.11  Confidence:High

jaxb-core-2.2.11.jar

Description:

 Old JAXB Core module. Contains sources required by XJC, JXC and Runtime modules with dependencies.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-core-2.2.11.jar
MD5: c5eca4e58a75eabe3379926803421bab
SHA1: c3f87d654f8d5943cd08592f3f758856544d279a
SHA256:b13da0c655a3d590a2a945553648c407e6347648c9f7a3f811b7b3a8a1974baa

Identifiers

jaxb-impl-2.2.11.jar

Description:

 Old JAXB Runtime module. Contains sources required for runtime processing.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-impl-2.2.11.jar
MD5: bea06b3ee5ef2c338beac9187b7782f3
SHA1: a49ce57aee680f9435f49ba6ef427d38c93247a6
SHA256:f91793a96f185a2fc004c86a37086f060985854ce6b19935e03c4de51e3201d2

Identifiers

jersey-client-1.19.4.jar

Description:

 Jersey is the open source (under dual CDDL+GPL license) JAX-RS (JSR 311)        production quality Reference Implementation for building        RESTful Web services.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html, http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jersey-client-1.19.4.jar
MD5: 38e569bc5ff0615d82fac507da373973
SHA1: 9b1f3cf3fdd02d313018f1a67c42106e6ce9f60d
SHA256:639c825c5db580f8115bf49ffc893093526d2ed1079fbc929b6a5fbd0b2eda40

Identifiers

  • maven: com.sun.jersey:jersey-client:1.19.4  Confidence:High

jersey-core-1.9.jar

Description:

 Jersey is the open source (under dual CDDL+GPL license) JAX-RS (JSR 311)        production quality Reference Implementation for building        RESTful Web services.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html, http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jersey-core-1.9.jar
MD5: 73d196595f5e410a37c0a4337350ceb7
SHA1: 8341846f18187013bb9e27e46b7ee00a6395daf4
SHA256:2c6d0ec88fc8c36cb41637d9c00d0698c22cb6b6a137fa526ef782e00d2265bc

Identifiers

  • maven: com.sun.jersey:jersey-core:1.9  Confidence:High

jersey-guice-1.9.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jersey-guice-1.9.jar
MD5: a81140d246f420c1e2eabe649417c5b1
SHA1: 5963c28c47df7e5d6ad34cec80c071c368777f7b
SHA256:544fc92d2625332a9a8eeaa7a7274cf1af6703936a50afa80d92a78200a7de34

Identifiers

  • maven: com.sun.jersey.contribs:jersey-guice:1.9  Confidence:High

jersey-json-1.9.jar

Description:

 Jersey is the open source (under dual CDDL+GPL license) JAX-RS (JSR 311)        production quality Reference Implementation for building        RESTful Web services.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html, http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jersey-json-1.9.jar
MD5: 17ca6b0d49ed8db159b7827b6defa6b6
SHA1: 1aa73e1896bcc7013fed247157d7f676226eb432
SHA256:cc5d535f43cef0d1c467240961aae35801a837ab010319e741b2c7a6658f3fd6

Identifiers

  • maven: com.sun.jersey:jersey-json:1.9  Confidence:High

jersey-server-1.9.jar

Description:

 Jersey is the open source (under dual CDDL+GPL license) JAX-RS (JSR 311)        production quality Reference Implementation for building        RESTful Web services.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html, http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jersey-server-1.9.jar
MD5: 0c98f6cca5df8197b310a0d1d89bb34a
SHA1: 3a6ea7cc5e15c824953f9f3ece2201b634d90d18
SHA256:3ded91b198077561bd51f6c0442c9cd70b754d8b31b61afaf448bda9d01848f0

Identifiers

  • maven: com.sun.jersey:jersey-server:1.9  Confidence:High

jettison-1.1.jar

Description:

 A StAX implementation for JSON.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jettison-1.1.jar
MD5: fc80e0aabd516c54739262c3d618303a
SHA1: 1a01a2a1218fcf9faa2cc2a6ced025bdea687262
SHA256:377940288b0643c48780137f6f68578937e1ea5ca2b73830a820c50a7b7ed801

Identifiers

  • maven: org.codehaus.jettison:jettison:1.1  Confidence:High

jetty-6.1.26.jar

Description:

 Jetty server core

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jetty-6.1.26.jar
MD5: 12b65438bbaf225102d0396c21236052
SHA1: 2f546e289fddd5b1fab1d4199fbb6e9ef43ee4b0
SHA256:21091d3a9c1349f640fdc421504a604c040ed89087ecc12afbe32353326ed4e5

Identifiers

  • cpe: cpe:/a:mortbay_jetty:jetty:6.1.26  Confidence:Low  
  • maven: org.mortbay.jetty:jetty:6.1.26  Confidence:High
  • cpe: cpe:/a:mortbay:jetty:6.1.26  Confidence:Low  
  • cpe: cpe:/a:jetty:jetty:6.1.26  Confidence:Low  

CVE-2011-4461  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues

Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Vulnerable Software & Versions: (show all)

jetty-http-9.2.22.v20170606.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jetty-http-9.2.22.v20170606.jar
MD5: 53772f65a4f6a5fa96a5cda55c448363
SHA1: ba2028c83e4d54a86ee8d765659d56058b205da8
SHA256:78e7a7381037abe4a739387ea55d977a3e53c31d48b97195740ff2e2edf35303

Identifiers

  • maven: org.eclipse.jetty:jetty-http:9.2.22.v20170606  Confidence:High
  • cpe: cpe:/a:jetty:jetty:9.2.22.v20170606  Confidence:Low  
  • cpe: cpe:/a:eclipse:jetty:9.2.22.v20170606  Confidence:Low  

CVE-2017-7656  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.

Vulnerable Software & Versions: (show all)

CVE-2017-7657  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-190 Integer Overflow or Wraparound

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

Vulnerable Software & Versions: (show all)

CVE-2017-7658  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-19 Data Processing Errors

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Vulnerable Software & Versions: (show all)

CVE-2017-9735  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

Vulnerable Software & Versions:

jetty-io-9.2.22.v20170606.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jetty-io-9.2.22.v20170606.jar
MD5: 083116d9dadfdf9e82ccd733e0332d5b
SHA1: 4995c060104afeab9cedf9e4d0cfb1cacfeece8b
SHA256:21e8797c0d1fca20509ee44cf3b013ae09c184dae1806e8995d844f857ca6799

Identifiers

  • maven: org.eclipse.jetty:jetty-io:9.2.22.v20170606  Confidence:High

joda-time-2.3.jar

Description:

 Date and time library to replace JDK date handling

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/joda-time-2.3.jar
MD5: ff85fe8f3ab26b36092475a95f43fb7e
SHA1: 56498efd17752898cfcc3868c1b6211a07b12b8f
SHA256:602fd8006641f8b3afd589acbd9c9b356712bdcf0f9323557ec8648cd234983b

Identifiers

  • maven: joda-time:joda-time:2.3  Confidence:High

jquery-2.0.3-1.jar

Description:

 WebJar for jQuery

License:

MIT License: https://github.com/jquery/jquery/blob/master/MIT-LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jquery-2.0.3-1.jar
MD5: 732cfed87e366dd90b2a975ad74366bb
SHA1: 9be7beefd7c17933d68640da261e3e05d46f3b45
SHA256:a43d569f4ec10a9383719bec2185d10959623345688b5be28ca8ea3856a82d17

Identifiers

  • maven: org.webjars:jquery:2.0.3-1  Confidence:High

jquery-selectors-0.0.3.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jquery-selectors-0.0.3.jar
MD5: a2f60c4f980351d48d9415fb01fdf1b7
SHA1: 00b658478b70ef120c434054d7a07790e2aff3bb
SHA256:7191f3a436b2302841d927ef5b95a1aaac4df514836174ff7f7963384b95978f

Identifiers

  • maven: de.agilecoders.wicket:jquery-selectors:0.0.3  Confidence:High

jquery-ui-1.10.2-1.jar

Description:

 WebJar for jQuery UI

License:

MIT License: https://github.com/jquery/jquery-ui/blob/master/MIT-LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jquery-ui-1.10.2-1.jar
MD5: 8514b666fa516423c426cb4857c94745
SHA1: 4767035496f7b4ecf2cfb9aea39003dc2eeecd59
SHA256:277d7a47ba2cd0912eae32aeb662896264e2e3b4d0d10815c4d1433fc6e435b5

Identifiers

  • maven: org.webjars:jquery-ui:1.10.2-1  Confidence:High

jquerypp-1.0.1.jar

Description:

 WebJar for jQuery++

License:

MIT License: https://github.com/jupiterjs/jquerypp/blob/master/license.md
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jquerypp-1.0.1.jar
MD5: 653b09bd62701f3544f1a8e9a28d4625
SHA1: 8ad527112c0d70fc140475d0f04802c3567c77fe
SHA256:834febdee3ae60e13178ed1f945c0fb5141b1534c4799584bf25939c0730f828

Identifiers

  • maven: org.webjars:jquerypp:1.0.1  Confidence:High

jsch-0.1.54.jar

Description:

 JSch is a pure Java implementation of SSH2

License:

Revised BSD: http://www.jcraft.com/jsch/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jsch-0.1.54.jar
MD5: 56a6c6fc5819e21c665355b39b9097d8
SHA1: da3584329a263616e277e15462b387addd1b208d
SHA256:92eb273a3316762478fdd4fe03a0ce1842c56f496c9c12fe1235db80450e1fdb

Identifiers

  • cpe: cpe:/a:jcraft:jsch:0.1.54  Confidence:Low  
  • maven: com.jcraft:jsch:0.1.54  Confidence:High

jsp-api-2.1.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jsp-api-2.1.jar
MD5: b8a34113a3a1ce29c8c60d7141f5a704
SHA1: 63f943103f250ef1f3a4d5e94d145a0f961f5316
SHA256:545f4e7dc678ffb4cf8bd0fd40b4a4470a409a787c0ea7d0ad2f08d56112987b

Identifiers

jsr305-3.0.0.jar

Description:

 JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jsr305-3.0.0.jar
MD5: 195d5db8981fbec5fa18d5df9fad95ed
SHA1: 5871fb60dc68d67da54a663c3fd636a10a532948
SHA256:bec0b24dcb23f9670172724826584802b80ae6cbdaba03bdebdef9327b962f6a

Identifiers

juniversalchardet-1.0.3.jar

Description:

 Java port of universalchardet

License:

Mozilla Public License 1.1 (MPL 1.1): http://www.mozilla.org/MPL/MPL-1.1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/juniversalchardet-1.0.3.jar
MD5: d9ea0a9a275336c175b343f2e4cd8f27
SHA1: cd49678784c46aa8789c060538e0154013bb421b
SHA256:757bfe906193b8b651e79dc26cd67d6b55d0770a2cdfb0381591504f779d4a76

Identifiers

  • maven: com.googlecode.juniversalchardet:juniversalchardet:1.0.3  Confidence:High

leveldbjni-all-1.8.jar

Description:

 An uber jar which contains all the leveldbjni platform libraries and dependencies

License:

http://www.opensource.org/licenses/BSD-3-Clause
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/leveldbjni-all-1.8.jar
MD5: 6944e9bc03c7938868e53c96726ae914
SHA1: 707350a2eeb1fa2ed77a32ddb3893ed308e941db
SHA256:c297213b0e6f9392305952753f3099a4c02e70b3656266fe01867e7b6c160ffe

Identifiers

  • maven: org.fusesource.leveldbjni:leveldbjni-all:1.8  Confidence:High
  • cpe: cpe:/a:id:id-software:1.8  Confidence:Low  

log4j-1.2.17.jar

Description:

 Apache Log4j 1.2

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/log4j-1.2.17.jar
MD5: 04a41f0a068986f0f73485cf507c0f40
SHA1: 5af35056b4d257e4b64b9e8069c0746e8b08629f
SHA256:1d31696445697720527091754369082a6651bd49781b6005deb94e56753406f9

Identifiers

  • cpe: cpe:/a:apache:log4j:1.2.17  Confidence:Low  
  • maven: log4j:log4j:1.2.17  Confidence:High

maven-parent-config-0.3.4.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/maven-parent-config-0.3.4.jar
MD5: aaf25e6f75341a109323d00ed823c596
SHA1: b2ac776e18fda81b7e1487d32e13a5618281c4d8
SHA256:9a087f524b7d8f049b49c88e9b097b3101eea624ad04a93c638de63701fa81e4

Identifiers

  • maven: de.agilecoders.maven:maven-parent-config:0.3.4  Confidence:High

modernizr-2.6.2-1.jar

Description:

 WebJar for Modernizr

License:

MIT License: http://en.wikipedia.org/wiki/MIT_License
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/modernizr-2.6.2-1.jar
MD5: 6fb51714f12c1cc66763fd5467abfdb4
SHA1: 86cc31cc6a32f81be5074f9fa27cf53d5e210198
SHA256:7076ac7d1e598173386608a207bde0ac0a9bc51f86c4e92583281a69d0abfb63

Identifiers

  • maven: org.webjars:modernizr:2.6.2-1  Confidence:High

neethi-3.1.1.jar

Description:

 Apache Neethi provides general framework for the programmers to use WS Policy. It is compliant with latest WS Policy specification which was published in March 2006. This framework is specifically written to enable the Apache Web services stack to use WS Policy as a way of expressing it's requirements and capabilities.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/neethi-3.1.1.jar
MD5: 13dd27a2bd870dfb01d67a086a8c1948
SHA1: 3a942a7921e66bb0081b16cf8f8a68e456b91de1
SHA256:7f8c00d9bbfbaa97a97a461cdeadb20054b956acb7536782703ca5a9a330ff22

Identifiers

  • maven: org.apache.neethi:neethi:3.1.1  Confidence:High
  • cpe: cpe:/a:apache:apache_test:3.1.1  Confidence:Low  

netty-3.6.2.Final.jar

Description:

 
    The Netty project is an effort to provide an asynchronous event-driven
    network application framework and tools for rapid development of
    maintainable high performance and high scalability protocol servers and
    clients.  In other words, Netty is a NIO client server framework which
    enables quick and easy development of network applications such as protocol
    servers and clients. It greatly simplifies and streamlines network
    programming such as TCP and UDP socket server.
  

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/netty-3.6.2.Final.jar
MD5: 65546c0885e83ba36f1f4d9ff9f8c776
SHA1: 69be11c61427f0604a30539755add84ad9e37e5e
SHA256:d4ff9f0a2959633e062edd0e678d8187bbe95ad19195384ac524fd41f00f5a44

Identifiers

CVE-2014-0193  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

WebSocket08FrameDecoder in Netty 3.6.x before 3.6.9, 3.7.x before 3.7.1, 3.8.x before 3.8.2, 3.9.x before 3.9.1, and 4.0.x before 4.0.19 allows remote attackers to cause a denial of service (memory consumption) via a TextWebSocketFrame followed by a long stream of ContinuationWebSocketFrames.

Vulnerable Software & Versions: (show all)

CVE-2014-3488  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Vulnerable Software & Versions: (show all)

CVE-2015-2156  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-20 Improper Input Validation

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

Vulnerable Software & Versions: (show all)

netty-all-4.0.23.Final.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/netty-all-4.0.23.Final.jar
MD5: 4725826ca7ba3713db6748ee8f3906c3
SHA1: 0294104aaf1781d6a56a07d561e792c5d0c95f45
SHA256:50510e9c9874b539b98ef931fe7eeeb002f6b5b1976ea37669b9493426294561

Identifiers

CVE-2015-2156  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-20 Improper Input Validation

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

Vulnerable Software & Versions: (show all)

CVE-2016-4970  

Severity:High
CVSS Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

Vulnerable Software & Versions: (show all)

objenesis-2.6.jar

Description:

 A library for instantiating Java objects

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/objenesis-2.6.jar
MD5: 5ffac3f51405ca9b2915970a224b3e8f
SHA1: 639033469776fd37c08358c6b92a4761feb2af4b
SHA256:5e168368fbc250af3c79aa5fef0c3467a2d64e5a7bd74005f25d8399aeb0708d

Identifiers

ormlite-core-5.1.jar

Description:

 Lightweight Object Relational Model (ORM) for persisting objects to SQL databases.

License:

ISC License: http://ormlite.com/docs/license
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/ormlite-core-5.1.jar
MD5: 3b5473635934ea282d4fc7a3f562fd72
SHA1: bf7a747016c99ac01577d3268a4ac9c24e94d5de
SHA256:0a62a2e4d873006d6d4c510441cc3ee3bb58083276b3f97bc4feb13673b16499

Identifiers

  • maven: com.j256.ormlite:ormlite-core:5.1  Confidence:High

ormlite-jdbc-5.1.jar

Description:

 Lightweight Object Relational Model (ORM) JDBC classes

License:

ISC License: http://ormlite.com/docs/license
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/ormlite-jdbc-5.1.jar
MD5: 458cf324931829af2092b22af75bf926
SHA1: 8c5fac7d12ee7d3c82a4eb01534779fc66f75d4a
SHA256:5e921c6b729dab93c60839e181765ab3afdbcf7e77401b1c7feac401acd40862

Identifiers

  • maven: com.j256.ormlite:ormlite-jdbc:5.1  Confidence:High

paranamer-2.3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/paranamer-2.3.jar
MD5: e3060bebfe449abeb277e77c4c3388cb
SHA1: 4a85963a752c0a2f715c3924bfc686865e7e1bc6
SHA256:e93f50ae4d0de11080677f44ab268691266fed2b3ff7bc6fd97636febae7d8fe

Identifiers

  • maven: com.thoughtworks.paranamer:paranamer:2.3  Confidence:High

protobuf-java-2.5.0.jar

Description:

 
    Protocol Buffers are a way of encoding structured data in an efficient yet
    extensible format.
  

License:

New BSD license: http://www.opensource.org/licenses/bsd-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/protobuf-java-2.5.0.jar
MD5: a44473b98947e2a54c54e0db1387d137
SHA1: a10732c76bfacdbd633a7eb0f7968b1059a65dfa
SHA256:e0c1c64575c005601725e7c6a02cebf9e1285e888f756b2a1d73ffa8d725cc74

Identifiers

reflections-0.9.8.jar

Description:

 Reflections - a Java runtime metadata analysis

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/reflections-0.9.8.jar
MD5: 46192a2539fbe9e1fb69f8e5764e3aaa
SHA1: f723abb59bf512952bfc503838f70f81487a6993
SHA256:790492c3d177c4121d7ed84edad57c591569d124a58a5c503420004e7a95f9d6

Identifiers

  • maven: org.reflections:reflections:0.9.8  Confidence:High

servlet-api-2.5-20081211.jar

Description:

 Servlet Specification API

License:

http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/servlet-api-2.5-20081211.jar
MD5: 083898d794cc261853922ca941aee390
SHA1: 22bff70037e1e6fa7e6413149489552ee2064702
SHA256:068756096996fe00f604ac3b6672d6f663dc777ea4a83056e240d0456e77e472

Identifiers

  • cpe: cpe:/a:mortbay:jetty:2.5.200812  Confidence:Low  
  • maven: org.mortbay.jetty:servlet-api:2.5-20081211  Confidence:High
  • cpe: cpe:/a:mortbay_jetty:jetty:2.5.200812  Confidence:Low  
  • cpe: cpe:/a:jetty:jetty:2.5.200812  Confidence:Low  

CVE-2005-3747  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Unspecified vulnerability in Jetty before 5.1.6 allows remote attackers to obtain source code of JSP pages, possibly involving requests for .jsp files with URL-encoded backslash ("%5C") characters.  NOTE: this might be the same issue as CVE-2006-2758.

Vulnerable Software & Versions: (show all)

CVE-2007-5615  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-94 Improper Control of Generation of Code ('Code Injection')

CRLF injection vulnerability in Mortbay Jetty before 6.1.6rc0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Vulnerable Software & Versions:

CVE-2009-1523  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Directory traversal vulnerability in the HTTP server in Mort Bay Jetty 5.1.14, 6.x before 6.1.17, and 7.x through 7.0.0.M2 allows remote attackers to access arbitrary files via directory traversal sequences in the URI.

Vulnerable Software & Versions: (show all)

CVE-2009-1524  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in Mort Bay Jetty before 6.1.17 allows remote attackers to inject arbitrary web script or HTML via a directory listing request containing a ; (semicolon) character.

Vulnerable Software & Versions: (show all)

CVE-2011-4461  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-310 Cryptographic Issues

Jetty 8.1.0.RC2 and earlier computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.

Vulnerable Software & Versions: (show all)

servlet-api-2.5.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/servlet-api-2.5.jar
MD5: 69ca51af4e9a67a1027a7f95b52c3e8f
SHA1: 5959582d97d8b61f4d154ca9e495aafd16726e34
SHA256:c658ea360a70faeeadb66fb3c90a702e4142a0ab7768f9ae9828678e0d9ad4dc

Identifiers

skb-interfaces-0.0.1.jar

Description:

 Set of interfaces used by other SKB projects.

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/skb-interfaces-0.0.1.jar
MD5: 7e9fa0690b39a5ffa26ddaeb33793609
SHA1: 78940adb54f8dbcebb9b6166ebd0ff52ca124b32
SHA256:b38707ea1b09fc1a8229b925fd171efa597741a69664de2cba9f68e44fed3667

Identifiers

  • maven: de.vandermeer:skb-interfaces:0.0.1  Confidence:High

slf4j-api-1.7.25.jar

Description:

 The slf4j API

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/slf4j-api-1.7.25.jar
MD5: caafe376afb7086dcbee79f780394ca3
SHA1: da76ca59f6a57ee3102f8f9bd9cee742973efa8a
SHA256:18c4a0095d5c1da6b817592e767bb23d29dd2f560ad74df75ff3961dbde25b79

Identifiers

  • maven: org.slf4j:slf4j-api:1.7.25  Confidence:High
  • cpe: cpe:/a:slf4j:slf4j:1.7.25  Confidence:Low  

snappy-java-1.0.4.1.jar

Description:

 snappy-java: A fast compression/decompression library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/snappy-java-1.0.4.1.jar
MD5: 3fad0dcafbced1e3475e3ad7bdd3236b
SHA1: f88b89a5a21a466aeb0ecf0c063605bd584b4947
SHA256:52533e94f79beacb9862bac33fa2e2fc724a8cfb2a739c33ae4ea10515f2bb86

Identifiers

  • maven: org.xerial.snappy:snappy-java:1.0.4.1  Confidence:High

spring-core-4.0.9.RELEASE.jar

Description:

 Spring Core

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/spring-core-4.0.9.RELEASE.jar
MD5: 34374caaee3214e46c500e00edcd54d8
SHA1: a7aea1dd2c5cde050d2d62833ec397d899a00854
SHA256:8597062cf4ca7fe33780892c1fd7824d4d471b0403cc8a8ac90ef52eb0ee8e7e

Identifiers

CVE-2015-5211  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-20 Improper Input Validation

Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in the response being downloaded rather than rendered and also includes some input reflected in the response.

Vulnerable Software & Versions: (show all)

CVE-2016-5007  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space trimming in path segments, can lead Spring Security to not recognize certain paths as not protected that are in fact mapped to Spring MVC controllers that should be protected. The problem is compounded by the fact that the Spring Framework provides richer features with regards to pattern matching as well as by the fact that pattern matching in each Spring Security and the Spring Framework can easily be customized creating additional differences.

Vulnerable Software & Versions: (show all)

CVE-2018-1270  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-358 Improperly Implemented Security Check for Standard

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack.

Vulnerable Software & Versions: (show all)

CVE-2018-1271  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.

Vulnerable Software & Versions: (show all)

CVE-2018-1272  

Severity:Medium
CVSS Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles.

Vulnerable Software & Versions: (show all)

stax2-api-3.1.4.jar

Description:

 tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
  

License:

The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/stax2-api-3.1.4.jar
MD5: c08e89de601b0a78f941b2c29db565c3
SHA1: ac19014b1e6a7c08aad07fe114af792676b685b7
SHA256:86d7c0b775a7c9b454cc6ba61d40a8eb3b99cc129f832eb9b977a3755b4b338e

Identifiers

  • maven: org.codehaus.woodstox:stax2-api:3.1.4  Confidence:High

t-digest-3.2.jar

Description:

 Data structure which allows accurate estimation of quantiles and related rank statistics

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/t-digest-3.2.jar
MD5: 4b8777b2b4e278aace50b2c068ce7c63
SHA1: 2ab94758b0276a8a26102adf8d528cf6d0567b9a
SHA256:03db291a8887b474f90db67bfb1f92d084e990150037e231babbb374ee11d7c3

Identifiers

  • maven: com.tdunning:t-digest:3.2  Confidence:High

tika-core-1.19.1.jar

Description:

 This is the core Apache Tika™ toolkit library from which all other modules inherit functionality. It also
    includes the core facades for the Tika API.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/tika-core-1.19.1.jar
MD5: c69747bc68274128fb7b8db0a6e3795a
SHA1: c1f075aa01586c2c28a249ad60bcfb733b69b866
SHA256:2015261cecdbcb2a9596e418ed2e6d4bb98fb2bd690b360840677c38b5198e25

Identifiers

  • cpe: cpe:/a:apache:tika:1.19.1  Confidence:Low  
  • maven: org.apache.tika:tika-core:1.19.1  Confidence:High

typeaheadjs-0.9.3.jar

Description:

 WebJar for typeahead.js

License:

MIT: https://github.com/twitter/typeahead.js/blob/master/LICENSE
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/typeaheadjs-0.9.3.jar
MD5: ed3081f15195e21c9b0a76f9bef9e405
SHA1: f7c38c931dcdb7bff0e309f9dcdd6f4281200440
SHA256:36f4ee8f639bf7ed8f155d4c24a1d5d10c9f13104909be7486825c7555ba6974

Identifiers

  • maven: org.webjars:typeaheadjs:0.9.3  Confidence:High

warc-hadoop-0.1.0.jar

Description:

 Java library for working with WARC (Web Archive) files in Hadoop MapReduce

License:

The MIT License: http://opensource.org/licenses/MIT
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/warc-hadoop-0.1.0.jar
MD5: 9955c8f618c29f2013d23e3f81030132
SHA1: 5a2417e9519c52c872cbd51189664fff1d874f52
SHA256:7c4b4a02e74a00b35086772898654349e6bce0e00d0388e335143dac933cb055

Identifiers

webarchive-commons-1.1.5.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/webarchive-commons-1.1.5.jar
MD5: d0fe6b35ec17fd60ed6bbc455d48ac6c
SHA1: fdb1064a537e598cab385f3eaf8e54c89a49fa35
SHA256:537db6f6450df5ef2d94bc0a11fb158bb75c0c2fb9855e62045fc6eab4ddf0ea

Identifiers

  • maven: org.netpreserve.commons:webarchive-commons:1.1.5  Confidence:High

wicket-bootstrap-core-0.9.2.jar

Description:

 wicket with twitter bootstrap integration

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/wicket-bootstrap-core-0.9.2.jar
MD5: 526b085ebd563375c9b920f80734f149
SHA1: 9860c6da4ee063cf64b83d9678bfe17bae7a4d5c
SHA256:2591413c23e927bd17f87892d44de6d8341c9d02791087866ea002ac698b2e00

Identifiers

  • maven: de.agilecoders.wicket:wicket-bootstrap-core:0.9.2  Confidence:High

wicket-bootstrap-extensions-0.9.2.jar

Description:

 wicket with twitter bootstrap integration

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/wicket-bootstrap-extensions-0.9.2.jar
MD5: 848c862ad76f24f425718a999ae7ff2f
SHA1: 7dadadc64d2f8db8b4dd4fc2df910f693cfb9006
SHA256:04d308a2694ab8bfe1915e3a8855e05de0240c88f8ae1e41c3395a071774574d

Identifiers

  • maven: de.agilecoders.wicket:wicket-bootstrap-extensions:0.9.2  Confidence:High

wicket-core-6.17.0.jar

Description:

 
		Wicket is a Java web application framework that takes simplicity, 
		separation of concerns and ease of development to a whole new level. 
		Wicket pages can be mocked up, previewed and later revised using 
		standard WYSIWYG HTML design tools. Dynamic content processing and 
		form handling is all handled in Java code using a first-class 
		component model backed by POJO data beans that can easily be 
		persisted using your favorite technology. 
	

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/wicket-core-6.17.0.jar
MD5: 71af9221838bf894131ed1ea48e48f4b
SHA1: 0140e866539373b1cf774b65b215cfb276431a31
SHA256:007fd8d58f81f5e689a5684f1778c62344b57f9c66d9d85dab8f2ba0acc5017d

Identifiers

CVE-2014-7808  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-310 Cryptographic Issues

Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider.

Vulnerable Software & Versions: (show all)

CVE-2015-5347  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web script or HTML via a ModalWindow title.

Vulnerable Software & Versions: (show all)

CVE-2015-7520  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a <input> element.

Vulnerable Software & Versions: (show all)

CVE-2016-6793  

Severity:Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.7 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object.

Vulnerable Software & Versions: (show all)

wicket-extensions-6.13.0.jar

Description:

 Wicket Extensions is a rich component library for the Wicket framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/wicket-extensions-6.13.0.jar
MD5: bb473c8a26b60b9229b55b7bb8f2af81
SHA1: 6541b82ae1ef81cbe78bbd16de0bf94d65eeb79e
SHA256:31b3a630c20fe4b115aafc294c3f705319f54ba52b3f0470cb37188852459062

Identifiers

  • cpe: cpe:/a:apache:wicket:6.13.0  Confidence:Highest  
  • maven: org.apache.wicket:wicket-extensions:6.13.0  Confidence:High

CVE-2014-0043  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

In Apache Wicket 1.5.10 or 6.13.0, by issuing requests to special urls handled by Wicket, it is possible to check for the existence of particular classes in the classpath and thus check whether a third party library with a known security vulnerability is in use.

Vulnerable Software & Versions: (show all)

CVE-2014-3526  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Apache Wicket before 1.5.12, 6.x before 6.17.0, and 7.x before 7.0.0-M3 might allow remote attackers to obtain sensitive information via vectors involving identifiers for storing page markup for temporary user sessions.

Vulnerable Software & Versions: (show all)

CVE-2014-7808  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-310 Cryptographic Issues

Apache Wicket before 1.5.13, 6.x before 6.19.0, and 7.x before 7.0.0-M5 make it easier for attackers to defeat a cryptographic protection mechanism and predict encrypted URLs by leveraging use of CryptoMapper as the default encryption provider.

Vulnerable Software & Versions: (show all)

CVE-2015-5347  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 might allow remote attackers to inject arbitrary web script or HTML via a ModalWindow title.

Vulnerable Software & Versions: (show all)

CVE-2015-7520  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow remote attackers to inject arbitrary web script or HTML via a crafted "value" attribute in a <input> element.

Vulnerable Software & Versions: (show all)

CVE-2016-6793  

Severity:Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:N/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

The DiskFileItem class in Apache Wicket 6.x before 6.25.0 and 1.5.x before 1.5.7 allows remote attackers to cause a denial of service (infinite loop) and write to, move, and delete files with the permissions of DiskFileItem, and if running on a Java VM before 1.3.1, execute arbitrary code via a crafted serialized Java object.

Vulnerable Software & Versions: (show all)

wicket-webjars-0.4.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/wicket-webjars-0.4.0.jar
MD5: f06ad74c487b7743bee5e447d30ed85f
SHA1: 962c559b498fbc7617ba40658a60d156473db146
SHA256:5e695e6d8ac8eb75512da86146dbd0145e8525ddaa7334c97043d98ff91bf0c5

Identifiers

  • maven: de.agilecoders.wicket.webjars:wicket-webjars:0.4.0  Confidence:High

woodstox-core-asl-4.4.1.jar

Description:

 Woodstox is a high-performance XML processor that
implements Stax (JSR-173) and SAX2 APIs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/woodstox-core-asl-4.4.1.jar
MD5: 1f53f91f117288fb2ef2e120f27e5498
SHA1: 84fee5eb1a4a1cefe65b6883c73b3fa83be3c1a1
SHA256:274fa403ed08c0d6f2f574dc1916adaaaec9a493e56d6442f8797ede620bca65

Identifiers

wsdl4j-1.6.3.jar

Description:

 Java stub generator for WSDL

License:

CPL: http://www.opensource.org/licenses/cpl1.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/wsdl4j-1.6.3.jar
MD5: cfc28d89625c5e88589aec7a9aee0208
SHA1: 6d106a6845a3d3477a1560008479312888e94f2f
SHA256:740f448e6b3bc110e02f4a1e56fb57672e732d2ecaf29ae15835051ae8af4725

Identifiers

xercesImpl-2.11.0.jar

Description:

 
      Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program.

    The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual.

    Xerces2 is a fully conforming XML Schema 1.0 processor. A partial experimental implementation of the XML Schema 1.1 Structures and Datatypes Working Drafts (December 2009) and an experimental implementation of the XML Schema Definition Language (XSD): Component Designators (SCD) Candidate Recommendation (January 2010) are provided for evaluation. For more information, refer to the XML Schema page.

    Xerces2 also provides a complete implementation of the Document Object Model Level 3 Core and Load/Save W3C Recommendations and provides a complete implementation of the XML Inclusions (XInclude) W3C Recommendation. It also provides support for OASIS XML Catalogs v1.1.

    Xerces2 is able to parse documents written according to the XML 1.1 Recommendation, except that it does not yet provide an option to enable normalization checking as described in section 2.13 of this specification. It also handles namespaces according to the XML Namespaces 1.1 Recommendation, and will correctly serialize XML 1.1 documents if the DOM level 3 load/save APIs are in use.  
	

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/xercesImpl-2.11.0.jar
MD5: 43584adc1f895628055bad0aa98a1007
SHA1: 9bb329db1cfc4e22462c9d6b43a8432f5850e92c
SHA256:175bbbd9def7a22a30e05f9c8db629c88fa5bdfc57d5658791901b54222abe1c

Identifiers

CVE-2012-0881  

Severity:High
CVSS Score: 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
CWE: CWE-399 Resource Management Errors

Apache Xerces2 Java allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions.

Vulnerable Software & Versions:

xml-apis-1.4.01.jar

Description:

 xml-commons provides an Apache-hosted set of DOM, SAX, and 
    JAXP interfaces for use in other xml-based projects. Our hope is that we 
    can standardize on both a common version and packaging scheme for these 
    critical XML standards interfaces to make the lives of both our developers 
    and users easier. The External Components portion of xml-commons contains 
    interfaces that are defined by external standards organizations. For DOM, 
    that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for 
    JAXP it's Sun.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
The SAX License: http://www.saxproject.org/copying.html
The W3C License: http://www.w3.org/TR/2004/REC-DOM-Level-3-Core-20040407/java-binding.zip
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/xml-apis-1.4.01.jar
MD5: 7eaad6fea5925cca6c36ee8b3e02ac9d
SHA1: 3789d9fada2d3d458c4ba2de349d48780f381ee3
SHA256:a840968176645684bb01aed376e067ab39614885f9eee44abe35a5f20ebe7fad

Identifiers

xml-resolver-1.2.jar

Description:

 xml-commons provides an Apache-hosted set of DOM, SAX, and 
    JAXP interfaces for use in other xml-based projects. Our hope is that we 
    can standardize on both a common version and packaging scheme for these 
    critical XML standards interfaces to make the lives of both our developers 
    and users easier.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/xml-resolver-1.2.jar
MD5: 706c533146c1f4ee46b66659ea14583a
SHA1: 3d0f97750b3a03e0971831566067754ba4bfd68c
SHA256:47dcde8986019314ef78ae7280a94973a21d2ed95075a40a000b42da956429e1

Identifiers

xmlParserAPIs-2.6.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/xmlParserAPIs-2.6.2.jar
MD5: 2651f9f7c39e3524f3e2c394625ac63a
SHA1: 065acede1e5305bd2b92213d7b5761328c6f4fd9
SHA256:1c2867be1faa73c67e9232631241eb1df4cd0763048646e7bb575a9980e9d7e5

Identifiers

xmlenc-0.52.jar

Description:

 xmlenc Library

License:

The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/xmlenc-0.52.jar
MD5: c962b6bc3c8de46795b0ed94851fa9c7
SHA1: d82554efbe65906d83b3d97bd7509289e9db561a
SHA256:282ae185fc2ff27da7714af9962897c09cfefafb88072219c4a2f9c73616c026

Identifiers

xmlschema-core-2.2.3.jar

Description:

 Commons XMLSchema is a light weight schema object model that can be used to manipulate or
        generate XML schema.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/xmlschema-core-2.2.3.jar
MD5: b4ccd232560c81023bfa2f17f7cd40ce
SHA1: 920a9a3132f925554ae8432d9473c8806734a8ec
SHA256:ffa13d70e827653d93dff3c76598a0821b29c7450538e139989f79fb2c5b4e65

Identifiers

  • cpe: cpe:/a:ws_project:ws:2.2.3  Confidence:Low  
  • maven: org.apache.ws.xmlschema:xmlschema-core:2.2.3  Confidence:High

zookeeper-3.4.6.jar

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/zookeeper-3.4.6.jar
MD5: 7d01d317c717268725896cfb81b18152
SHA1: 01b2502e29da1ebaade2357cd1de35a855fa3755
SHA256:8a375a1ef98cbc0e1f6e9dfd0d96d914b74d37ad00b4bf81beb77fa8f34d33ae

Identifiers

CVE-2014-0085  

Severity:Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management

JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source of the flaw as Zookeeper. Previous text: Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.

Vulnerable Software & Versions: (show all)

CVE-2016-5017  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Buffer overflow in the C cli shell in Apache Zookeeper before 3.4.9 and 3.5.x before 3.5.3, when using the "cmd:" batch mode syntax, allows attackers to have unspecified impact via a long command string.

Vulnerable Software & Versions: (show all)

CVE-2017-5637  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

Two four letter word commands "wchp/wchc" are CPU intensive and could cause spike of CPU utilization on Apache ZooKeeper server if abused, which leads to the server unable to serve legitimate client requests. Apache ZooKeeper thru version 3.4.9 and 3.5.2 suffer from this issue, fixed in 3.4.10, 3.5.3, and later.

Vulnerable Software & Versions: (show all)

CVE-2018-8012  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-285 Improper Authorization

No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.

Vulnerable Software & Versions: (show all)

any23.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/any23.jar
MD5: d0565d83a41dbbd8cfa8ec0cf72dfbf0
SHA1: ce793f08fc58daacf0a3acfa279207dd2c3eea4b
SHA256:8eaf4df3bcfa939c8a0307ad4eb0005679d5377682996775c037f607c9cb702e

Identifiers

  • None

apache-any23-api-2.2.jar

Description:

 Any23 library external API.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/apache-any23-api-2.2.jar
MD5: 90ba23b78126cb3263bc74773df7c359
SHA1: 49181cc6d0969371d08318ba9ce3edc200b7a38b
SHA256:ec918fdfd65e80a90d3b168e86357277fc662e373fb6bd2ec4249017d7861759

Identifiers

  • maven: org.apache.any23:apache-any23-api:2.2  Confidence:High

apache-any23-core-2.2.jar

Description:

 Core Any23 library implementation.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/apache-any23-core-2.2.jar
MD5: e57b38b419372d42d6a246483bdc51d9
SHA1: f640086767f2c74fd94c388fb3c38d46c8b24a80
SHA256:140ae326b82b37f9f0960d9b1bf85cef1e1bdec75c1f91ff18004ba8bc0caa78

Identifiers

  • maven: org.apache.any23:apache-any23-core:2.2  Confidence:High

apache-any23-csvutils-2.2.jar

Description:

 CSV specific library.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/apache-any23-csvutils-2.2.jar
MD5: d2f0af449b34e13035d315aacff682a7
SHA1: cc04ab184213062a5fa994ca0aa3b2565744bf42
SHA256:a3f90692d1f0164d23828bcd50a71736919139b94a2a816e9720f6d17b78e920

Identifiers

  • maven: org.apache.any23:apache-any23-csvutils:2.2  Confidence:High

apache-any23-encoding-2.2.jar

Description:

 Encoding detection library.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/apache-any23-encoding-2.2.jar
MD5: e3f2070e030d1c2bad238c7fb03fcfd3
SHA1: 38bd1a66c2db2115d2710af94fc8e6a8ce8cf877
SHA256:8fed4fc7e49316f5663d9dc22d3f3dd76d6060613f3299f088849427653570ad

Identifiers

  • maven: org.apache.any23:apache-any23-encoding:2.2  Confidence:High

apache-any23-mime-2.2.jar

Description:

 MIME Type detection library.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/apache-any23-mime-2.2.jar
MD5: 30e7f07065d6dd6a89a8dfc132ae66d5
SHA1: c0b164b8384bea8bd3f5e386d89108c6f6c92e02
SHA256:fb9416aae75e5d5aae416cd55ed14fd7b85963be34425427786564c7737fb011

Identifiers

  • maven: org.apache.any23:apache-any23-mime:2.2  Confidence:High

apache-mime4j-core-0.8.1.jar

Description:

 Java stream based MIME message parser

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/apache-mime4j-core-0.8.1.jar
MD5: d675e31f6dbfb2b4d3c0df666b594cec
SHA1: c62dfe18a3b827a2c626ade0ffba44562ddf3f61
SHA256:aeb313efda27ae902964a3fcdbd235f91ea13c7a5b193dd752f626b073da230f

Identifiers

  • maven: org.apache.james:apache-mime4j-core:0.8.1  Confidence:High
  • cpe: cpe:/a:apache:james:0.8.1  Confidence:Low  

bcmail-jdk15on-1.54.jar

Description:

 The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/bcmail-jdk15on-1.54.jar
MD5: 6ae65fb53cf2112141aa050b465d4b92
SHA1: 9d9b5432b4b29ef4a853223bc6e19379ef116cca
SHA256:0356e102bd2831907f052b3cd0561f453f7da48c21ad651fe718e3a672c2037f

Identifiers

bcpkix-jdk15on-1.54.jar

Description:

 The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/bcpkix-jdk15on-1.54.jar
MD5: ea8e906cfcda284d0ae934b82863862d
SHA1: b11bfee99bb11eea344de6e4a07fe89212c55c02
SHA256:d618dcfbf0337b91015b21d4b398175ae96382a82c7e1d6e8c657fcd236463c7

Identifiers

bcprov-jdk15on-1.54.jar

Description:

 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/bcprov-jdk15on-1.54.jar
MD5: 66a9905f98513cc5e53eabcc9af3c0fb
SHA1: 1acdedeb89f1d950d67b73d481eb7736df65eedb
SHA256:d0ae14598f9c528d2ab7bb8ed00e785a5440f692712cd362d69328aba25efb57

Identifiers

  • cpe: cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.54  Confidence:Low  
  • maven: org.bouncycastle:bcprov-jdk15on:1.54   Confidence:Highest
  • cpe: cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.54  Confidence:Low  

boilerpipe-1.1.0.jar

Description:

 The boilerpipe library provides algorithms to detect and remove the surplus "clutter" (boilerplate, templates) around the main textual content of a web page.

The library already provides specific strategies for common tasks (for example: news article extraction) and may also be easily extended for individual problem settings.

Extracting content is very fast (milliseconds), just needs the input document (no global or site-level information required) and is usually quite accurate.

Boilerpipe is a Java library written by Christian Kohlschütter. It is released under the Apache License 2.0.

The algorithms used by the library are based on (and extending) some concepts of the paper "Boilerplate Detection using Shallow Text Features" by Christian Kohlschütter et al., presented at WSDM 2010 -- The Third ACM International Conference on Web Search and Data Mining New York City, NY USA.
  

License:

Apache License 2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/boilerpipe-1.1.0.jar
MD5: 0616568083786d0f49e2cb07a5d09fe4
SHA1: f62cb75ed52455a9e68d1d05b84c500673340eb2
SHA256:088203df4326c4dcc42cec1253a2b41e03dc8904984eae744543b48e2cc63846

Identifiers

bzip2-0.9.1.jar

Description:

 jbzip2 is a Java bzip2 compression/decompression library. It can be used as a replacement for the Apache CBZip2InputStream / CBZip2OutputStream classes.

License:

MIT License (MIT): http://opensource.org/licenses/mit-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/bzip2-0.9.1.jar
MD5: ddd5eb3a035655cbbb536e9b86907a00
SHA1: 47ca95f71e3ccae756c4a24354d48069c58f475c
SHA256:865a7a13dd33ef0388f675993adaf4c6f95632ba80d609d42e9d42e6343aae77

Identifiers

CVE-2005-1260  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").

Vulnerable Software & Versions:

CVE-2010-0405  

Severity:Medium
CVSS Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CWE: CWE-189 Numeric Errors

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file.

Vulnerable Software & Versions: (show all)

CVE-2011-4089  

Severity:Medium
CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory.

Vulnerable Software & Versions: (show all)

c3p0-0.9.1.1.jar

Description:

 
    c3p0 is an easy-to-use library for augmenting traditional (DriverManager-based) JDBC drivers with JNDI-bindable DataSources,
    including DataSources that implement Connection and Statement Pooling, as described by the jdbc3 spec and jdbc2 std extension.
  

License:

GNU LESSER GENERAL PUBLIC LICENSE: http://www.gnu.org/licenses/lgpl.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/c3p0-0.9.1.1.jar
MD5: 640c58226e7bb6beacc8ac3f6bb533d1
SHA1: 302704f30c6e7abb7a0457f7771739e03c973e80
SHA256:a3c772033d43c85f2635596e2421496d55840abbde64ad64b8d0298cacbba466

Identifiers

caffeine-2.5.6.jar

Description:

 A high performance caching library for Java 8+

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/caffeine-2.5.6.jar
MD5: be2dd14b92e95b005b45749fed0944f8
SHA1: 91f8c131fcdb8cc195ea0913b3d672f7bb96f5c7
SHA256:7feb3a77b5eaf0cacca642b94480abe72ad529159f6ca234131f8ba0141a13a4

Identifiers

cdm-4.5.5.jar

Description:

 
    The NetCDF-Java Library is a Java interface to NetCDF files,
    as well as to many other types of scientific data formats.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/cdm-4.5.5.jar
MD5: 7770c86aabbd0ec5e12ed1f0600d5492
SHA1: af1748a3d024069cb7fd3fc2591efe806c914589
SHA256:74ea183cda0f7aa06fae2f3cfa8c3c6c64d013ce8cb87bde4a06de6676eacfdb

Identifiers

  • maven: edu.ucar:cdm:4.5.5  Confidence:High

commons-codec-1.10.jar

Description:

 
     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/commons-codec-1.10.jar
MD5: 353cf6a2bdba09595ccfa073b78c7fcb
SHA1: 4b95f4897fa13f2cd904aee711aeafc0c5295cd8
SHA256:4241dfa94e711d435f29a4604a3e2de5c4aa3c165e23bd066be6fc1fc4309569

Identifiers

  • maven: commons-codec:commons-codec:1.10  Confidence:High

commons-csv-1.5.jar

Description:

 
The Apache Commons CSV library provides a simple interface for reading and writing
CSV files of various types.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/commons-csv-1.5.jar
MD5: 8e11b04e6025a0598e96f3e45957596d
SHA1: e10f140af5b82167640f254fa9d88e35ad74329c
SHA256:f0acb4058efe4616ea631b5119f59ef21fe43843f4e399455521e984e8df99e5

Identifiers

  • maven: org.apache.commons:commons-csv:1.5  Confidence:High

commons-exec-1.3.jar

Description:

 Apache Commons Exec is a library to reliably execute external processes from within the JVM.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/commons-exec-1.3.jar
MD5: 8bb8fa2edfd60d5c7ed6bf9923d14aa8
SHA1: 8dfb9facd0830a27b1b5f29f84593f0aeee7773b
SHA256:cb49812dc1bfb0ea4f20f398bcae1a88c6406e213e67f7524fb10d4f8ad9347b

Identifiers

  • maven: org.apache.commons:commons-exec:1.3  Confidence:High

commons-rdf-api-0.5.0.jar

Description:

 Commons Java API for RDF 1.1

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/commons-rdf-api-0.5.0.jar
MD5: 83a3b5cac9583e027f9330bad716f872
SHA1: df2d4451dee5b311cb4f51ced214dfaab5838291
SHA256:360fd9197008502cbc3fd09afe2ad45d8c8c905e21f42e7cd5b2aa1c39742b5e

Identifiers

curvesapi-1.04.jar

Description:

 Implementation of various mathematical curves that define themselves over a set of control points. The API is written in Java. The curves supported are: Bezier, B-Spline, Cardinal Spline, Catmull-Rom Spline, Lagrange, Natural Cubic Spline, and NURBS.

License:

BSD License: http://opensource.org/licenses/BSD-3-Clause
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/curvesapi-1.04.jar
MD5: 0dcbd9b7e498d1118c920d1d55046743
SHA1: 3386abf821719bc89c7685f9eaafaf4a842f0199
SHA256:ff71bd27b36816889324de58ecf642532e5c9934c1dca2cfea0cbb2f393ec2cb

Identifiers

  • maven: com.github.virtuald:curvesapi:1.04  Confidence:High

cxf-core-3.0.16.jar

Description:

 Apache CXF Core

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/cxf-core-3.0.16.jar
MD5: a9efb1d5cbd59c4d75259645dc5e6eef
SHA1: b6df2be09a3b9d8b30484e684bb6525b03fff2b2
SHA256:73eb120df74dc83b11b4f5c548463dfdc885a5a36e0342458ba638c1461337af

Identifiers

  • maven: org.apache.cxf:cxf-core:3.0.16  Confidence:High
  • cpe: cpe:/a:apache:cxf:3.0.16  Confidence:Highest  

CVE-2015-5253  

Severity:Medium
CVSS Score: 4.0 (AV:N/AC:L/Au:S/C:N/I:P/A:N)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allows remote authenticated users to bypass authentication via a crafted SAML response with a valid signed assertion, related to a "wrapping attack."

Vulnerable Software & Versions: (show all)

CVE-2017-5656  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-384 Session Fixation

Apache CXF's STSClient before 3.1.11 and 3.0.13 uses a flawed way of caching tokens that are associated with delegation tokens, which means that an attacker could craft a token which would return an identifer corresponding to a cached token for another user.

Vulnerable Software & Versions: (show all)

CVE-2018-8039  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-254 7PK - Security Features

It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.

Vulnerable Software & Versions: (show all)

ehcache-core-2.6.2.jar

Description:

 This is the ehcache core module. Pair it with other modules for added functionality.

License:

The Apache Software License, Version 2.0: src/assemble/EHCACHE-CORE-LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/ehcache-core-2.6.2.jar
MD5: b6abecd2c01070700a9001b33b94b3f4
SHA1: 3baecd92015a9f8fe4cf51c8b5d3a5bddcdd3e86
SHA256:df61f1a1724aa674d922dce21965b907df8f77e730679ae1abe92679390a2fd6

Identifiers

  • maven: net.sf.ehcache:ehcache-core:2.6.2  Confidence:High

fluent-hc-4.5.3.jar

Description:

 
   Apache HttpComponents Client fluent API
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/fluent-hc-4.5.3.jar
MD5: 902baa6df5f6d20f96d03a7b3453d1ad
SHA1: 76487e3a4fa77b2dd6cb1927ea423e220d7efbab
SHA256:7047412674c28bac2fac86548f94eec19ecc84ac54e055b756f78839fcaff1e4

Identifiers

  • cpe: cpe:/a:apache:httpclient:4.5.3  Confidence:Low  
  • maven: org.apache.httpcomponents:fluent-hc:4.5.3  Confidence:High

fontbox-2.0.8.jar

Description:

 
    The Apache FontBox library is an open source Java tool to obtain low level information
    from font files. FontBox is a subproject of Apache PDFBox.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/fontbox-2.0.8.jar
MD5: 071c8cc0948762fd89af8ebe6dd50ca2
SHA1: 52f852fcfc7481d45efdffd224eb78b85981b17b
SHA256:a6fab3b2ad256564e10224d7c2c0d4977fcfd5cd566a659f429e9c3793720e12

Identifiers

  • cpe: cpe:/a:apache:pdfbox:2.0.8  Confidence:Low  
  • maven: org.apache.pdfbox:fontbox:2.0.8  Confidence:High

geoapi-3.0.0.jar

Description:

 

The development community in building GIS solutions is sustaining an enormous level
 of effort. The GeoAPI project aims to reduce duplication and increase interoperability
 by providing neutral, interface-only APIs derived from OGC/ISO Standards.
  

License:

https://geoapi.svn.sourceforge.net/svnroot/geoapi/branches/3.0.x/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/geoapi-3.0.0.jar
MD5: 97b6baee0cf3402e8360203bf6c23b3f
SHA1: 0a04e0f361627fb33a140b5aa4c019741f905577
SHA256:95e171231c72d16ee60ca309456a72a5c774a657c5700f6fc6f50a7babf4731a

Identifiers

  • maven: org.opengis:geoapi:3.0.0  Confidence:High

grib-4.5.5.jar

Description:

 
    Decoder for the GRIB format.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/grib-4.5.5.jar
MD5: 0cb80276d8ea89cacc1d5632dbf39fe9
SHA1: cfe552910e9a8d57ce71134796abb281a74ead16
SHA256:1e0492135f421f554c4651a95225f27f2a3230e993329f69348110f8521c32d9

Identifiers

  • maven: edu.ucar:grib:4.5.5  Confidence:High

gson-2.8.1.jar

Description:

 Gson JSON library

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/gson-2.8.1.jar
MD5: 2c334d82c64b56ae59ea1bdcbb674303
SHA1: 02a8e0aa38a2e21cb39e2f5a7d6704cbdc941da0
SHA256:4f65e7dca6528d644031c43d159f1614f2ed58db7daf75f1e91a9fc1b57818d4

Identifiers

  • maven: com.google.code.gson:gson:2.8.1  Confidence:High

guava-20.0.jar

Description:

 
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/guava-20.0.jar
MD5: f32a8a2524620dbecc9f6bf6a20c293f
SHA1: 89507701249388e1ed5ddcf8c41f4ce1be7831ef
SHA256:36a666e3b71ae7f0f0dca23654b67e086e6c93d192f60ba5dfd5519db6c288c8

Identifiers

  • maven: com.google.guava:guava:20.0  Confidence:High

guice-4.1.0.jar

Description:

 Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/guice-4.1.0.jar
MD5: 41f66d1d4d250efebde3bbf8b2d55dfa
SHA1: eeb69005da379a10071aa4948c48d89250febb07
SHA256:9b9df27a5b8c7864112b4137fd92b36c3f1395bfe57be42fedf2f520ead1a93e

Identifiers

  • maven: cglib:cglib:3.2.0  Confidence:High

guice-assistedinject-4.1.0.jar

Description:

 Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/guice-assistedinject-4.1.0.jar
MD5: 65912196b6e91f2ceb933001c1fb5c94
SHA1: af799dd7e23e6fe8c988da12314582072b07edcb
SHA256:663728123fb9a6b79ea39ae289e5d56b4113e1b8e9413eb792f91e53a6dd5868

Identifiers

guice-multibindings-4.1.0.jar

Description:

 Guice is a lightweight dependency injection framework for Java 6 and above

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/guice-multibindings-4.1.0.jar
MD5: f50c4b54df401bd39dcc8d9679e54a8c
SHA1: 3b27257997ac51b0f8d19676f1ea170427e86d51
SHA256:592773a4c745cc87ba37fa0647fed8126c7e474349c603c9f229aa25d3ef5448

Identifiers

httpclient-4.5.3.jar

Description:

 
   Apache HttpComponents Client
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/httpclient-4.5.3.jar
MD5: 1965ebb7aca0f9f8faaed3870d8cf689
SHA1: d1577ae15f01ef5438c5afc62162457c00a34713
SHA256:db3d1b6c2d6a5e5ad47577ad61854e2f0e0936199b8e05eb541ed52349263135

Identifiers

  • cpe: cpe:/a:apache:httpclient:4.5.3  Confidence:Low  
  • maven: org.apache.httpcomponents:httpclient:4.5.3  Confidence:High

httpcore-4.4.6.jar

Description:

 
   Apache HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/httpcore-4.4.6.jar
MD5: a9fbd503e0802507efeeaffb56bbdf52
SHA1: e3fd8ced1f52c7574af952e2e6da0df8df08eb82
SHA256:d7f853dee87680b07293d30855b39b9eb56c1297bd16ff1cd6f19ddb8fa745fb

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.4.6  Confidence:High

httpcore-nio-4.4.6.jar

Description:

 
   Apache HttpComponents Core (non-blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/httpcore-nio-4.4.6.jar
MD5: c65be15da5261ff6c18b4160b8256963
SHA1: 4bafcb5aacb1abc193698a13ae99394e09a25101
SHA256:c17dc0490daa262f5b42e38f94938de3f6807ebc1e78718e9298066e29e101ea

Identifiers

  • maven: org.apache.httpcomponents:httpcore-nio:4.4.6  Confidence:High

httpcore-osgi-4.4.6.jar

Description:

 
   Apache HttpComponents Core (OSGi bundle)
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/httpcore-osgi-4.4.6.jar
MD5: 132e2f4562bf21cc4e0bc5e288ae0ed5
SHA1: c9f4dd0063ace366cb0aa041f60a90c96b95f8cf
SHA256:54d3de6cdaf4c4f8487d8b80eaebe60c025ff1090430437360747a8415f37ad1

Identifiers

httpmime-4.5.3.jar

Description:

 
   Apache HttpComponents HttpClient - MIME coded entities
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/httpmime-4.5.3.jar
MD5: a00b6287cab2ad554ae3cbdbe983dc88
SHA1: 889fd6d061bb63b99dd5c6aba35a555ae863de52
SHA256:b4865b79a3aaeef794220b532bc7b07f793fa4aad90c29e83cab2b835cd8ee06

Identifiers

  • maven: org.apache.httpcomponents:httpmime:4.5.3  Confidence:High

httpservices-4.5.5.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/httpservices-4.5.5.jar
MD5: c5207827b8b7e6045b2af7e1e8c5b1d4
SHA1: ee5f217be599e5e03f7f0e55e03f9e721a154f62
SHA256:8334da7adc9ed7a7b941a780f4d22054f8a11d03973be83ae8399400d55300e4

Identifiers

  • maven: edu.ucar:httpservices:4.5.5  Confidence:High

isoparser-1.1.18.jar

Description:

 A generic parser and writer for all ISO 14496 based files (MP4, Quicktime, DCF, PDCF, ...)
    

License:

Apache Software License - Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/isoparser-1.1.18.jar
MD5: e2902a2f427f2d6bf6b245f9b100feed
SHA1: c74bdac64b22f1e245a7657149a43437aae4a9d3
SHA256:de5108096fb8754ae27a5562fea81be078e11936db6f7a62bdd748371ae3b818

Identifiers

  • maven: com.googlecode.mp4parser:isoparser:1.1.18  Confidence:High

jackcess-2.1.8.jar

Description:

 A pure Java library for reading from and writing to MS Access databases.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jackcess-2.1.8.jar
MD5: 8f85f1c9a32d43c0771e11759f0cb210
SHA1: dfc7156e11ce33bbcb7f4f6724a87b9d969f2fd6
SHA256:e4e71cf4093f2e4a71d12e74629abfb46bc18f8acf71648110e763ff9f09464e

Identifiers

  • maven: com.healthmarketscience.jackcess:jackcess:2.1.8  Confidence:High

jackcess-encrypt-2.1.2.jar

Description:

 An add-on to the Jackcess library for handling encryption in MS Access files.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jackcess-encrypt-2.1.2.jar
MD5: 6680420439292d286c51ab8b76a53be7
SHA1: c11d7a42af7070b84d832198558df52032de734c
SHA256:64dc73c729eefb3d5e2390c9170d11ef13b55dc1cad7a59acbed6ea25f9dba13

Identifiers

  • maven: com.healthmarketscience.jackcess:jackcess-encrypt:2.1.2  Confidence:High

jackson-core-2.9.2.jar

Description:

 Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jackson-core-2.9.2.jar
MD5: 456af981c1be006d6ac38df86c4339d6
SHA1: aed20e50152a2f19adc1995c8d8f307c7efa414d
SHA256:0c0d5d4bae541d2f26a19c2eb1067d9be806c449f67af047ce8963059b18d1e1

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.9.2  Confidence:Low  
  • maven: com.fasterxml.jackson.core:jackson-core:2.9.2  Confidence:High

jackson-databind-2.9.0.jar

Description:

 General data-binding functionality for Jackson: works on core streaming API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jackson-databind-2.9.0.jar
MD5: bc9eddd751df7dbe30d4c68a1662c3de
SHA1: 14fb5f088cc0b0dc90a73ba745bcade4961a3ee3
SHA256:02b20e2a73d5539b8c6898e1ade73623c5b555a3bcd46308410a9179c8c5d455

Identifiers

  • cpe: cpe:/a:fasterxml:jackson-databind:2.9.0  Confidence:Highest  
  • maven: com.fasterxml.jackson.core:jackson-databind:2.9.0  Confidence:High
  • cpe: cpe:/a:fasterxml:jackson:2.9.0  Confidence:Low  

CVE-2017-15095  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

Vulnerable Software & Versions: (show all)

CVE-2018-5968  

Severity:Medium
CVSS Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CWE: CWE-184 Incomplete Blacklist

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

Vulnerable Software & Versions: (show all)

CVE-2018-7489  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-184 Incomplete Blacklist

FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.

Vulnerable Software & Versions: (show all)

java-libpst-0.8.1.jar

Description:

 A library to read PST files with java, without need for external libraries.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/java-libpst-0.8.1.jar
MD5: 6be27662e0b06154e5f05938937d16b7
SHA1: ad31986653dac9cb5132ea5b2999c20b4b286255
SHA256:a3f7b3c934f477b0fc3c0eadebc3d24872bbebc3ac5a22ab575e5f476ea34757

Identifiers

  • maven: com.pff:java-libpst:0.8.1  Confidence:High

jcip-annotations-1.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jcip-annotations-1.0.jar
MD5: 9d5272954896c5a5d234f66b7372b17a
SHA1: afba4942caaeaf46aab0b976afd57cc7c181467e
SHA256:be5805392060c71474bf6c9a67a099471274d30b83eef84bfc4e0889a4f1dcc0

Identifiers

jcl-over-slf4j-1.7.25.jar

Description:

 JCL 1.2 implemented over SLF4J

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jcl-over-slf4j-1.7.25.jar
MD5: 56b22adc639b09b2e917f42d68b26600
SHA1: f8c32b13ff142a513eeb5b6330b1588dcb2c0461
SHA256:5e938457e79efcbfb3ab64bc29c43ec6c3b95fffcda3c155f4a86cc320c11e14

Identifiers

  • maven: org.slf4j:jcl-over-slf4j:1.7.25  Confidence:High
  • cpe: cpe:/a:slf4j:slf4j:1.7.25  Confidence:Low  

jcommander-1.30.jar

Description:

 A Java framework to parse command line options with annotations.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jcommander-1.30.jar
MD5: 191ccbfc9d40670e9103df722529ae16
SHA1: c440b30a944ba199751551aee393f8aa03b3c327
SHA256:8c65d42f55742925128d57079e7337f5c80c34e1f937191ad16daa33b59777a8

Identifiers

  • maven: com.beust:jcommander:1.30  Confidence:High

jdom2-2.0.4.jar

Description:

 
		A complete, Java-based solution for accessing, manipulating, 
		and outputting XML data
	

License:

Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jdom2-2.0.4.jar
MD5: e51c9485a3a38525a7df4bd25a05dec6
SHA1: 4b65e55cc61b34bc634b25f0359d1242e4c519de
SHA256:ca379b0ad57499c9d35066b7018ce868a225db9c8d2143eeb31cc8e396b2919c

Identifiers

jempbox-1.8.13.jar

Description:

 
    The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM)
    specification. JempBox is a subproject of Apache PDFBox.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jempbox-1.8.13.jar
MD5: 449968f1151d4a9ce2e8a71f8e2622cf
SHA1: a874cef0ed0e2a8c4cc5ed52c23ba3e6d78eca4e
SHA256:3327189402b31d1672c70e668612c2420199c7a63c70eff827c787bcc3e301d4

Identifiers

  • cpe: cpe:/a:apache:pdfbox:1.8.13  Confidence:Low  
  • maven: org.apache.pdfbox:jempbox:1.8.13  Confidence:High

jhighlight-1.0.2.jar

Description:

 
    JHighlight is an embeddable pure Java syntax highlighting
    library that supports Java, HTML, XHTML, XML and LZX
    languages and outputs to XHTML.
    
    It also supports RIFE templates tags and highlights them
    clearly so that you can easily identify the difference
    between your RIFE markup and the actual marked up source.
	

License:

CDDL, v1.0: http://www.opensource.org/licenses/cddl1.php
LGPL, v2.1 or later: http://www.opensource.org/licenses/lgpl-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jhighlight-1.0.2.jar
MD5: 867f23891848a72f1284ff3aaf18d94e
SHA1: 992a8a8add10468930efc1f110f2895f68258a1e
SHA256:db48fddb05ece10834158e62b2d272eb3fdcb8cb1dd3482f3aebf5cc7065ca1e

Identifiers

  • maven: org.codelibs:jhighlight:1.0.2  Confidence:High

jmatio-1.2.jar

Description:

 Matlab's MAT-file I/O API in JAVA. Supports Matlab 5 MAT-flie format reading and writing. Written in pure JAVA.

License:

BSD: http://www.linfo.org/bsdlicense.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jmatio-1.2.jar
MD5: 237ce61a21ae9570ee5754fb5a54c57e
SHA1: 69d8f2f49c1503f9b15b0eb50b1905a734a025e2
SHA256:5dbcc1d2cda2ef85a4e780e3a082c3bfc17e2ade2ea0e5ffd27834a9f7668fc4

Identifiers

  • maven: org.tallison:jmatio:1.2  Confidence:High

jna-4.1.0.jar

Description:

 Java Native Access

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jna-4.1.0.jar
MD5: b0e08c9936dc52aa40439c71fcad6297
SHA1: 1c12d070e602efd8021891cdd7fd18bc129372d4
SHA256:1aa37e9ea6baa0ee152d89509f758f0847eac66ec179b955cafe0919e540a92e

Identifiers

joda-time-2.2.jar

Description:

 Date and time library to replace JDK date handling

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/joda-time-2.2.jar
MD5: 226f5207543c490f10f234e82108b998
SHA1: a5f29a7acaddea3f4af307e8cf2d0cc82645fd7d
SHA256:e5183ca131f7195bde5b27e4cd18deeb6d14f8bc5c483b1431421132927240af

Identifiers

  • maven: joda-time:joda-time:2.2  Confidence:High

json-1.8.jar

Description:

 A clean-room Apache-licensed implementation of simple JSON processing

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/json-1.8.jar
MD5: a89b66cf37063d0ee4f401193eb0ca2d
SHA1: fa57d5adf557b226738cd42e6c093dd0a76c5fd4
SHA256:e0b487de3ccd3d1c288976677835e49880799c35507059039a18fa4ae1e7c59a

Identifiers

  • maven: com.tdunning:json:1.8  Confidence:High

json-simple-1.1.1.jar

Description:

 A simple Java toolkit for JSON

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/json-simple-1.1.1.jar
MD5: 5cc2c478d73e8454b4c369cee66c5bc7
SHA1: c9ad4a0850ab676c5c64461a05ca524cdfff59f1
SHA256:4e69696892b88b41c55d49ab2fdcc21eead92bf54acc588c0050596c3b75199c

Identifiers

  • maven: com.googlecode.json-simple:json-simple:1.1.1  Confidence:High

jsonld-java-0.11.1.jar

Description:

 Json-LD core implementation

License:

https://raw.github.com/jsonld-java/jsonld-java/master/LICENCE
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jsonld-java-0.11.1.jar
MD5: 4119003de4cd8df5146916bd2211dc65
SHA1: 359ef21705d0c64645ca672cf436df5fd7f5af66
SHA256:d79a4d5748afadabfd27a53244a734e3c39e91164f7741b4216b012e6673c594

Identifiers

  • maven: com.github.jsonld-java:jsonld-java:0.11.1  Confidence:High

jsoup-1.11.2.jar

Description:

 jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.

License:

The MIT License: https://jsoup.org/license
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jsoup-1.11.2.jar
MD5: 798fe34ab37709e67188cbdf6a504435
SHA1: e3eeb8a0b4ce1db246059a41e353cd7413dad226
SHA256:f4b843e5012648676117f1cadf0adbd5dff91f0cb07b888d6b4d6e7cbb9737db

Identifiers

  • maven: org.jsoup:jsoup:1.11.2  Confidence:High
  • cpe: cpe:/a:jsoup:jsoup:1.11.2  Confidence:Low  

jsr-275-0.9.3.jar

Description:

 
    JSR-275 specifies Java packages for the programmatic handling
    of physical quantities and their expression as numbers of units.
    

License:

Specification License: LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jsr-275-0.9.3.jar
MD5: e7a135baa55ec464055d75e4fd4d6b6f
SHA1: ab2fb094fc5297ae5636ef6ed0d6051d5a656588
SHA256:bab7f6456c79790362b0669aab20d511d3ad99dc22e020bafb5a708f2b18d78e

Identifiers

  • maven: javax.measure:jsr-275:0.9.3  Confidence:High

jsr305-3.0.1.jar

Description:

 JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jsr305-3.0.1.jar
MD5: c6532beb3f7cc54a8d73d25d5602b9e4
SHA1: f7be08ec23c21485b9b5a1cf1654c2ec8c58168d
SHA256:c885ce34249682bc0236b4a7d56efcc12048e6135a5baf7a9cde8ad8cda13fcd

Identifiers

  • maven: com.google.code.findbugs:jsr305:3.0.1  Confidence:High

jul-to-slf4j-1.7.24.jar

Description:

 JUL to SLF4J bridge

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jul-to-slf4j-1.7.24.jar
MD5: 8f13c04772e364c3ca0a1d9d979cc701
SHA1: 25a2be668cb2ad1d05d76c0773df73b4b53617fd
SHA256:0056006ce1d23d6ffb2a6e331ae8496de69a630b152c07c79174b467dcd75576

Identifiers

  • cpe: cpe:/a:slf4j:slf4j:1.7.24  Confidence:Low  
  • maven: org.slf4j:jul-to-slf4j:1.7.24  Confidence:High

junrar-0.7.jar

Description:

 rar decompression library in plain java

License:

UnRar License: https://raw.github.com/junrar/junrar/master/license.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/junrar-0.7.jar
MD5: 75a215b9e921044cd2c88e73f6cb9745
SHA1: 18cc717b85af0b12ba922abf415c2ff4716f8219
SHA256:7c764fa1af319b98ff452189ab31bb722ea74ed7a52b17b0c6282249c10a61fc

Identifiers

  • maven: com.github.junrar:junrar:0.7  Confidence:High

mapdb-1.0.8.jar

Description:

 MapDB provides concurrent Maps, Sets and Queues backed by disk storage or off-heap memory. It is a fast, scalable and easy to use embedded Java database.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/mapdb-1.0.8.jar
MD5: aaea7b500b214a08b2dc61d38d04024e
SHA1: 64485a221d9095fc7ab9b50cc34c6b4b58467e2e
SHA256:e757738f3a0867d7d9a1f1532bf7ca09eab02f032767eb403c991cb4e09c4fe0

Identifiers

  • maven: org.mapdb:mapdb:1.0.8  Confidence:High

metadata-extractor-2.10.1.jar

Description:

 Java library for extracting EXIF, IPTC, XMP, ICC and other metadata from image files.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/metadata-extractor-2.10.1.jar
MD5: 296a04140013cadcbdaf0e8b6c63fd3b
SHA1: e1852a8f519dbb0196fdb41bf2c584a8858189f8
SHA256:2eb9231cb8c99c7341f8f30ff96b37df4602e71b6061713b3a65f2b8ea93a95f

Identifiers

  • maven: com.drewnoakes:metadata-extractor:2.10.1  Confidence:High
  • cpe: cpe:/a:id:id-software:2.10.1  Confidence:Low  

nekohtml-1.9.20.jar

Description:

 An HTML parser and tag balancer.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/nekohtml-1.9.20.jar
MD5: 29955bb122cf6f3981e2c6d3a0aaa6f9
SHA1: f7c918a3548dd81a15aab0619809b59f9bf4e931
SHA256:e96a010ebc4c4126104be073e1189a78ff987b31ea3e2ff5b547ec44dcf64471

Identifiers

netcdf4-4.5.5.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/netcdf4-4.5.5.jar
MD5: 5f14df469295650fd65748a003c9ba56
SHA1: 0675d63ecc857c50dd50858011b670160aa30b62
SHA256:131e3983dcf001677be069a7471797a4a9ad2c9783e88db56e32506cf1039635

Identifiers

  • maven: edu.ucar:netcdf4:4.5.5  Confidence:High

opennlp-tools-1.8.3.jar

Description:

 The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/opennlp-tools-1.8.3.jar
MD5: 297f05aa3e15d5842e66de8759c49a0c
SHA1: 3ce7c9056048f55478d983248cf18c7e02b1d072
SHA256:e07c6fe83efe110063560bc70e3a9dca5a5e1c10077becc96998c488da80368c

Identifiers

  • maven: org.apache.opennlp:opennlp-tools:1.8.3  Confidence:High
  • cpe: cpe:/a:apache:opennlp:1.8.3  Confidence:Low  

owlapi-api-5.1.3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-api-5.1.3.jar
MD5: 5e6ce18a389343f72cda4c691c1debd2
SHA1: d7639db44ecdf3be7ffad1dab01139cd43994e4c
SHA256:329990b49b4f56a25c60db9ce07e351bb5321994a82ad61799f20be355b0c8db

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-api:5.1.3  Confidence:High

owlapi-apibinding-5.1.3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-apibinding-5.1.3.jar
MD5: 0ec4200787206953e3091a96b5651dc7
SHA1: b4e62e224bb77c73fe8506969424aa1b9b3d49da
SHA256:c41a344d2f7b007b1bfd4c4e59c3dfb5aa45f866e0eb5dd13bf24910a1db869d

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-apibinding:5.1.3  Confidence:High

owlapi-impl-5.1.3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-impl-5.1.3.jar
MD5: 7bb0b737cd7715344dc208cbae21e6e2
SHA1: e8b16cbe69238e67a703de35998e4668da96d993
SHA256:b5c4c98bba2d61fb7aa72b74e43b4a24edcffc109c6a51c3f455463ef174531c

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-impl:5.1.3  Confidence:High

owlapi-oboformat-5.1.3.jar

Description:

 A java library for converting obo format documents to OWL, and for converting (a subset of) OWL to obo format. This version has been slightly modified to be included directly in the OWL API.
	The upstream code for this module and its authors can be found at https://code.google.com/p/oboformat/.

License:

The BSD 3-Clause License: http://opensource.org/licenses/BSD-3-Clause
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-oboformat-5.1.3.jar
MD5: e01a0fc9bf161e49d7da74a3fdc18982
SHA1: f126b03f5264099454b903ef717efa0cbac89962
SHA256:4a2d554d7c8b3dddffd8c8b391d6fc330281914e56deb41692e4d0f943e12d7f

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-oboformat:5.1.3  Confidence:High

owlapi-parsers-5.1.3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-parsers-5.1.3.jar
MD5: 016f0c0f70dbbf701f6e00ce05094bf9
SHA1: c24de9746f35726cf0a7fdc545e6ce7e425c277f
SHA256:906ea6b599c149bfef48855e809eeda61fcfd87ba147b0be3833f2a8e877050b

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-parsers:5.1.3  Confidence:High

owlapi-rio-5.1.3.jar

Description:

 Extends OWLAPI to export ontologies to any RDF4J Rio RDFHandler, including databases and in-memory RDF statement collections.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-rio-5.1.3.jar
MD5: 47e6841810c444a3ba06d95af94b7018
SHA1: 4224ebb4927995b05c8dab75506d0490a6127f77
SHA256:3d52557cccce9e0c2359a94e46a741eeb403f2ad7e62682ec1eec3abc6fbdaa0

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-rio:5.1.3  Confidence:High

owlapi-tools-5.1.3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/owlapi-tools-5.1.3.jar
MD5: 67cf116e35baa02c45cf5617d349da8c
SHA1: 786cb4a714c6cc4b7f10adc46c05c50300d86313
SHA256:e892f1afb37ecb9295d5319840d2bf86d45539b870207429487a2a010cbfce6d

Identifiers

  • maven: net.sourceforge.owlapi:owlapi-tools:5.1.3  Confidence:High

pdfbox-2.0.8.jar

Description:

 
        The Apache PDFBox library is an open source Java tool for working with PDF documents.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/pdfbox-2.0.8.jar
MD5: b43bdfa877cd844f385138bfc5d5bedc
SHA1: 17bdf273d66f3afe41eedb9d3ab6a7b819c44a0c
SHA256:8deec6288a6d0866f2794ae2c1924459f1b70234f04ac223ff9a773e317f5816

Identifiers

  • maven: org.apache.pdfbox:pdfbox:2.0.8  Confidence:High
  • cpe: cpe:/a:apache:pdfbox:2.0.8  Confidence:Low  

poi-3.16.jar

Description:

 Apache POI - Java API To Access Microsoft Format Files

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/poi-3.16.jar
MD5: 1ef486c7a099aba3286a31501ec280e6
SHA1: ad21c123ee5d6b5b2a8f0d4ed23b3ffe6759a889
SHA256:cc5d9ab5a954661eee031b817e411831bf2d79e7444525e46e1d7f4c9426d341

Identifiers

  • cpe: cpe:/a:apache:poi:3.16  Confidence:Low  
  • maven: org.apache.poi:poi:3.16   Confidence:Highest

quartz-2.2.0.jar

Description:

 Enterprise Job Scheduler

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
Apache Software License, Version 2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/quartz-2.2.0.jar
MD5: 56d748f33fa07cb50c86eb72f53141b5
SHA1: 2eb16fce055d5f3c9d65420f6fc4efd3a079a3d8
SHA256:ad9fbd38399b2c5c5931b9a9161ca07ec5ba916b22f4292bd9791259c5c1f1d6

Identifiers

  • maven: org.quartz-scheduler:quartz:2.2.0  Confidence:High

rdf4j-http-client-2.2.4.jar

Description:

 Client functionality for communicating with an RDF4J server over HTTP.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-http-client-2.2.4.jar
MD5: 3aa426db7f0d3f0ad40322ca2a1bcddc
SHA1: 3120f94524ea30cbff8c4a313c095222c97380d2
SHA256:5b039ba5072be8b01d470aa9c696c64399a6871b6ee57ce596aa145ce5baad63

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-http-client:2.2.4  Confidence:High

rdf4j-http-protocol-2.2.4.jar

Description:

 HTTP protocol (REST-style)

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-http-protocol-2.2.4.jar
MD5: 017144b38219f3c9108b36b955c02922
SHA1: 3c25cd44a1e4604f03874061cdb25407dd4eba5c
SHA256:9ba5452366372bb03984b16218e070e13dadeb2cf36da41443380db96c3f7a71

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-http-protocol:2.2.4  Confidence:High

rdf4j-model-2.2.4.jar

Description:

 RDF model interfaces and implementations.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-model-2.2.4.jar
MD5: 962b589fb65b6fe5ea7f048f16b3bc82
SHA1: 66dc906dabf6aa0c2576eb6876ffd9260a8c0fa9
SHA256:c46c669d2af96cbfe6369e6f0aa30d5cc8730dea48d1783c2ba56c7db60eef35

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-model:2.2.4  Confidence:High

rdf4j-query-2.2.4.jar

Description:

 Query interfaces and implementations

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-query-2.2.4.jar
MD5: 2108a5b5518f6d639d26c4c360275afa
SHA1: 59010009dc5d35303c266486b0e73261f31eeb0a
SHA256:6b192d673eb0b163097ce3b30a37156e9ed52427845f5cc75deee2ff367439e8

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-query:2.2.4  Confidence:High

rdf4j-queryalgebra-evaluation-2.2.4.jar

Description:

 Evaluation strategy API and implementations for the query algebra model.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryalgebra-evaluation-2.2.4.jar
MD5: 5f2e1c31c6836baf66c91a82703faa1c
SHA1: 174ec3999fc485068b733bc2ea9f8b2eacc4638d
SHA256:a2dbcdf906ddfe06233eddbd7090af9f41f1a73223962faa40900ac0d21debf7

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryalgebra-evaluation:2.2.4  Confidence:High

rdf4j-queryalgebra-model-2.2.4.jar

Description:

 A generic query algebra for RDF queries.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryalgebra-model-2.2.4.jar
MD5: 5ff218f22e4493749ccb4c851f1468d6
SHA1: 93bbbf3635e0c3e2e800bea457cf3af7aca7a8a1
SHA256:b13ff83f2d46036503905815d43f74335e0980e9e880175a6cfb7455ccc1a7a6

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryalgebra-model:2.2.4  Confidence:High

rdf4j-queryparser-api-2.2.4.jar

Description:

 Query language parsers API.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryparser-api-2.2.4.jar
MD5: 2fc92220ce7444ee46d1ca221cc685a9
SHA1: 52a46301c4f5ff39a8c68ab928b89bf6afb5528b
SHA256:c1c9eccd7d3badf79fdb2f9cefb7d761aaec0c7a39829becda93210ab4d272eb

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryparser-api:2.2.4  Confidence:High

rdf4j-queryparser-serql-2.2.4.jar

Description:

 Query language parser implementation for SeRQL.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryparser-serql-2.2.4.jar
MD5: ffb65a94f04806e1cdcdbda43023c39a
SHA1: 9d0d2806104ff72a15e1aed53d357458ead05fc6
SHA256:334ce14a6a89cc962b1956ae671859e626d2781b3d59b759d7b199cbffce0453

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryparser-serql:2.2.4  Confidence:High

rdf4j-queryparser-sparql-2.2.4.jar

Description:

 Query language parser implementation for SPARQL.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryparser-sparql-2.2.4.jar
MD5: 231e6dfffbf949a53d58ce56a5054d92
SHA1: 5dd0309bb630bc1878d1f17d37fff313649089d0
SHA256:a1853eb6043a56c17908292194b857da93ccc9d989c18bc1dc7604f60d08803c

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryparser-sparql:2.2.4  Confidence:High

rdf4j-queryresultio-api-2.2.4.jar

Description:

 Query result IO API

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryresultio-api-2.2.4.jar
MD5: e649b9f25d0ebda3316c2751ae8667ef
SHA1: eb5a0441ee43d4d023b316a5f795cbfb0847bc7d
SHA256:a75e19aa0ae39423a66a18fd9a812d581492a96e0f55a60851c58bf5757a52b5

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryresultio-api:2.2.4  Confidence:High

rdf4j-queryresultio-sparqlxml-2.2.4.jar

Description:

 Query result parser and writer implementation for the SPARQL Query Results XML Format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-queryresultio-sparqlxml-2.2.4.jar
MD5: 04676d5fcd200fa478f80b61d041b38e
SHA1: 8ed99a2c96399f82163a64ed19e51137f8a92e6e
SHA256:b178d0d922e8e8c4c3f9e1dd964ac445f11fb7066e78e245474a37d02da26f2c

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-queryresultio-sparqlxml:2.2.4  Confidence:High

rdf4j-repository-api-2.2.4.jar

Description:

 API for interacting with repositories of RDF data.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-repository-api-2.2.4.jar
MD5: 4308eeb03afb0da6ab8c956c902bb8d9
SHA1: 706a23020cce03e119e824b241119a00ddd169b4
SHA256:a5a06cb15b6db25ce7d7536822fb506b83297be172d8b3c5d8a863f5fa513637

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-repository-api:2.2.4  Confidence:High

rdf4j-repository-sail-2.2.4.jar

Description:

 Repository that uses a Sail stack.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-repository-sail-2.2.4.jar
MD5: 309660b2f929ac26ee9ee67322c3b835
SHA1: b86215848dba4304149fa950bfc5cd2b41308877
SHA256:809464c686bc8d5a0f0b84aa0e411829971f481aa61b5fcbf47a6aa0cd7af1b4

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-repository-sail:2.2.4  Confidence:High

rdf4j-repository-sparql-2.2.4.jar

Description:

 
The SPARQL Repository provides a RDF4J Repository interface to any SPARQL end-point.

	

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-repository-sparql-2.2.4.jar
MD5: 783ae955f895f2cb8774f1625913883a
SHA1: 04b6abfb8d24d5da7edc55da814076b513166ddd
SHA256:c1d6d129b7e4de830aec2be86ded2fc6b289d72eea5230f3f9c785c7465ef477

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-repository-sparql:2.2.4  Confidence:High

rdf4j-rio-api-2.2.4.jar

Description:

 Rio API.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-api-2.2.4.jar
MD5: 6ddd29b0d0eb9b9427db49cce4b0f868
SHA1: 2afacf815d01773a1b8e40377ec797e220988427
SHA256:9a9ccaaa909633d953a3c9bebbc7970a59e32bdd69c5c18b9455c211d9b88ba8

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-api:2.2.4  Confidence:High

rdf4j-rio-binary-2.2.2.jar

Description:

 Rio parser and writer implementation for the binary RDF file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-binary-2.2.2.jar
MD5: 73694aaa4020482290d4299d8f897dab
SHA1: 977e4f85f35dd2e7759f0f5d755a29ee52f2cab2
SHA256:c1db48b721ca864f7189c67973c215424a9b659ddf8edbe1c05ae79aff43548f

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-binary:2.2.2  Confidence:High

rdf4j-rio-datatypes-2.2.4.jar

Description:

 Rio Datatype handler implementations.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-datatypes-2.2.4.jar
MD5: f54595a93666b23d3e526cf452831014
SHA1: cecc85aaf011dbf13626291b00fac7c9c3931149
SHA256:19433b3b59906f32c22d21f74d7785231d5fb1806964fba38c6857e2c0361339

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-datatypes:2.2.4  Confidence:High

rdf4j-rio-jsonld-2.2.4.jar

Description:

 Rio parser and writer implementation for the JSON-LD file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-jsonld-2.2.4.jar
MD5: 2428d802e9559c17d4d1b1bb59ca75ac
SHA1: aa0691df6f95cef4e4777923e5be43d558448e6d
SHA256:7eafa8573aace47f9e1945c9bae435ac2c5c54698aa7b32833ca82129238d74a

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-jsonld:2.2.4  Confidence:High

rdf4j-rio-languages-2.2.4.jar

Description:

 Rio Language handler implementations.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-languages-2.2.4.jar
MD5: 07950c6b5cb5489d3d9d507955433b05
SHA1: 988b0c0fc90054d8e445766600243372895bf48e
SHA256:07d0e25ab5c82936c0c548f3c5ad1c360305229a82ae69cad9d068640a2db52b

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-languages:2.2.4  Confidence:High

rdf4j-rio-n3-2.2.4.jar

Description:

 Rio writer implementation for the N3 file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-n3-2.2.4.jar
MD5: 7bcca53baea18c0a675725387727c956
SHA1: 6ec9bcdaf512523f3bc004b5acda47cf87c98e7e
SHA256:beb29cd8965c306db5c2583ba3ebff8b3e92cd5050c66ca4b96b7cbf5046db6a

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-n3:2.2.4  Confidence:High

rdf4j-rio-nquads-2.2.4.jar

Description:

 Rio parser and writer implementation for the N-Quads file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-nquads-2.2.4.jar
MD5: 121cdffa7d12c6355b4346d08237efbb
SHA1: 46b89170fce894cf4f90ebdb1aadda5f2efad595
SHA256:7d20a196e08d4700a3bc6c451309b05707fac861cd04f0d1e1acf19a92bad886

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-nquads:2.2.4  Confidence:High

rdf4j-rio-ntriples-2.2.4.jar

Description:

 Rio parser and writer implementation for the N-Triples file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-ntriples-2.2.4.jar
MD5: 0c0b54efda90108639ce9403c281ece9
SHA1: 774a19bc97b55975958a196d646db4789a2638ee
SHA256:7d30456301affb1671c8f6e071a8e7e0b49f61d072b7e1070577778d127679fc

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-ntriples:2.2.4  Confidence:High

rdf4j-rio-rdfjson-2.2.4.jar

Description:

 Rio parser and writer implementation for the RDF/JSON file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-rdfjson-2.2.4.jar
MD5: 3827bb87648cc1825b49e0b78b8d4a45
SHA1: 4d2c8cecc3e547d8cbc3facc151580319de5c850
SHA256:cc7359b908b12a3e3e073948a0f1746b1bfa56141f65723c1546aac8f1e5faed

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-rdfjson:2.2.4  Confidence:High

rdf4j-rio-rdfxml-2.2.4.jar

Description:

 Rio parser and writer implementation for the RDF/XML file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-rdfxml-2.2.4.jar
MD5: 5fa9bb0509db4fcac4776974ece887bc
SHA1: 268986a7de693188f52f9fa54df951779d9c367f
SHA256:4a0f323cfefe52b054fd32578bf5dbf9a6c10a708f3223e775a3a5533d59960c

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-rdfxml:2.2.4  Confidence:High

rdf4j-rio-trig-2.2.4.jar

Description:

 Rio parser and writer implementation for the TriG file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-trig-2.2.4.jar
MD5: ffa1437aaec202a6dba138da55bcc202
SHA1: 76bfcb0c5ffc34faa0f27e2612a8bca22562e306
SHA256:5cbc2e7a963e283fe763787dc68ad2b2ec3eb1d5be33fd02db2416d8b854359d

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-trig:2.2.4  Confidence:High

rdf4j-rio-trix-2.2.4.jar

Description:

 Rio parser and writer implementation for the TriX file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-trix-2.2.4.jar
MD5: 9f699fb67dc5a48342c70b4aea8e8dea
SHA1: cf5588b330c6a5da8e0f7d2d4b4cbede673ee156
SHA256:724b7d05afa601dcf38d42b96b9bc7cf370421f337b4563b5726dcdce41eeac4

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-trix:2.2.4  Confidence:High

rdf4j-rio-turtle-2.2.4.jar

Description:

 Rio parser and writer implementation for the Turtle file format.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-rio-turtle-2.2.4.jar
MD5: d8343abf36edee186379fa06d24059c9
SHA1: a1cd677143e5a5c960d421483319b26658010d74
SHA256:3bafb46a9a41fe8dcca69db9883078e4b1c6906a287117422b60a669cf02f1ad

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-rio-turtle:2.2.4  Confidence:High

rdf4j-sail-api-2.2.4.jar

Description:

 RDF Storage And Inference Layer ("Sail") API.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-sail-api-2.2.4.jar
MD5: ba1d91ab7da09abe00d2d96cb1f876c7
SHA1: 2eeaf4019c0d3ddd2bfa65b3f3529af7850eacfd
SHA256:6659cbeae9d6eb542c660e4350a922fc4259e084999b47d7e92cb936be0f743d

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-sail-api:2.2.4  Confidence:High
  • cpe: cpe:/a:storage_api_project:storage_api:2.2.4  Confidence:Low  

rdf4j-sail-base-2.2.4.jar

Description:

 RDF Storage And Inference Layer ("Sail") API.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-sail-base-2.2.4.jar
MD5: 4299bd54de03a521456f23cf78039ba8
SHA1: 4c9e1d3289fb55b5be1ebca12495829d0ba589fd
SHA256:e10f790aca270599294573ee5556da94c21435ff22c6df6e2d696704e20b0162

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-sail-base:2.2.4  Confidence:High

rdf4j-sail-inferencer-2.2.4.jar

Description:

 Stackable Sail implementation that adds RDF Schema inferencing to an RDF store.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-sail-inferencer-2.2.4.jar
MD5: 3ca4915c4491112bde2a04eb5f31b208
SHA1: 93534b221e8e23dd4a159103d98377ae56783ce0
SHA256:10a24175977bbf4d2cefdb11411fbf4d7d1143be7f8c5326a02693779224c6d0

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-sail-inferencer:2.2.4  Confidence:High

rdf4j-sail-memory-2.2.4.jar

Description:

 Sail implementation that stores data in main memory, optionally using a dump-restore file for persistence.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-sail-memory-2.2.4.jar
MD5: 7ad94418a5ad4b8597f6d300439d1bca
SHA1: 7676271ad8649653d7b1dcd50cab42ae5c9cac9c
SHA256:c7fad34d049d6434a3250d0d0efaed13dde9b5cbd274b20682bbcc52b35d8650

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-sail-memory:2.2.4  Confidence:High

rdf4j-sail-model-2.2.4.jar

Description:

 Sail implementation of Model.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-sail-model-2.2.4.jar
MD5: c10b9fbed50fc6a4db75dc3d18498e50
SHA1: 58407096e2e67f6723fa894af2ff47295f49512a
SHA256:d6d32cb2fcceeaf71e6a44844d5824c35c89fdb0acbffa1f017299c217632ca8

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-sail-model:2.2.4  Confidence:High

rdf4j-util-2.2.4.jar

Description:

 RDF4J utility classes

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rdf4j-util-2.2.4.jar
MD5: a28adde72db02031628bb5312f451464
SHA1: 9782e4445f52e1709a5c2617673fa1aeeffd4b9f
SHA256:74248ab99a0cb60e93930618d3abffca886c4c0937e6926258072438def5e11f

Identifiers

  • maven: org.eclipse.rdf4j:rdf4j-util:2.2.4  Confidence:High

rome-1.5.1.jar

Description:

 All Roads Lead to ROME. ROME is a set of Atom/RSS Java utilities that make it
        easy to work in Java with most syndication formats. Today it accepts all flavors of RSS
        (0.90, 0.91, 0.92, 0.93, 0.94, 1.0 and 2.0), Atom 0.3 and Atom 1.0 feeds. Rome includes
        a set of parsers and generators for the various flavors of feeds, as well as converters
        to convert from one format to another. The parsers can give you back Java objects that
        are either specific for the format you want to work with, or a generic normalized
        SyndFeed object that lets you work on with the data without bothering about the
        underlying format.
    

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rome-1.5.1.jar
MD5: 07039d4b871513942d0495311947275f
SHA1: cc3489f066749bede7fc81f4e80c0d8c9534a210
SHA256:0f754b6886c3c97e1ca8ccd6c94de383a14908cd6f1e68b6ab951af016e8b23f

Identifiers

  • maven: com.rometools:rome:1.5.1  Confidence:High

rome-utils-1.5.1.jar

Description:

 Utility classes for ROME projects

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/rome-utils-1.5.1.jar
MD5: ba0f0958cbbacd734b383038c3dcb0ef
SHA1: 3a3d6473a2f5d55fb31bf6c269af963fdea13b54
SHA256:8267802f2f959558a7974ea754c2d80d3e1c813d24045c066c539664d8422be2

Identifiers

  • maven: com.rometools:rome-utils:1.5.1  Confidence:High

semargl-core-0.7.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/semargl-core-0.7.jar
MD5: fc196c1524d7ecd48a02f4476b6ed698
SHA1: ec871a69b46a1ff6426ca64d192806fd81cdf0f8
SHA256:c8288871e587c2e5ab49cb07e475739e707805cabebafc0dd2e14cd545aee19a

Identifiers

  • maven: org.semarglproject:semargl-core:0.7  Confidence:High

semargl-rdf-0.7.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/semargl-rdf-0.7.jar
MD5: 5d438c201c2f7bc33b3dc43422e85f52
SHA1: 8dbc4043a73be4fbe8a287a5f3b1e257f8f6fc16
SHA256:44090a1830af5dba7ba2f9fba4cfd80e7551c84d1acb52f4962bb56841920d27

Identifiers

  • maven: org.semarglproject:semargl-rdf:0.7  Confidence:High

semargl-rdf4j-0.7.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/semargl-rdf4j-0.7.jar
MD5: d4bc1bb4bab7afcc7a9566501e877611
SHA1: 0fa47f470dcf408ea496b0e7d7f3b0ceb22c9a52
SHA256:d5f988e1dfe41331e5fdc9713324ba41a7d69e7fa51e2cced4b61a645c160a9f

Identifiers

  • maven: org.semarglproject:semargl-rdf4j:0.7  Confidence:High

semargl-rdfa-0.7.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/semargl-rdfa-0.7.jar
MD5: 70ed3387d15cee7e1f9f6f7a2d34fdd0
SHA1: 8cdeb174b0cb97bd6020e980f7c6b57166aeb7f4
SHA256:782eb644018f7b1077dfadd8cfd4ebdbf8966b6bd374d15ab53ad96481624bb7

Identifiers

  • maven: org.semarglproject:semargl-rdfa:0.7  Confidence:High

sentiment-analysis-parser-0.1.jar

Description:

 Combines Apache OpenNLP and Apache Tika and provides facilities for automatically deriving sentiment from text.

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/sentiment-analysis-parser-0.1.jar
MD5: 69727e01cb8165e2e5d637e527ea82d4
SHA1: 20d1524a1270c1d26e3314d2ee71a12e6a29a27d
SHA256:035a28b4d65993b405ddcc98b4bb67cd038d4617e5c8e5c2f4d16d34c8f49e2b

Identifiers

  • maven: edu.usc.ir:sentiment-analysis-parser:0.1  Confidence:High

sis-metadata-0.6.jar

Description:

 
  
Implementations of metadata derived from ISO 19115. This module provides both an implementation
 of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through
 Java reflection.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/sis-metadata-0.6.jar
MD5: 193ae7072888febbac3c0a6007e62cc9
SHA1: 97cde9b02f2548567a06f3ecd42caa39a94ffaf4
SHA256:f1b707c34163d934a46f23f4e6274d56ed59526842e8c39bebeca257c29979b1

Identifiers

sis-netcdf-0.6.jar

Description:

 
  
Bridge between NetCDF Climate and Forecast (CF) convention and ISO 19115 metadata.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/sis-netcdf-0.6.jar
MD5: af47f83d86ae9c8d8ec22ebe59c581d8
SHA1: c847a664eb707b0663dec4a9257419842a33e903
SHA256:3b895d9e70f9d8fbc318386f3791e401dc8b9aefd655d1b3ff8d5d6023e0f92c

Identifiers

sis-referencing-0.6.jar

Description:

 
  
Implementations of Coordinate Reference Systems (CRS),
 conversion and transformation services derived from ISO 19111.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/sis-referencing-0.6.jar
MD5: e7cb42c4330b3e9ebd8e91cf8bbaa028
SHA1: ca59408047b7c3685661959b5858297e047a4046
SHA256:ecba1bf4079c8f223b239ff8ea8659cb796cbc61985fd2ad372af1f523109835

Identifiers

sis-storage-0.6.jar

Description:

 
  
Provides the interfaces and base classes to be implemented by various storage formats.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/sis-storage-0.6.jar
MD5: b30f631ab68b989fa35b23f5d6165d30
SHA1: 1996e6209d309380cd191d4483ca19cc25c30fe3
SHA256:c82a5d6cd2825494220bcf6e704379c77af063f06a4ef97938bde8ca0fb0e808

Identifiers

sis-utility-0.6.jar

Description:

 
  
Miscellaneous utilities.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/sis-utility-0.6.jar
MD5: b8da3a7ab7599f60b0e814605217b461
SHA1: 00e049cdb56758f3a92b48af0f7741d102a90152
SHA256:bdf099a6ec539056a54dbf8bee2467b20a61d022a50bb23a95a6e459c64834b5

Identifiers

snakeyaml-1.17.jar

Description:

 YAML 1.1 parser and emitter for Java

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/snakeyaml-1.17.jar
MD5: ab621c3cee316236ad04a6f0fe4dd17c
SHA1: 7a27ea250c5130b2922b86dea63cbb1cc10a660c
SHA256:5666b36f9db46f06dd5a19d73bbff3b588d5969c0f4b8848fde0f5ec849430a5

Identifiers

  • maven: org.yaml:snakeyaml:1.17  Confidence:High

tagsoup-1.2.1.jar

Description:

 TagSoup is a SAX-compliant parser written in Java that, instead of parsing well-formed or valid XML, parses HTML as it is found in the wild: poor, nasty and brutish, though quite often far from short. TagSoup is designed for people who have to process this stuff using some semblance of a rational application design. By providing a SAX interface, it allows standard XML tools to be applied to even the worst HTML. TagSoup also includes a command-line processor that reads HTML files and can generate either clean HTML or well-formed XML that is a close approximation to XHTML.

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/tagsoup-1.2.1.jar
MD5: ae73a52cdcbec10cd61d9ef22fab5936
SHA1: 5584627487e984c03456266d3f8802eb85a9ce97
SHA256:ac97f7b4b1d8e9337edfa0e34044f8d0efe7223f6ad8f3a85d54cc1018ea2e04

Identifiers

tika-core-1.17.jar

Description:

 This is the core Apache Tika™ toolkit library from which all other modules inherit functionality. It also
    includes the core facades for the Tika API.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/tika-core-1.17.jar
MD5: dc1ba32dd6647a99822cf91e9c6a249d
SHA1: b450102c2aee98107474d2f92661d947b9cef183
SHA256:77c0a63d7693dc968553f92ef061469979b04d458bb11996d7738c45c5f66b5c

Identifiers

  • cpe: cpe:/a:apache:tika:1.17  Confidence:Highest  
  • maven: org.apache.tika:tika-core:1.17  Confidence:High

CVE-2018-1338  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

Vulnerable Software & Versions: (show all)

CVE-2018-1339  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.

Vulnerable Software & Versions: (show all)

trove4j-3.0.3.jar

Description:

 The Trove library provides high speed regular and primitive
        collections for Java.
    

License:

GNU Lesser General Public License 2.1: http://www.gnu.org/licenses/lgpl-2.1.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/trove4j-3.0.3.jar
MD5: 8fc4d4e0129244f9fd39650c5f30feb2
SHA1: 42ccaf4761f0dfdfa805c9e340d99a755907e2dd
SHA256:3c8616203d61a12a7e3487e8b34f3c198c2b5ba9e90da0c7ea32d99cd4958012

Identifiers

udunits-4.5.5.jar

Description:

 The ucar.units Java package is for decoding and encoding
    formatted unit specifications (e.g. "m/s"), converting numeric values
    between compatible units (e.g. between "m/s" and "knot"), and for
    performing arithmetic operations on units (e.g. dividing one unit by
    another, raising a unit to a power).

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/udunits-4.5.5.jar
MD5: 025ffadf77de73601443c8262c995df0
SHA1: d8c8d65ade13666eedcf764889c69321c247f153
SHA256:fb641ad901d1526d53f2b13bc86baec703c57d58e6001cfa54ca7734c97fb30d

Identifiers

  • maven: edu.ucar:udunits:4.5.5  Confidence:High

vorbis-java-core-0.8.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/vorbis-java-core-0.8.jar
MD5: 71b623b57f56daf112bddb3337ee896d
SHA1: 7e9937c2575cda2e3fc116415117c74f23e43fa6
SHA256:879bb0c8923fea686609e207fd9050ab246e001868341c725929405e755cf68e

Identifiers

  • maven: org.gagravarr:vorbis-java-core:0.8  Confidence:High

vorbis-java-tika-0.8.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/vorbis-java-tika-0.8.jar
MD5: 85c7b34d5f94e66bf0c79f5d673db750
SHA1: 4ddbb27ac5884a0f0398a63d46a89d3bc87dc457
SHA256:a1b62281a99aec10dc69db1d2f8250952dca5841eedf1167b6b6f9585e2d0d26

Identifiers

  • maven: org.gagravarr:vorbis-java-tika:0.8  Confidence:High
  • cpe: cpe:/a:apache:tika:0.8  Confidence:Highest  

CVE-2016-6809  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.

Vulnerable Software & Versions:

CVE-2018-1338  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

Vulnerable Software & Versions: (show all)

CVE-2018-1339  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.

Vulnerable Software & Versions: (show all)

xmlbeans-2.6.0.jar

Description:

 XmlBeans main jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/xmlbeans-2.6.0.jar
MD5: 6591c08682d613194dacb01e95c78c2c
SHA1: 29e80d2dd51f9dcdef8f9ffaee0d4dc1c9bbfc87
SHA256:c77974359688b2823b48fa9a33da68559d64f8474441480d9df4f9e254332a96

Identifiers

xmlschema-core-2.2.2.jar

Description:

 Commons XMLSchema is a light weight schema object model that can be used to manipulate or
        generate XML schema.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/xmlschema-core-2.2.2.jar
MD5: 9c8eddbc128f5d6f7ac218be8d602909
SHA1: 3346ea4712a8bc80dbc1877628bfca1d6c4d55ef
SHA256:664873ab0591e3bd02e6657f35218798e29fd7605acf1e0140e6db871bf7d6fc

Identifiers

  • maven: org.apache.ws.xmlschema:xmlschema-core:2.2.2  Confidence:High
  • cpe: cpe:/a:ws_project:ws:2.2.2  Confidence:Low  

xmpcore-5.1.3.jar

Description:

 
    The XMP Library for Java is based on the C++ XMPCore library
    and the API is similar.
  

License:

The BSD License: http://www.adobe.com/devnet/xmp/library/eula-xmp-library-java.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/xmpcore-5.1.3.jar
MD5: 08d154cf297e87471637df85172f93e6
SHA1: 57e70c3b10ff269fff9adfa7a31d61af0df30757
SHA256:821be907f1e514ebb50f0ca04b2c098370a3cb5e5f9ddcc2ecf81e73eb265daa

Identifiers

xz-1.6.jar

Description:

 XZ data compression

License:

Public Domain
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/xz-1.6.jar
MD5: f1bd86b27cb86528aadc973dcd60f6ca
SHA1: 05b6f921f1810bdf90e25471968f741f87168b64
SHA256:a594643d73cc01928cf6ca5ce100e094ea9d73af760a5d4fb6b75fa673ecec96

Identifiers

  • cpe: cpe:/a:tukaani:xz:1.6  Confidence:Low  
  • maven: org.tukaani:xz:1.6   Confidence:Highest

CVE-2015-4035  

Severity:Medium
CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

Vulnerable Software & Versions:

creativecommons.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/creativecommons/creativecommons.jar
MD5: c575bfaaa19919b18a4a11f0e15af4cc
SHA1: 42d525ff8dfc79b495a78b42b9ff67c9f75e4fdf
SHA256:9d17e32db7ac7d916b755f4cf3b1f1738a388822766c7f0d6d4512452d6aeb4d

Identifiers

  • None

exchange-jexl.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/exchange-jexl/exchange-jexl.jar
MD5: 365156890b0cc329ef234ac49f0b55cf
SHA1: 97ac335c5476dc037f806f6421a55a494f019190
SHA256:5dd225be7552579562119857b2d02c384381de56d1ff59ce33a6ba8a25f47571

Identifiers

  • None

feed.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/feed/feed.jar
MD5: 9349da33e60bbe491bbd3d5b8db9d5ec
SHA1: 2e74e6049f2fc7d198aaa10665d92abd3b9c14a3
SHA256:aaac923fbfb03cc5e1cabbdcc1c7d62c298cd1be9a9e1234df56327ecd02f2b9

Identifiers

  • None

jdom-2.0.2.jar

Description:

 
		A complete, Java-based solution for accessing, manipulating, 
		and outputting XML data
	

License:

Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/feed/jdom-2.0.2.jar
MD5: f2ce377fffc36a069117c578c14139ba
SHA1: d06c71e0df0ac4b94deb737718580ccce22d92e8
SHA256:2bdf7a48fddc9259f5aa420eee328e939d71302a6a1b79a176e4fd47ee988b97

Identifiers

headings.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/headings/headings.jar
MD5: 0dddea20f643576406dae73e96f2776b
SHA1: 350e7366e555757cc9ec47d769b0e11c54d1303d
SHA256:5f9f645c22c3166f0f474e8967dac9a206cc2c2c6fc522e0cf3f3efa575bd526

Identifiers

  • None

index-anchor.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-anchor/index-anchor.jar
MD5: a83ce16aebbc266b75fc77093c886f38
SHA1: 0b87638bd6325d755c51874cb85f6c839ec756f7
SHA256:c67a41a3bf1bb4a5e89f93344cac4360d6df36a2dd1ca8270415b4169d275031

Identifiers

  • None

index-basic.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-basic/index-basic.jar
MD5: 9b200351856e76b696bea0c1844bbb86
SHA1: 59576fc9c84e9d076179d63b1056a312f8dd77a2
SHA256:57cc0355e2ac6144d6ac7cf283e8efdf70c01623be14b570d8f0237f6178cde2

Identifiers

  • None

geoip2-2.10.0.jar

Description:

 GeoIP2 webservice client and database reader

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-geoip/geoip2-2.10.0.jar
MD5: 68a42e4a3c3befa52bb2324320e09800
SHA1: aea0f79a7b9a403a220e350e3599d2d72754b71e
SHA256:efa5dab783a54531a60a1826eb46518a0505075aac87303193b1a1e2f58d3656

Identifiers

  • cpe: cpe:/a:geoip:geoip:2.10.0  Confidence:Low  
  • maven: com.maxmind.geoip2:geoip2:2.10.0  Confidence:High

index-geoip.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-geoip/index-geoip.jar
MD5: c3440c88cbea0a6e8ce3279901d1c055
SHA1: 1bdc4d71d5371e341ca57f729ea10143f7740e1e
SHA256:cb656018a68bdd703c2086b8d25d9b1619b3ccb6259b09768c8e1d54a090da9f

Identifiers

  • cpe: cpe:/a:geoip:geoip:-  Confidence:Low  

jackson-databind-2.9.2.jar

Description:

 General data-binding functionality for Jackson: works on core streaming API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-geoip/jackson-databind-2.9.2.jar
MD5: 312a220f449bdeda184b7007e6ca5540
SHA1: 1d8d8cb7cf26920ba57fb61fa56da88cc123b21f
SHA256:d06823e75174e566fc4a169cb3d162b128eebedc5de336a179d6513b59a0758a

Identifiers

  • cpe: cpe:/a:fasterxml:jackson-databind:2.9.2  Confidence:Highest  
  • maven: com.fasterxml.jackson.core:jackson-databind:2.9.2  Confidence:High
  • cpe: cpe:/a:fasterxml:jackson:2.9.2  Confidence:Low  

CVE-2017-17485  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.

Vulnerable Software & Versions: (show all)

CVE-2018-5968  

Severity:Medium
CVSS Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CWE: CWE-184 Incomplete Blacklist

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

Vulnerable Software & Versions: (show all)

CVE-2018-7489  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-184 Incomplete Blacklist

FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.

Vulnerable Software & Versions: (show all)

maxmind-db-1.2.2.jar

Description:

 Reader for MaxMind DB

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-geoip/maxmind-db-1.2.2.jar
MD5: 67c5e87f8a45275b7a3e1a7e176e556f
SHA1: 78c22a03de1e222b0751855aff7bb6e6db5569e5
SHA256:d4e35cecd5389c73cd7796085b8096804133504fa0cbc55b32e6b567ead738da

Identifiers

  • maven: com.maxmind.db:maxmind-db:1.2.2  Confidence:High

index-jexl-filter.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-jexl-filter/index-jexl-filter.jar
MD5: d4b74bd6cf7b6a2496df892dd9d2764f
SHA1: f48517ce9bc7b0cfa94ebd9170c3f4a6366027ae
SHA256:dc2b6761e569cabb36ff55436db63a9d74675bb7c8972584a37fa85a4e30270a

Identifiers

  • None

index-links.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-links/index-links.jar
MD5: 85c8a95fc1acd0619ac8a7a6be2e96ee
SHA1: ebff87369c96e66f4f25312518751a3de51b5a28
SHA256:9b5b82c5d8c32ae7339ec5022bda97023beef77891fe512b9ebcc0525ca41f5c

Identifiers

  • cpe: cpe:/a:links:links:-  Confidence:Low  

index-metadata.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-metadata/index-metadata.jar
MD5: 0f2281f87b63bfb0a4c21d2fe4912d15
SHA1: f600b945cd7d19166ddc3085ad5daa8014039955
SHA256:c25976d3a0f92148983e1d1acd2d266195214053a969e5511ef3fb6252dca494

Identifiers

  • None

index-more.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-more/index-more.jar
MD5: acafc826d0d6446b05347a015b78deac
SHA1: 6012ab38f780091ac6ee318183a24b9e9f6ddb94
SHA256:a664f11da148fd918cb832089a77a0a85328c6553acfd59d457bc6eb788c3e45

Identifiers

  • None

index-replace.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-replace/index-replace.jar
MD5: bff61b310609c490019eff5c3a5f9389
SHA1: b83678ca2bc1184104c324855dbb5608fc707aac
SHA256:f108558c7bbf08e2b7fdc9a36a7bf08b46e463be9e18a018f231cdfae562060e

Identifiers

  • None

index-static.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/index-static/index-static.jar
MD5: 9a57428552a541b2cca5d8a785234031
SHA1: 6b33f272a002d79fe9f61e28401cab5859be180f
SHA256:33a45856da51d08fa63cc132dfb6c803397dcf9fa3a295af3632f8155e712a81

Identifiers

  • None

aws-java-sdk-cloudsearch-1.10.0.jar

Description:

 The AWS Java SDK for Amazon CloudSearch module holds the client classes that are used for communicating with Amazon CloudSearch Service

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/aws-java-sdk-cloudsearch-1.10.0.jar
MD5: 09f6067cea5e3c7825c6ed675e005a5a
SHA1: 4f05fc8683fdc88433ed557229ed02c07a2a835c
SHA256:21b03fe03c1364f29a815f3ce7c40a22e3857436da679080a516c3db95d145ed

Identifiers

  • maven: com.amazonaws:aws-java-sdk-cloudsearch:1.10.0  Confidence:High

aws-java-sdk-core-1.10.0.jar

Description:

 The AWS SDK for Java - Core module holds the classes that is used by the individual service clients to interact with Amazon Web Services. Users need to depend on aws-java-sdk artifact for accessing individual client classes.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/aws-java-sdk-core-1.10.0.jar
MD5: a405834c8e249d574700412d1466c381
SHA1: 9732a4e80aad23101faa442700c2172a37257c43
SHA256:c23bc1c6fe594484f38fed08edd8fe00bc6593b2cb8cd99c723c28a31a16d7c0

Identifiers

  • maven: com.amazonaws:aws-java-sdk-core:1.10.0  Confidence:High

commons-codec-1.6.jar

Description:

 
     The codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/commons-codec-1.6.jar
MD5: 5970f54883b4831b24b97f1125ba27e6
SHA1: b7f0fc8f61ecadeb3695f0b9464755eee44374d4
SHA256:54b34e941b8e1414bd3e40d736efd3481772dc26db3296f6aa45cec9f6203d86

Identifiers

  • maven: commons-codec:commons-codec:1.6  Confidence:High

commons-logging-1.1.3.jar

Description:

 Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/commons-logging-1.1.3.jar
MD5: 92eb5aabc1b47287de53d45c086a435c
SHA1: f6f66e966c70a83ffbdb6f17a0919eaf7c8aca7f
SHA256:70903f6fc82e9908c8da9f20443f61d90f0870a312642991fe8462a0b9391784

Identifiers

  • maven: commons-logging:commons-logging:1.1.3  Confidence:High

httpclient-4.3.6.jar

Description:

 
   HttpComponents Client
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/httpclient-4.3.6.jar
MD5: 2d29a27bb6c6b44bc8a608a0e5d09735
SHA1: 4c47155e3e6c9a41a28db36680b828ced53b8af4
SHA256:79838d9eaef73d4f852c63a480830c3a2d4b590f0ab3ae815a489463e4714004

Identifiers

  • maven: org.apache.httpcomponents:httpclient:4.3.6  Confidence:High
  • cpe: cpe:/a:apache:httpclient:4.3.6  Confidence:Low  

httpcore-4.3.3.jar

Description:

 
   HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/httpcore-4.3.3.jar
MD5: c26171852f9810cd3d2416604a387e71
SHA1: f91b7a4aadc5cf486df6e4634748d7dd7a73f06d
SHA256:5285de80af1651c489313b91a9f40c65a4cdcb6b3bde716fcc028d16869a5a93

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.3.3  Confidence:High

indexer-cloudsearch.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/indexer-cloudsearch.jar
MD5: dbfb1b5b482ab93497ec7c11785ff247
SHA1: 67cc4dede16cfd63763fe6f2ffee0109f5124893
SHA256:b0e3f3c9a34bdcb51b0d7d58e37b6c0c8c7d834ece83e753a6cc24869aeae65e

Identifiers

  • None

jackson-annotations-2.5.0.jar

Description:

 Core annotations used for value types, used by Jackson data binding package.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/jackson-annotations-2.5.0.jar
MD5: db2a8e900965c9618cac9abec038e3de
SHA1: a2a55a3375bc1cef830ca426d68d2ea22961190e
SHA256:0ca408c24202a7626ec8b861e99d85eca5e38b73311dd6dd12e3e9deecc3fe94

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.5.0  Confidence:Low  
  • maven: com.fasterxml.jackson.core:jackson-annotations:2.5.0  Confidence:High

jackson-core-2.5.3.jar

Description:

 Core Jackson abstractions, basic JSON streaming API implementation
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/jackson-core-2.5.3.jar
MD5: 5763215f9054614336ffa55d46a69e15
SHA1: a8b8a6dfc8a17890e4c7ff8aed810763d265b68b
SHA256:c9a900c30c702d371be2d3714938dfa6de616599c8eb39f8e3cf7aedd62dfd32

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.5.3  Confidence:Low  
  • maven: com.fasterxml.jackson.core:jackson-core:2.5.3  Confidence:High

jackson-databind-2.5.3.jar

Description:

 General data-binding functionality for Jackson: works on core streaming API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/jackson-databind-2.5.3.jar
MD5: b04f954ff7a76091cd6a303ebba8c67d
SHA1: c37875ff66127d93e5f672708cb2dcc14c8232ab
SHA256:7a47be42e41328a6fc0d4a77983eb587c5e3d74156fa7c0fa93f817bcd199fc3

Identifiers

  • cpe: cpe:/a:fasterxml:jackson-databind:2.5.3  Confidence:Highest  
  • maven: com.fasterxml.jackson.core:jackson-databind:2.5.3  Confidence:High
  • cpe: cpe:/a:fasterxml:jackson:2.5.3  Confidence:Low  

CVE-2017-15095  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.

Vulnerable Software & Versions: (show all)

CVE-2017-17485  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath.

Vulnerable Software & Versions: (show all)

CVE-2017-7525  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

Vulnerable Software & Versions: (show all)

CVE-2018-5968  

Severity:Medium
CVSS Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
CWE: CWE-184 Incomplete Blacklist

FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist.

Vulnerable Software & Versions: (show all)

CVE-2018-7489  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-184 Incomplete Blacklist

FasterXML jackson-databind before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.

Vulnerable Software & Versions: (show all)

joda-time-2.8.jar

Description:

 Date and time library to replace JDK date handling

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-cloudsearch/joda-time-2.8.jar
MD5: 4c17df2ad20161112283dbe6475e70d2
SHA1: 9f2785d7184b97d005a44241ccaf980f43b9ccdb
SHA256:55ae8d6baf406ccfec88cc444de4a452c5725859b70a076ba50a7a7b75f68ed1

Identifiers

  • maven: joda-time:joda-time:2.8  Confidence:High

indexer-csv.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-csv/indexer-csv.jar
MD5: 80c4d0d0f0f29a509d2e3a14b875cef3
SHA1: cacc77aec4d381a8167854eb581ec8f938cddfc7
SHA256:c7dbc41c4cf8eb3347292297bcb33341f67bc9f6d8d68b148aa6633f0920f585

Identifiers

  • None

indexer-dummy.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-dummy/indexer-dummy.jar
MD5: a1d57fc514c569c9521c362d2b6de5f9
SHA1: ba11e5146d856cab92e046b22d6a9ed590ab1d16
SHA256:9c9de2d1b854bada74a05bd5356ab0eaa40e53d9bf90f038a2656875e151fb67

Identifiers

  • None

commons-codec-1.9.jar

Description:

 
     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/commons-codec-1.9.jar
MD5: 75615356605c8128013da9e3ac62a249
SHA1: 9ce04e34240f674bc72680f8b843b1457383161a
SHA256:ad19d2601c3abf0b946b5c3a4113e226a8c1e3305e395b90013b78dd94a723ce

Identifiers

  • maven: commons-codec:commons-codec:1.9  Confidence:High

commons-lang3-3.4.jar

Description:

 
  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/commons-lang3-3.4.jar
MD5: 8667a442ee77e509fbe8176b94726eb2
SHA1: 5fe28b9518e58819180a43a850fbc0dd24b7c050
SHA256:734c8356420cc8e30c795d64fd1fcd5d44ea9d90342a2cc3262c5158fbc6d98b

Identifiers

  • maven: org.apache.commons:commons-lang3:3.4  Confidence:High

gson-2.6.2.jar

Description:

 Gson JSON library

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/gson-2.6.2.jar
MD5: 302e660f8e4928b7417ce145af88cacd
SHA1: f1bc476cc167b18e66c297df599b2377131a8947
SHA256:b8545ba775f641f8bba86027f06307152279fee89a46a4006df1bf2f874d4d9d

Identifiers

  • maven: com.google.code.gson:gson:2.6.2  Confidence:High

guava-19.0.jar

Description:

 
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/guava-19.0.jar
MD5: 43bfc49bdc7324f6daaa60c1ee9f3972
SHA1: 6ce200f6b23222af3d8abb6b6459e6c44f4bb0e9
SHA256:58d4cc2e05ebb012bbac568b032f75623be1cb6fb096f3c60c72a86f7f057de4

Identifiers

  • maven: com.google.guava:guava:19.0  Confidence:High

httpasyncclient-4.1.1.jar

Description:

 
   Apache HttpComponents AsyncClient
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/httpasyncclient-4.1.1.jar
MD5: abaee2878c8aedf57b917ea8e7063a32
SHA1: dd624f5a0ff43eb5cdf828d9739d3177ee00a5a9
SHA256:27cb2c5eba8e85799f38b7cb0341406ef967e061f91018c68733ec6856ff7633

Identifiers

  • maven: org.apache.httpcomponents:httpasyncclient:4.1.1  Confidence:High
  • cpe: cpe:/a:apache:httpasyncclient:4.1.1  Confidence:Low  

httpclient-4.5.2.jar

Description:

 
   Apache HttpComponents Client
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/httpclient-4.5.2.jar
MD5: e0a45df625cb96b69505e59bb25a0189
SHA1: 733db77aa8d9b2d68015189df76ab06304406e50
SHA256:0dffc621400d6c632f55787d996b8aeca36b30746a716e079a985f24d8074057

Identifiers

  • cpe: cpe:/a:apache:httpclient:4.5.2  Confidence:Low  
  • maven: org.apache.httpcomponents:httpclient:4.5.2  Confidence:High

httpcore-4.4.4.jar

Description:

 
   Apache HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/httpcore-4.4.4.jar
MD5: e7776f2b03a4c62d691a90d3c68c93c0
SHA1: b31526a230871fbe285fbcbe2813f9c0839ae9b0
SHA256:f7bc09dc8a7003822d109634ffd3845d579d12e725ae54673e323a7ce7f5e325

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.4.4  Confidence:High

httpcore-nio-4.4.4.jar

Description:

 
   Apache HttpComponents Core (non-blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/httpcore-nio-4.4.4.jar
MD5: 562f930326530c262c04d7b4f6b1d055
SHA1: 16badfc2d99db264c486ba8c57ae577301a58bd9
SHA256:f21be11ed00a7c655204c03d3ff38c2e8ac88db0913da3598ce5f9ffd686ae1f

Identifiers

  • maven: org.apache.httpcomponents:httpcore-nio:4.4.4  Confidence:High

indexer-elastic-rest.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/indexer-elastic-rest.jar
MD5: 4458966a936b6b15f1a884792cef5134
SHA1: 78e615b276311e1149ec0b9b597745c3e01ad7b1
SHA256:611757dceff8b9a23d8fc72d23233e939bdbb60ff6aa3f05112c92a90dbe0ddc

Identifiers

  • None

jest-2.0.3.jar

Description:

 ElasticSearch Java REST client - Apache HTTP Client package

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/jest-2.0.3.jar
MD5: 2d3ea2c80e90c0b8c255b93c1c9bd1a9
SHA1: b8f9ed1423489b361804e47f640515ea9f1fa08d
SHA256:300f8d0e2e15da47767824743e0cee3031669f8aa38baecb1e407fcb985f3c3d

Identifiers

  • maven: io.searchbox:jest:2.0.3  Confidence:High

jest-common-2.0.3.jar

Description:

 ElasticSearch Java REST client - shared library package

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/jest-common-2.0.3.jar
MD5: 558390f7840e523db28b8d1e14f09fdc
SHA1: f304c66894aaf2f6c17a886bc826f09c7a161cf9
SHA256:c790fd40f68871187ded4e213fb9fa8b3c973ba04f300b7b0420eaf069caa50f

Identifiers

  • maven: io.searchbox:jest-common:2.0.3  Confidence:High

slf4j-api-1.7.21.jar

Description:

 The slf4j API

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic-rest/slf4j-api-1.7.21.jar
MD5: c9be56284a92dcb2576679282eff80bf
SHA1: 139535a69a4239db087de9bab0bee568bf8e0b70
SHA256:1d5aeb6bd98b0fdd151269eae941c05f6468a791ea0f1e68d8e7fe518af3e7df

Identifiers

  • cpe: cpe:/a:slf4j:slf4j:1.7.21  Confidence:Low  
  • maven: org.slf4j:slf4j-api:1.7.21  Confidence:High

HdrHistogram-2.1.6.jar

Description:

 
        HdrHistogram supports the recording and analyzing sampled data value
        counts across a configurable integer value range with configurable value
        precision within the range. Value precision is expressed as the number of
        significant digits in the value recording, and provides control over value
        quantization behavior across the value range and the subsequent value
        resolution at any given level.
    

License:

Public Domain, per Creative Commons CC0: http://creativecommons.org/publicdomain/zero/1.0/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/HdrHistogram-2.1.6.jar
MD5: 565bf21a1fec0dc39e8b9d5eb0642344
SHA1: 7495feb7f71ee124bd2a7e7d83590e296d71d80e
SHA256:1d44b3a32d268aa453ee7a9bb89650dfccb159a3160df49d92f299f2b72e9988

Identifiers

  • maven: org.hdrhistogram:HdrHistogram:2.1.6  Confidence:High

compiler-0.9.3.jar

Description:

 Implementation of mustache.js for Java

License:

Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/compiler-0.9.3.jar
MD5: 5df26dd0bf9ed3bb0af6e2dbe9cacf2b
SHA1: 2815e016c63bec4f18704ea4f5489106a5b01a99
SHA256:478ce317231ff42024bf7b6f1447a15e6d961358b564ac158ebfe4c53fdd404f

Identifiers

  • maven: com.github.spullara.mustache.java:compiler:0.9.3  Confidence:High

elasticsearch-5.3.0.jar

Description:

 Elasticsearch subproject :core

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/elasticsearch-5.3.0.jar
MD5: 47618fe580cbffe31f4dbd9beaa07670
SHA1: f42e60773fa004188020327fcfbd5b946f9834c6
SHA256:6e3f78d7d70dd42087f9923c0e93b1b49d9c55bf1221771c1a9bc5d0d83a4e5a

Identifiers

hppc-0.7.1.jar

Description:

 High Performance Primitive Collections. 
  Fundamental data structures (maps, sets, lists, stacks, queues) generated for
  combinations of object and primitive types to conserve JVM memory and speed
  up execution.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/hppc-0.7.1.jar
MD5: 2ff89be5b49144c330190cf7137c3a26
SHA1: 8b5057f74ea378c0150a1860874a3ebdcb713767
SHA256:40d2a57f59e9eae7b018d3b4841954087ee40a5c1db6a54c3ea87742e3890391

Identifiers

  • maven: com.carrotsearch:hppc:0.7.1  Confidence:High

httpasyncclient-4.1.2.jar

Description:

 
   Apache HttpComponents AsyncClient
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/httpasyncclient-4.1.2.jar
MD5: 262ed539a7d65addfe71b40345671a00
SHA1: 95aa3e6fb520191a0970a73cf09f62948ee614be
SHA256:a9967aa6baa767b1f4881171ad212100c62dfa1da2e7fe93c5e85f10e07969bf

Identifiers

  • maven: org.apache.httpcomponents:httpasyncclient:4.1.2  Confidence:High
  • cpe: cpe:/a:apache:httpasyncclient:4.1.2  Confidence:Low  

httpcore-4.4.5.jar

Description:

 
   Apache HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/httpcore-4.4.5.jar
MD5: 77e3c6477ecd4112078869b023d93ae5
SHA1: e7501a1b34325abb00d17dde96150604a0658b54
SHA256:64d5453874cab7e40a7065cb01a9a9ca1053845a9786b478878b679e0580cec3

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.4.5  Confidence:High

httpcore-nio-4.4.5.jar

Description:

 
   Apache HttpComponents Core (non-blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/httpcore-nio-4.4.5.jar
MD5: e570d76d11b6fdf941173ab78ae4288b
SHA1: f4be009e7505f6ceddf21e7960c759f413f15056
SHA256:9da82cfb9f50318333d3892e00904f3b74af0825f0f6de32eea7090a2565d0d1

Identifiers

  • maven: org.apache.httpcomponents:httpcore-nio:4.4.5  Confidence:High

indexer-elastic.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/indexer-elastic.jar
MD5: 1bf829580913cd6bbdff4011d221e2a9
SHA1: 7ddfa7ce1f6df044e62b2bb37d3e8b27eb98e034
SHA256:0d09f495b32cc798dcf1d2079e09e6a57e76a68c7e8c2c295d0b36129ab3705f

Identifiers

  • None

jackson-core-2.8.6.jar

Description:

 Core Jackson abstractions, basic JSON streaming API implementation

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/jackson-core-2.8.6.jar
MD5: fc62c06dbb91d1c9130c405edaa35a88
SHA1: 2ef7b1cc34de149600f5e75bc2d5bf40de894e60
SHA256:10a8d607dc66aadee9ef24e8b3d83f04b6c0e033926558cc64e408bcbda0ca9f

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.8.6  Confidence:Low  
  • maven: com.fasterxml.jackson.core:jackson-core:2.8.6  Confidence:High

jna-4.2.2.jar

Description:

 Java Native Access

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/jna-4.2.2.jar
MD5: 78eb97e642452eb30aea5f76e52a7603
SHA1: 5012450aee579c3118ff09461d5ce210e0cdc2a9
SHA256:1f38af54e06c6e6f6dbf39ba2c052b952dea5dddb4871127b34639ddeb11bdbe

Identifiers

joda-time-2.9.5.jar

Description:

 Date and time library to replace JDK date handling

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/joda-time-2.9.5.jar
MD5: 1312d538a0cc48d20366cb4c90f22622
SHA1: 5f01da7306363fad2028b916f3eab926262de928
SHA256:8241b5c97d83c207924b585c214f42a0c7b27cb744f93c33a07c09784f6fb5ef

Identifiers

  • maven: joda-time:joda-time:2.9.5  Confidence:High

jopt-simple-5.0.2.jar

Description:

 A Java library for parsing command line options

License:

The MIT License: http://www.opensource.org/licenses/mit-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/jopt-simple-5.0.2.jar
MD5: 22d04887411554d11534653a40ea325a
SHA1: 98cafc6081d5632b61be2c9e60650b64ddbc637c
SHA256:457877c79e038f390557db5f8e92c4436fb4f4b3ba63f28bc228500fee080193

Identifiers

  • maven: net.sf.jopt-simple:jopt-simple:5.0.2  Confidence:High

lang-mustache-client-5.3.0.jar

Description:

 Mustache scripting integration for Elasticsearch

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lang-mustache-client-5.3.0.jar
MD5: 17b7d2c3e7354bb45ed78fe1771fe796
SHA1: 079c2752942a3ae1716c35c67c04ebdd8159526b
SHA256:ccb43698028f44806b4f5d64fdec962137c191531b50233036d62867138ec367

Identifiers

log4j-core-2.7.jar

Description:

 The Apache Log4j Implementation

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/log4j-core-2.7.jar
MD5: 2b63e0e5063fdaccf669a1e26384f3fd
SHA1: a3f2b4e64c61a7fc1ed8f1e5ba371933404ed98a
SHA256:5bb84e110d5f18cee47021a024d358227612dd6dac7b97fa781f85c6ad3ccee4

Identifiers

  • maven: org.apache.logging.log4j:log4j-core:2.7  Confidence:High
  • cpe: cpe:/a:apache:log4j:2.7  Confidence:Highest  

CVE-2017-5645  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

Vulnerable Software & Versions: (show all)

lucene-analyzers-common-6.4.1.jar

Description:

 Additional Analyzers

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-analyzers-common-6.4.1.jar
MD5: d731696ac8d53bec151dc901355b1672
SHA1: c6f0f593503080204e9d33189cdc59320f55db37
SHA256:3aad3a2da515645bf9fe350650844509b0b41774f03c329500da21a084e8f7d7

Identifiers

lucene-backward-codecs-6.4.1.jar

Description:

 
    Codecs for older versions of Lucene.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-backward-codecs-6.4.1.jar
MD5: dedab88216952bc26acda53f552fc450
SHA1: b0ab8aca2b0025b8733411778b6d27afe1c451f5
SHA256:cb7a0b212993455fc617313500af8e49550c22ec2ebdc04f28b187b4a4e80a6e

Identifiers

lucene-core-6.4.1.jar

Description:

 Apache Lucene Java Core

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-core-6.4.1.jar
MD5: 3b2931c1a4052f9ebe75f299ff393fef
SHA1: 2a18924b9e0ed86b318902cb475a0b9ca4d7be5b
SHA256:0646d5ce1b746557c8ba1d99adc0b3740f34b5b8130e87c7304dc1b686e87dd5

Identifiers

lucene-grouping-6.4.1.jar

Description:

 Lucene Grouping Module

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-grouping-6.4.1.jar
MD5: 242440d7255ccf5655a653926726cc59
SHA1: 8297adfa469abd571079ee75a1645fc5124fff5b
SHA256:8731fd129be3d686810c60cb49037fb9f54c3d55f97755a92a97dadae5464e93

Identifiers

lucene-highlighter-6.4.1.jar

Description:

 
    This is the highlighter for apache lucene java
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-highlighter-6.4.1.jar
MD5: 8d88c54080410583a8fd1f7a1b3c4848
SHA1: 95c0f76fc7893240483b25a5c420bed77a10d05d
SHA256:1bf9d7ee20310519766769a217a97a594d1a7b7fcf13772d458c3571214bba7a

Identifiers

lucene-join-6.4.1.jar

Description:

 Lucene Join Module

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-join-6.4.1.jar
MD5: 411fa68c42ec64b5c6fb24c9f9e47174
SHA1: 6d2f1ff94dba19b9bc6f15930b7104b890cab1ce
SHA256:d512f5402c9f03e099299ee66c0113ba4efe34e70daf26f32a7911e23a1b900f

Identifiers

lucene-memory-6.4.1.jar

Description:

 
    High-performance single-document index to compare against Query
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-memory-6.4.1.jar
MD5: cb5e53686efc7a50785b6dc325db54c3
SHA1: 825a946902f03a38257851733da908949d69f3da
SHA256:0db49388fab1bdd7e090c79f65938ec670bb043a45b4089a504c1232fbf124d7

Identifiers

lucene-misc-6.4.1.jar

Description:

 Miscellaneous Lucene extensions

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-misc-6.4.1.jar
MD5: 8cb14c004eb6005827fcb6fa9363dda6
SHA1: 4d147a6f0fcfc54630260d1bb3deecfc0d0d10f7
SHA256:6a65f9d1772ad78b79699aa0b508b1692fb2e373dfa727e1d1e8b186f04bbeba

Identifiers

lucene-queries-6.4.1.jar

Description:

 Lucene Queries Module

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-queries-6.4.1.jar
MD5: 491a4ebf10171f1a1722f32ba380d2fd
SHA1: 6de41d984c16185a244b52c4d069b00f5b2b120f
SHA256:a374e1ef2bb431574a8d3969714f041ffe8940b41aa2d430b17de091deb79a11

Identifiers

lucene-queryparser-6.4.1.jar

Description:

 Lucene QueryParsers module

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-queryparser-6.4.1.jar
MD5: 1dc52342115c8040fbe0d83a2464da52
SHA1: 1fc5795a072770a2c47dce11a3c85a80f3437af6
SHA256:48ac3492d593752af5c7ce106711528fd2b23055c015d7cb52980b69d5bda727

Identifiers

lucene-sandbox-6.4.1.jar

Description:

 Lucene Sandbox

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-sandbox-6.4.1.jar
MD5: 33ec38f2b4498e6c50078f3b0b6b6f8d
SHA1: d4a49664668c58aa23aba74717f3d74a61378d7c
SHA256:1e3ebde0adb8875819289f73b6906adf6bf5a9f2c3588bff15e35cab2f931526

Identifiers

lucene-spatial-6.4.1.jar

Description:

     
    Geospatial Indexing and Query for Apache Lucene
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-spatial-6.4.1.jar
MD5: 1f5841a307dce3babcf1e224931122f5
SHA1: d6ceb47fdea913a8f468a240a6ea307368094463
SHA256:0e4a267557905eca8ff20b5afa61625f4ff235123ac9566f0b335411d7fd5569

Identifiers

lucene-spatial-extras-6.4.1.jar

Description:

 
    Advanced Spatial Shape Strategies for Apache Lucene
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-spatial-extras-6.4.1.jar
MD5: dcb96415b0b35bec0360b669d17f3e70
SHA1: 5b764e5f95f610f79622ca0e957bfc23f094e4c7
SHA256:300edc244d2149b2ceea75a9536948418facf41f7912a1f392e7428109bb1d4d

Identifiers

lucene-spatial3d-6.4.1.jar

Description:

 
    Lucene Spatial shapes implemented using 3D planar geometry
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-spatial3d-6.4.1.jar
MD5: 082dd921e2ff377cf485b466997c2797
SHA1: 2c58459e671040046305dbee698fce1e6a1de71d
SHA256:cefb26a55b12c34e54e056b7a009a86094182dca3c8a91a08f9227589b9d4412

Identifiers

lucene-suggest-6.4.1.jar

Description:

 Lucene Suggest Module

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/lucene-suggest-6.4.1.jar
MD5: b4d40620ee418942f26957116a0d7803
SHA1: 47014b400916eea259645a9e3118558ef6e95441
SHA256:e8e306c001c5e38f7918e0a5233c058e05ce4224872d3739a62f429252d4c4ef

Identifiers

netty-3.10.6.Final.jar

Description:

 
    The Netty project is an effort to provide an asynchronous event-driven
    network application framework and tools for rapid development of
    maintainable high performance and high scalability protocol servers and
    clients.  In other words, Netty is a NIO client server framework which
    enables quick and easy development of network applications such as protocol
    servers and clients. It greatly simplifies and streamlines network
    programming such as TCP and UDP socket server.
  

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/netty-3.10.6.Final.jar
MD5: e9cdf01138257f48d796fb2cf67af53e
SHA1: 18ed04a0e502896552854926e908509db2987a00
SHA256:8768a50fbe3d93a88d8e6000ea5d68e30f50dc915b3764c3c5870f70c4fb3b49

Identifiers

  • cpe: cpe:/a:netty_project:netty:3.10.6  Confidence:Low  
  • maven: io.netty:netty:3.10.6.Final  Confidence:High

netty-transport-4.1.7.Final.jar

Description:

 Netty is an asynchronous event-driven network application framework for    rapid development of maintainable high performance protocol servers and    clients.

License:

http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/netty-transport-4.1.7.Final.jar
MD5: fd8ef33a8196b1bd528c855b0cec77e2
SHA1: 469e86d4dda1dca8b88d2b1faa8e0f078243ba12
SHA256:5c6aaaa855a1ef42885f99cd3ea602f523ef0fe172fda26f1ac693d35abb251b

Identifiers

  • cpe: cpe:/a:netty_project:netty:4.1.7  Confidence:Low  
  • maven: io.netty:netty-transport:4.1.7.Final  Confidence:High

percolator-client-5.3.0.jar

Description:

 Percolator module adds capability to index queries and query these queries by specifying documents

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/percolator-client-5.3.0.jar
MD5: e41ae712118063701c5aa8f50913b234
SHA1: 97f8f70b84e68fa8f653e8f86e7a7573c5fe93f6
SHA256:c20fcb6e74f57c0d33d485a2f5b5606e7bdc78a069f35cf7747e5d8d1a0550e5

Identifiers

reindex-client-5.3.0.jar

Description:

 The Reindex module adds APIs to reindex from one index to another or update documents in place.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/reindex-client-5.3.0.jar
MD5: 893fc6ce0b723da2ed6616eeef838b49
SHA1: bac4ecfdc2faf10d0332e01f60e1f1bf491a4e9d
SHA256:765b30e54db5c60c5cc934b556549266ecf5ca35e020cc6eab8b4dea5abb58c1

Identifiers

rest-5.3.0.jar

Description:

 Elasticsearch subproject :client:rest

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/rest-5.3.0.jar
MD5: 664099075d3606badad97ccbb267f82d
SHA1: 7bbde50676527dbb8c5722f7ad526ea3d856a705
SHA256:f57a0dfb418e213e0eb3ecd7484996b6c349fcacf4e82e071d51a21a28765582

Identifiers

securesm-1.1.jar

Description:

 SecurityManager implementation that works around design flaws in Java

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/securesm-1.1.jar
MD5: 2ce8857836ff479756cf0cccd3f1fddf
SHA1: 1e423447d020041534be94c0f31a49fbdc1f2950
SHA256:804330562c1cd2efc7fb2cfa3a5cfba6c308ee47664b1397da9d01f89d8a0d7c

Identifiers

  • maven: org.elasticsearch:securesm:1.1  Confidence:High

snakeyaml-1.15.jar

Description:

 YAML 1.1 parser and emitter for Java

License:

Apache License Version 2.0: LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/snakeyaml-1.15.jar
MD5: c6502713ff649a557b767b990830c786
SHA1: 3b132bea69e8ee099f416044970997bde80f4ea6
SHA256:79ea8aac6590f49ee8390c2f17ed9343079e85b44158a097b301dfee42af86ec

Identifiers

  • maven: org.yaml:snakeyaml:1.15  Confidence:High

t-digest-3.0.jar

Description:

 Data structure which allows accurate estimation of quantiles and related rank statistics

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/t-digest-3.0.jar
MD5: e7ede835f73c70cc662ca4d241250f1a
SHA1: 84ccf145ac2215e6bfa63baa3101c0af41017cfc
SHA256:5271fc25f94c01fa7a0e30a522118705bf3db7441a0b9636e5122b05a3d9c35d

Identifiers

  • maven: com.tdunning:t-digest:3.0  Confidence:High

transport-5.3.0.jar

Description:

 Elasticsearch subproject :client:transport

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/transport-5.3.0.jar
MD5: 32739db134381ff5300bff00ff57681b
SHA1: 11e7a05a74993deb5da6d99b24b5d95e65cf5fd3
SHA256:cf45e81dcec982f2b665fb4e3213596109f9d8ebe399d9c3d17223ad0e6a7074

Identifiers

indexer-rabbit.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-rabbit/indexer-rabbit.jar
MD5: 8b633c161993b7da25a1cbb65cffe30e
SHA1: a857e4ef82208354ffbf8981a1829af0ec47c213
SHA256:85e41b03a0d43e106faf1cb1a1e7170aec5f57cc81bc5880d48bdca584d615d3

Identifiers

  • None

commons-io-2.5.jar

Description:

 
The Apache Commons IO library contains utility classes, stream implementations, file filters, 
file comparators, endian transformation classes, and much more.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/commons-io-2.5.jar
MD5: e2d74794fba570ec2115fb9d5b05dc9b
SHA1: 2852e6e05fbb95076fc091f6d1780f1f8fe35e0f
SHA256:a10418348d234968600ccb1d988efcbbd08716e1d96936ccc1880e7d22513474

Identifiers

  • maven: commons-io:commons-io:2.5  Confidence:High

commons-math3-3.6.1.jar

Description:

 The Apache Commons Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/commons-math3-3.6.1.jar
MD5: 5b730d97e4e6368069de1983937c508e
SHA1: e4ba98f1d4b3c80ec46392f25e094a6a2e58fcbf
SHA256:1e56d7b058d28b65abd256b8458e3885b674c1d588fa43cd7d1cbb9c7ef2b308

Identifiers

  • maven: org.apache.commons:commons-math3:3.6.1  Confidence:High

indexer-solr.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/indexer-solr.jar
MD5: 72caaf406bd235d8a7a5c8d30609cbb0
SHA1: 74b3f3ff674dd77b9abdd88354f6431275cefc60
SHA256:0a7cd5f6c5691bc7c37968a9e5c2b744101eb5deb28f34aa7c2de7f0bbb9a185

Identifiers

  • cpe: cpe:/a:apache:solr:-  Confidence:Low  

CVE-2012-6612  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407.

Vulnerable Software & Versions: (show all)

CVE-2013-6397  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT.  NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.

Vulnerable Software & Versions: (show all)

CVE-2013-6407  

Severity:Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Vulnerable Software & Versions: (show all)

CVE-2013-6408  

Severity:Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.

Vulnerable Software & Versions: (show all)

CVE-2015-8795  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schema-Browser page, related to webapp/web/js/scripts/schema-browser.js.

Vulnerable Software & Versions:

CVE-2015-8796  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL.

Vulnerable Software & Versions:

CVE-2015-8797  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.

Vulnerable Software & Versions:

CVE-2017-3163  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.

Vulnerable Software & Versions: (show all)

jcl-over-slf4j-1.7.24.jar

Description:

 JCL 1.2 implemented over SLF4J

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/jcl-over-slf4j-1.7.24.jar
MD5: c4f92652e13f3095fc95fcdcb5b514d7
SHA1: e6a8629079856a2aa7862c6327ccf6dd1988d7fc
SHA256:53c6d81ae92ab7a67abf03439b0a2c3872cfe04bab3bf8db9c58fd03f5e71948

Identifiers

  • cpe: cpe:/a:slf4j:slf4j:1.7.24  Confidence:Low  
  • maven: org.slf4j:jcl-over-slf4j:1.7.24  Confidence:High

noggit-0.8.jar

Description:

 Noggit is the world's fastest streaming JSON parser for Java.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/noggit-0.8.jar
MD5: 6856f2ceab2dd7128595e4659d22d581
SHA1: ba4ad65a62d7dfcf97a8d42c82ae7d8824f9087f
SHA256:dd9901c7d72ffd97d952271e3c486ddc9c78dd25a74db69ddbf2670431c7c81f

Identifiers

  • maven: org.noggit:noggit:0.8  Confidence:High

slf4j-api-1.7.24.jar

Description:

 The slf4j API

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/slf4j-api-1.7.24.jar
MD5: d18638036e314cdd66f04e2d248b7df9
SHA1: 3f6b4bd4f8dbe8d4bea06d107a3826469b85c3e9
SHA256:baf3c7fe15fefeaf9e5b000d94547379dc48370f22a8797e239c127e7d7756ec

Identifiers

  • cpe: cpe:/a:slf4j:slf4j:1.7.24  Confidence:Low  
  • maven: org.slf4j:slf4j-api:1.7.24  Confidence:High

solr-solrj-7.3.1.jar

Description:

 Apache Solr Solrj

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/solr-solrj-7.3.1.jar
MD5: 41bd59579858d3c6a2e7cdc3dd3e71d8
SHA1: b82c4b775fdddefd1bc39583a396d93453f89144
SHA256:e17029d67f0f821bf30811338fcf0e465c93b5aeeb56fe9174619f1f9b76d819

Identifiers

CVE-2018-8026  

Severity:Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-611 Improper Restriction of XML External Entity Reference ('XXE')

This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability.

Vulnerable Software & Versions: (show all)

zookeeper-3.4.11.jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-solr/zookeeper-3.4.11.jar
MD5: 213d5365d10e9ae22dfa4d9a1b12ca2f
SHA1: dc767a0b76db57b9ed442ff80418f3c078f670b7
SHA256:72d402ed238019b638aefb3b592ddde9c52cfbb7956aadcbd419b8c76febc1b1

Identifiers

CVE-2014-0085  

Severity:Low
CVSS Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-255 Credentials Management

JBoss Fuse did not enable encrypted passwords by default in its usage of Apache Zookeeper. This permitted sensitive information disclosure via logging to local users. Note: this description has been updated; previous text mistakenly identified the source of the flaw as Zookeeper. Previous text: Apache Zookeeper logs cleartext admin passwords, which allows local users to obtain sensitive information by reading the log.

Vulnerable Software & Versions: (show all)

CVE-2018-8012  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-285 Improper Authorization

No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.

Vulnerable Software & Versions: (show all)

language-identifier.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/language-identifier/language-identifier.jar
MD5: 22c12e90a616fee137f745c3c997a403
SHA1: 6786f46737842ae523287dcaa1f41a7af9932040
SHA256:669d40f2a7ae389c336636b3d741a0b809734f8e8544e95df00706a594fde3f5

Identifiers

  • None

cglib-nodep-2.1_3.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/cglib-nodep-2.1_3.jar
MD5: db0e461169599af137eb24478c5292ce
SHA1: 58d3be5953547c0019e5704d6ed4ffda3b0c7c66
SHA256:e77f0b091a800acd15217bbc3c3629c1af0925b55b271fc5d0586422985639bb

Identifiers

commons-collections-3.2.1.jar

Description:

 Types that extend and augment the Java Collections Framework.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/commons-collections-3.2.1.jar
MD5: 13bc641afd7fd95e09b260f69c1e4c91
SHA1: 761ea405b9b37ced573d2df0d1e3a4e0f9edc668
SHA256:87363a4c94eaabeefd8b930cb059f66b64c9f7d632862f23de3012da7660047b

Identifiers

CVE-2015-6420  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Service Provider; Unified Computing; Voice and Unified Communications Devices; Video, Streaming, TelePresence, and Transcoding Devices; Wireless; and Cisco Hosted Services products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.

Vulnerable Software & Versions: (show all)

CVE-2017-15708  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Apache Synapse, by default no authentication is required for Java Remote Method Invocation (RMI). So Apache Synapse 3.0.1 or all previous releases (3.0.0, 2.1.0, 2.0.0, 1.2, 1.1.2, 1.1.1) allows remote code execution attacks that can be performed by injecting specially crafted serialized objects. And the presence of Apache Commons Collections 3.2.1 (commons-collections-3.2.1.jar) or previous versions in Synapse distribution makes this exploitable. To mitigate the issue, we need to limit RMI access to trusted users only. Further upgrading to 3.0.1 version will eliminate the risk of having said Commons Collection version. In Synapse 3.0.1, Commons Collection has been updated to 3.2.2 version.

Vulnerable Software & Versions: (show all)

commons-exec-1.1.jar

Description:

 A library to reliably execute external processes from within the JVM

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/commons-exec-1.1.jar
MD5: 74ec90baf201f7dea71272f09cac30bd
SHA1: 07dfdf16fade726000564386825ed6d911a44ba1
SHA256:e969402c143f527967fdfec29ce756a75e29ea0f3104bf99ab3406dac03a6767

Identifiers

  • maven: org.apache.commons:commons-exec:1.1  Confidence:High

commons-jxpath-1.3.jar

Description:

 A Java-based implementation of XPath 1.0 that, in addition to XML processing, can inspect/modify Java object graphs (the library's explicit purpose) and even mixed Java/XML structures.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/commons-jxpath-1.3.jar
MD5: 61a9aa8ff43ba10853571d57f724bf88
SHA1: c22d7d0f0f40eb7059a23cfa61773a416768b137
SHA256:fcbc0ad917d9d6a73c6df21fac322e00d213ef19cd94815a007c407a8a3ff449

Identifiers

  • maven: commons-jxpath:commons-jxpath:1.3  Confidence:High

commons-lang3-3.3.2.jar

Description:

 
  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/commons-lang3-3.3.2.jar
MD5: 3128bf75a2549ebe38663401191bacab
SHA1: 90a3822c38ec8c996e84c16a3477ef632cbc87a3
SHA256:6b81d10754dadf184d386011486e6509c2cc0c3d33565ced4fb4402b9413d47d

Identifiers

  • maven: org.apache.commons:commons-lang3:3.3.2  Confidence:High

cssparser-0.9.14.jar

Description:

 A CSS parser which implements SAC (the Simple API for CSS).

License:

GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/cssparser-0.9.14.jar
MD5: d374eacd2b72cccf676e60f5b4b9a6ff
SHA1: 25f3d437b3cd4d4e6fab904d18967c64e4ab671d
SHA256:b0c1184ba7a13aed2a049f1792555fad82113081dc7edda4f39f2d7a6bb74d1a

Identifiers

  • maven: net.sourceforge.cssparser:cssparser:0.9.14  Confidence:High

gson-2.3.jar

Description:

 Google Gson library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/gson-2.3.jar
MD5: 6da6d8d4f1554196599bcb76896b3393
SHA1: 5fc52c41ef0239d1093a1eb7c3697036183677ce
SHA256:9466512cd8cf0bd66a8a3661685373f7b3deafded11096e044926ff5c82c7a4c

Identifiers

guava-18.0.jar

Description:

 
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/guava-18.0.jar
MD5: 947641f6bb535b1d942d1bc387c45290
SHA1: cce0823396aa693798f8882e64213b1772032b09
SHA256:d664fbfc03d2e5ce9cab2a44fb01f1d0bf9dfebeccc1a473b1f9ea31f79f6f99

Identifiers

  • maven: com.google.guava:guava:18.0  Confidence:High

htmlunit-2.15.jar

Description:

 A headless browser intended for use in testing web-based applications.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/htmlunit-2.15.jar
MD5: 58ccccac09ac480e5c724b61f8d2e68d
SHA1: 8d3e66215a2337cfbc5c3316820ab300022baa54
SHA256:31a19785c30327d8819f6b2d4974ed94287617c98cbd5d62dc13741ce66c03c2

Identifiers

  • maven: net.sourceforge.htmlunit:htmlunit:2.15  Confidence:High

htmlunit-core-js-2.15.jar

Description:

 
		HtmlUnit adaptation of Mozilla Rhino Javascript engine for Java. 
		Changes are documented by a diff (rhinoDiff.txt) contained in the generated jar files.
	

License:

Mozilla Public License version 2.0: http://www.mozilla.org/MPL/2.0/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/htmlunit-core-js-2.15.jar
MD5: 8b1545c5016bbf9ced130a820358fd97
SHA1: a16512d2d032155cfa84fa1dcce79fe0aaa8b56a
SHA256:d195d94711d839c291fa70cfbf49c5cce84f26d4cebaa7d277ded960a16a41e2

Identifiers

httpclient-4.3.4.jar

Description:

 
   HttpComponents Client
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/httpclient-4.3.4.jar
MD5: 1120f36f85cb6310332674010390ff78
SHA1: a9a1fef2faefed639ee0d0fba5b3b8e4eb2ff2d8
SHA256:a77f2bbc346af46028d63e8807eacac3fbe8478e3d2f039f9f6053248a743cf6

Identifiers

CVE-2014-3577  

Severity:Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)

org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.

Vulnerable Software & Versions: (show all)

CVE-2015-5262  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CWE: CWE-399 Resource Management Errors

http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang) via unspecified vectors.

Vulnerable Software & Versions: (show all)

httpcore-4.3.2.jar

Description:

 
   HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/httpcore-4.3.2.jar
MD5: ee3d34dce4a30c7d3002cadf8c9172c1
SHA1: 31fbbff1ddbf98f3aa7377c94d33b0447c646b6e
SHA256:abd02320e2356f89d054dae4cf02306bef20a9cf7865b3ac94ec7552b4f1528b

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.3.2  Confidence:High

httpmime-4.3.3.jar

Description:

 
   HttpComponents HttpClient - MIME coded entities
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/httpmime-4.3.3.jar
MD5: 577024ce7a28eea8ff9ea23400e09317
SHA1: e02368d7b56c0c376f227378a4f77de62864d020
SHA256:61434dbb2314cbb8d28025feb6ae53bbc45d1042daa34371d8911e1e7f570b36

Identifiers

  • maven: org.apache.httpcomponents:httpmime:4.3.3  Confidence:High

ini4j-0.5.2.jar

Description:

 Java API for handling configuration files in Windows .ini format. The library includes its own Map based API, Java Preferences API and Java Beans API for handling .ini files. Additionally, the library includes a feature rich (variable/macro substitution, multiply property values, etc) java.util.Properties replacement.

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/ini4j-0.5.2.jar
MD5: 50738a9e30cce8f6d63d5a2b63fffd63
SHA1: 16561cb11c221b5928119e10d7636c95ee5c960d
SHA256:631656eb38639b0ae41161f706ff7fbe04313b5b8f42892da5ec656390031fc6

Identifiers

  • maven: org.ini4j:ini4j:0.5.2  Confidence:High

jetty-http-8.1.15.v20140411.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/jetty-http-8.1.15.v20140411.jar
MD5: a2d0df2ebc8c428c62a152682f4c42ad
SHA1: ab816e1b5eb0e055cfa4f3aef6876de210e2be7b
SHA256:cd9bf9c4a1944ee157407450d05631e4b989382e2ac673f3308ccabca3403386

Identifiers

  • maven: org.eclipse.jetty:jetty-http:8.1.15.v20140411  Confidence:High
  • cpe: cpe:/a:jetty:jetty:8.1.15.v20140411  Confidence:Low  
  • cpe: cpe:/a:eclipse:jetty:8.1.15.v20140411  Confidence:Low  

CVE-2017-7656  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.

Vulnerable Software & Versions: (show all)

CVE-2017-7657  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-190 Integer Overflow or Wraparound

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

Vulnerable Software & Versions: (show all)

CVE-2017-7658  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-19 Data Processing Errors

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Vulnerable Software & Versions: (show all)

CVE-2017-9735  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

Vulnerable Software & Versions:

jetty-io-8.1.15.v20140411.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/jetty-io-8.1.15.v20140411.jar
MD5: d5fa0d9d4c890d0d08dbc00cbe613569
SHA1: 8849cf59187275366cd05f37b2fb71319291370b
SHA256:61545238b1d7c8598d7621a9af7ecf0bda16098fc504b8e666c9f0d508bab1d5

Identifiers

  • maven: org.eclipse.jetty:jetty-io:8.1.15.v20140411  Confidence:High

jna-3.4.0.jar

Description:

 Java Native Access

License:

LGPL, version 2.1: http://creativecommons.org/licenses/LGPL/2.1/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/jna-3.4.0.jar
MD5: 52b0d8408b694de10ce93c85514aaa10
SHA1: 803ff252fedbd395baffd43b37341dc4a150a554
SHA256:3bff6a1489b8e54cf130344bc5e8744db331045ad2fc736612576e1d80eb1f48

Identifiers

lib-htmlunit.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/lib-htmlunit.jar
MD5: 81188b496f98d0f59866d3635e9e6782
SHA1: 2232cdfb82f748a9784c9203adbc5530cb5db24f
SHA256:3619d8428587b60976993bf59155a6fbb1965e480220012a8a01d491f2b6a7d3

Identifiers

  • None

nekohtml-1.9.21.jar

Description:

 An HTML parser and tag balancer.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/nekohtml-1.9.21.jar
MD5: 34de057c7bfa45800b9c0070d46fbce2
SHA1: 6841b177ab20385a9e9e0c83be3bf8711a6bc5e4
SHA256:c88b0557a51f0e035fccb8e216738c3449fb937ee157888adfafeddb65f9c41e

Identifiers

netty-3.5.2.Final.jar

Description:

 
    The Netty project is an effort to provide an asynchronous event-driven
    network application framework and tools for rapid development of
    maintainable high performance and high scalability protocol servers and
    clients.  In other words, Netty is a NIO client server framework which
    enables quick and easy development of network applications such as protocol
    servers and clients. It greatly simplifies and streamlines network
    programming such as TCP and UDP socket server.
  

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/netty-3.5.2.Final.jar
MD5: 2d75cefef03243943a3673d452b57f1f
SHA1: e6fb74a0699abe108969b2ec1f269391169a0426
SHA256:41644d7025378c62cffc165bd99bda1f6f11db381c1f7773c56a19294eb8cd31

Identifiers

  • cpe: cpe:/a:netty_project:netty:3.5.2  Confidence:Low  
  • maven: io.netty:netty:3.5.2.Final  Confidence:High

CVE-2014-3488  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Vulnerable Software & Versions: (show all)

CVE-2015-2156  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-20 Improper Input Validation

Netty before 3.9.8.Final, 3.10.x before 3.10.3.Final, 4.0.x before 4.0.28.Final, and 4.1.x before 4.1.0.Beta5 and Play Framework 2.x before 2.3.9 might allow remote attackers to bypass the httpOnly flag on cookies and obtain sensitive information by leveraging improper validation of cookie name and value characters.

Vulnerable Software & Versions: (show all)

operadriver-1.5.jar

Description:

 OperaDriver is a vendor-supported WebDriver implementation developed by Opera Software and volunteers that implements WebDriver's wire protocol.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/operadriver-1.5.jar
MD5: afe1503a091d63c67e8d945783e25423
SHA1: 3875fb993d2b2b937ced0246b578c3c3f3f32f9e
SHA256:c23698d992d983060fcd897e819d33e9598b242815a9ae625621d80a3bba1139

Identifiers

  • cpe: cpe:/a:opera:opera:1.5  Confidence:Low  
  • maven: com.opera:operadriver:1.5  Confidence:High
  • cpe: cpe:/a:opera_software:opera:1.5  Confidence:Low  

CVE-2003-1561  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

Vulnerable Software & Versions:

CVE-2008-1761  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-399 Resource Management Errors

Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.

Vulnerable Software & Versions: (show all)

CVE-2008-1764  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "keyboard handling of password inputs."

Vulnerable Software & Versions: (show all)

CVE-2008-3079  

Severity:High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors.

Vulnerable Software & Versions:

CVE-2008-3172  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."

Vulnerable Software & Versions:

CVE-2008-4293  

Severity:High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications.

Vulnerable Software & Versions: (show all)

CVE-2008-4695  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-200 Information Exposure

Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.

Vulnerable Software & Versions: (show all)

CVE-2008-4696  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).

Vulnerable Software & Versions: (show all)

CVE-2008-4794  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-20 Improper Input Validation

Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696.

Vulnerable Software & Versions: (show all)

CVE-2008-4795  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.

Vulnerable Software & Versions: (show all)

CVE-2008-5679  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-399 Resource Management Errors

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.

Vulnerable Software & Versions: (show all)

CVE-2009-0915  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.

Vulnerable Software & Versions: (show all)

CVE-2009-2068  

Severity:Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CWE: CWE-287 Improper Authentication

Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

Vulnerable Software & Versions: (show all)

CVE-2010-5227  

Severity:Medium
CVSS Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file.  NOTE: some of these details are obtained from third party information.

Vulnerable Software & Versions:

CVE-2015-8960  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-310 Cryptographic Issues

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.

Vulnerable Software & Versions: (show all)

CVE-2016-7152  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Vulnerable Software & Versions: (show all)

operalaunchers-1.1.jar

Description:

 The launchers are used for starting, stopping and monitoring of Opera.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/operalaunchers-1.1.jar
MD5: efc0db3273a50c6674c77dc75bc446c4
SHA1: 8f09d3dc6dcce5580666ae6e0556a7dbb6b1a563
SHA256:a034249c66ef6e5c12767eb8cb05ad04205c7ea232d5529ffb3792b613743db2

Identifiers

  • maven: com.opera:operalaunchers:1.1  Confidence:High
  • cpe: cpe:/a:opera:opera:1.1  Confidence:Low  
  • cpe: cpe:/a:opera_software:opera:1.1  Confidence:Low  

CVE-2003-1561  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.

Vulnerable Software & Versions:

CVE-2008-1761  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-399 Resource Management Errors

Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.

Vulnerable Software & Versions: (show all)

CVE-2008-1764  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "keyboard handling of password inputs."

Vulnerable Software & Versions: (show all)

CVE-2008-3079  

Severity:High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors.

Vulnerable Software & Versions:

CVE-2008-3172  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."

Vulnerable Software & Versions:

CVE-2008-4293  

Severity:High
CVSS Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications.

Vulnerable Software & Versions: (show all)

CVE-2008-4695  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-200 Information Exposure

Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.

Vulnerable Software & Versions: (show all)

CVE-2008-4696  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).

Vulnerable Software & Versions: (show all)

CVE-2008-4794  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-20 Improper Input Validation

Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696.

Vulnerable Software & Versions: (show all)

CVE-2008-4795  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.

Vulnerable Software & Versions: (show all)

CVE-2008-5679  

Severity:High
CVSS Score: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
CWE: CWE-399 Resource Management Errors

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.

Vulnerable Software & Versions: (show all)

CVE-2009-0915  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.

Vulnerable Software & Versions: (show all)

CVE-2009-2068  

Severity:Medium
CVSS Score: 5.8 (AV:N/AC:M/Au:N/C:P/I:P/A:N)
CWE: CWE-287 Improper Authentication

Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

Vulnerable Software & Versions: (show all)

CVE-2010-5227  

Severity:Medium
CVSS Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file.  NOTE: some of these details are obtained from third party information.

Vulnerable Software & Versions:

CVE-2015-8960  

Severity:Medium
CVSS Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CWE: CWE-310 Cryptographic Issues

The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.

Vulnerable Software & Versions: (show all)

CVE-2016-7152  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.

Vulnerable Software & Versions: (show all)

phantomjsdriver-1.2.1.jar

Description:

 
                                PhantomJSDriver is a Java binding for the PhantomJS WebDriver, GhostDriver.
                                The binding is developed within the GhostDriver project, and distributed through public Maven repository
                                and Selenium official .zip package.
                                

License:

The BSD 2-Clause License: http://opensource.org/licenses/BSD-2-Clause
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/phantomjsdriver-1.2.1.jar
MD5: 99bbea026ae4b67fb0af8ef7b56e678c
SHA1: c5106c0223512a467c03b26f8a31e4027ddaa495
SHA256:7905d9fe26e218e8fc899cfb919c29cc53d1b81a0843312335806327b9ac481d

Identifiers

platform-3.4.0.jar

Description:

 Java Native Access Platform

License:

LGPL, version 2.1: http://creativecommons.org/licenses/LGPL/2.1/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/platform-3.4.0.jar
MD5: c5057d6dc3a531708e4a91249fadda3f
SHA1: e3f70017be8100d3d6923f50b3d2ee17714e9c13
SHA256:ea89d5090c8303ba4e9a0056e6d8a20429f3e021411e950bfd9eba3b6e6cf15c

Identifiers

protobuf-java-2.4.1.jar

Description:

 
    Protocol Buffers are a way of encoding structured data in an efficient yet
    extensible format.
  

License:

New BSD license: http://www.opensource.org/licenses/bsd-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/protobuf-java-2.4.1.jar
MD5: 1253f05305eed82f6aae1d8c8aad43da
SHA1: 0c589509ec6fd86d5d2fda37e07c08538235d3b9
SHA256:ad9769a22989e688a46af4d3accc348cc501ced22118033230542bc916e33f0b

Identifiers

sac-1.3.jar

Description:

 SAC is a standard interface for CSS parsers.

License:

The W3C Software License: http://www.w3.org/Consortium/Legal/copyright-software-19980720
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/sac-1.3.jar
MD5: eb04fa63fc70c722f2b8ec156166343b
SHA1: cdb2dcb4e22b83d6b32b93095f644c3462739e82
SHA256:003785669f921aafe4f137468dd20a01a36111e94fd7449f26c16e7924d82d23

Identifiers

selenium-api-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-api-2.44.0.jar
MD5: 8459a4b2810ef1ca6a1d1eb201e69247
SHA1: ed8379783481df59c8046f9671c0e0195acd930d
SHA256:ff35f18376468e1c9494ef2f258bd59de775f4863958746c9253ab56f1256875

Identifiers

  • maven: org.seleniumhq.selenium:selenium-api:2.44.0  Confidence:High

selenium-chrome-driver-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-chrome-driver-2.44.0.jar
MD5: 0b6012949068419d0d9a1cd357479ea2
SHA1: 08322dfa839ec29ed7ba3397be3b9a49dda037d5
SHA256:52e36a2935044e411f29fd08a2dcb6945533fef4edebc987f8c7194bf43c6f64

Identifiers

  • maven: org.seleniumhq.selenium:selenium-chrome-driver:2.44.0  Confidence:High

selenium-firefox-driver-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-firefox-driver-2.44.0.jar
MD5: 7334f584cd7b8796a21e3b0d29318616
SHA1: 123ed3b0b8b70e51f6794ba1b1531a199e307249
SHA256:cc6c1b643232c97cff4043c5a88caee81171a42f05e0f3fd57e490e39d6c0aad

Identifiers

  • maven: org.seleniumhq.selenium:selenium-firefox-driver:2.44.0  Confidence:High

selenium-htmlunit-driver-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-htmlunit-driver-2.44.0.jar
MD5: 6a997362dae10f886067535076d5fc20
SHA1: aadf1303dedddddf059c8bd97b8816f28fec3cf8
SHA256:522e9faef9b5a840f53c9e4d2b81c14a41bd675c2635052b26a362889caa880b

Identifiers

  • maven: org.seleniumhq.selenium:selenium-htmlunit-driver:2.44.0  Confidence:High

selenium-ie-driver-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-ie-driver-2.44.0.jar
MD5: b4ee38d0bfe866d6ef880a6d4c07641f
SHA1: deee9750f5d20f7c78ad44a3c896bfbea613711a
SHA256:86a5d2a1d70c447e326e72e774d66ef9854dd97a97f359be84d938163ab9d657

Identifiers

  • maven: org.seleniumhq.selenium:selenium-ie-driver:2.44.0  Confidence:High

selenium-java-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-java-2.44.0.jar
MD5: 3aa24fea75577cdcc4ab44aa22cf168c
SHA1: f98c321ba1e4ec81a016bcadbf49c80c29ebdc69
SHA256:49476cac7bc9a11baa564d99272bf1f22aec412d5ea06f9fff0fa5650d696707

Identifiers

  • maven: org.seleniumhq.selenium:selenium-java:2.44.0  Confidence:High

selenium-remote-driver-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-remote-driver-2.44.0.jar
MD5: 924a87a9fa5c01b89364dd0f80f7b404
SHA1: ef7b79655dfab115b04dee1e2be22f2c3411c0e9
SHA256:0de066be6aaa66265d75d3fcb21f9f182a0de763b1cabf0a78b948fa2a54abed

Identifiers

  • maven: org.seleniumhq.selenium:selenium-remote-driver:2.44.0  Confidence:High

selenium-safari-driver-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-safari-driver-2.44.0.jar
MD5: 9b0825e9dd09b82a7c47780dbe890ddb
SHA1: c6e505c109c85022cee747eac07965cca78b6191
SHA256:0702de3d42ee52579b14e26397e795ebbd95a1470b56406fbec788158103bf77

Identifiers

  • maven: org.seleniumhq.selenium:selenium-safari-driver:2.44.0  Confidence:High

selenium-support-2.44.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/selenium-support-2.44.0.jar
MD5: 52358209bfca9328ec9829bd24d8335e
SHA1: 42825651e29d1b850699233687a0767063bef153
SHA256:79395abca8d2d2680f1bf9df8b3501d0ffaad55a5bd88b1eaba167999e29c017

Identifiers

  • maven: org.seleniumhq.selenium:selenium-support:2.44.0  Confidence:High

serializer-2.7.1.jar

Description:

 
    Serializer to write out XML, HTML etc. as a stream of characters from an input DOM or from input
    SAX events.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/serializer-2.7.1.jar
MD5: a6b64dfe58229bdd810263fa0cc54cff
SHA1: 4b4b18df434451249bb65a63f2fb69e215a6a020
SHA256:a15078d243d4a20b6b4e8ae2f61ed4655e352054e121aada6f7441f1ed445a3c

Identifiers

CVE-2014-0107  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.

Vulnerable Software & Versions: (show all)

webbit-0.4.14.jar

Description:

 A Java event based WebSocket and HTTP server

License:

BSD License: http://www.opensource.org/licenses/bsd-license
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/webbit-0.4.14.jar
MD5: 2557525150b95159e58c88f5e06e1a0a
SHA1: 3bf3f17fe41fb34c4d98663957ec0795a6b6653e
SHA256:3dce8681b6afebf1704d307f5124963723515bf75c586a525ef68f3720743bca

Identifiers

  • maven: org.webbitserver:webbit:0.4.14  Confidence:High
  • cpe: cpe:/a:id:id-software:0.4.14  Confidence:Low  

xalan-2.7.1.jar

Description:

 
    Xalan-Java is an XSLT processor for transforming XML documents into HTML,
    text, or other XML document types. It implements XSL Transformations (XSLT)
    Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from
    the command line, in an applet or a servlet, or as a module in other program.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/xalan-2.7.1.jar
MD5: d43aad24f2c143b675292ccfef487f9c
SHA1: 75f1d83ce27bab5f29fff034fc74aa9f7266f22a
SHA256:55a2e95144acf1abe44fea91c2948525c9b1f00fcaa1d10e753e92872ffbdd1e

Identifiers

CVE-2014-0107  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-264 Permissions, Privileges, and Access Controls

The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.

Vulnerable Software & Versions: (show all)

lib-http.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-http/lib-http.jar
MD5: f7baf60e455f9beee87aeb13c7a6f488
SHA1: 8697754fd0f84ee384d9d9f71e903a4db7018e12
SHA256:f2376a9ec1196f012ba5f7ae66e4897c949108190c3cfb38520196890e21d1ba

Identifiers

  • None

nekohtml-1.9.19.jar

Description:

 An HTML parser and tag balancer.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-nekohtml/nekohtml-1.9.19.jar
MD5: 62aa02563ef8a3e0aaafe0f9cefa4d38
SHA1: 8a49406347d345bade1e6152e05e5f4dcbf7def5
SHA256:c60dd5e2e6fe77c715bb12b82358aaf94ab7687b7565d197a98e79c128517bc3

Identifiers

gson-2.8.4.jar

Description:

 Gson JSON library

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-rabbitmq/gson-2.8.4.jar
MD5: 5c5fa99b264e68546620cb81d6340e43
SHA1: d0de1ca9b69e69d1d497ee3c6009d015f64dad57
SHA256:53bc5fe7644db908e6071d6c8b59059acadce7fc14217933d7251994e8673104

Identifiers

  • maven: com.google.code.gson:gson:2.8.4  Confidence:High

lib-rabbitmq.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-rabbitmq/lib-rabbitmq.jar
MD5: 36704bcfea72af8932e47ea900544e54
SHA1: ab30ee8264b28f25176ea6184240b875eae436fd
SHA256:c5b791733347601a79198b1b0a518b29a5a17d9c7ec64ede611364e4d58a46d9

Identifiers

  • None

lib-regex-filter.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-regex-filter/lib-regex-filter.jar
MD5: 73bb5b981f9adc989a9736adaa0801f0
SHA1: 6b17f2eb7e541646746fa7fc44c2530b98919cb3
SHA256:6100e276c02a9baca4a700dcceed18219cef56b73574cb6f0a1f26d0d00e8f14

Identifiers

  • None

cssparser-0.9.16.jar

Description:

 A CSS parser which implements SAC (the Simple API for CSS).

License:

GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/cssparser-0.9.16.jar
MD5: af14f5c8070a33b588cc7e2c2986bc38
SHA1: 3f751904d467537b8ee99c612e69d4e79d6271cf
SHA256:2627c940a33f2f94f7240cbcdea5cd0efb1eebd4c3dbd7b4b8381f2ac8a2e920

Identifiers

  • maven: net.sourceforge.cssparser:cssparser:0.9.16  Confidence:High

gson-2.3.1.jar

Description:

 Google Gson library

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/gson-2.3.1.jar
MD5: e16b1b8fca0980263f764f633ec91dd6
SHA1: ecb6e1f8e4b0e84c4b886c2f14a1500caf309757
SHA256:13f44a2f6ead058da80a91ee650c073871942468e684a9bf6a0d0319138924ce

Identifiers

htmlunit-2.18.jar

Description:

 A headless browser intended for use in testing web-based applications.

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/htmlunit-2.18.jar
MD5: d617b3421a9968412f15f4958bd159c7
SHA1: ec30f76601f7010abbc09cc8ec401cb183916371
SHA256:8f89ed65f6c53953f163a98a8a7f663586fbf60642826260ea26c4da6931b6e6

Identifiers

  • maven: net.sourceforge.htmlunit:htmlunit:2.19-SNAPSHOT  Confidence:High

htmlunit-core-js-2.17.jar

Description:

 
		HtmlUnit adaptation of Mozilla Rhino Javascript engine for Java. 
		Changes are documented by a diff (rhinoDiff.txt) contained in the generated jar files.
	

License:

Mozilla Public License version 2.0: http://www.mozilla.org/MPL/2.0/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/htmlunit-core-js-2.17.jar
MD5: c647e20db0da7ec16b7738c13c652084
SHA1: 4316d68f449d42f69faf4ee255aa31b03e4f7dd5
SHA256:32fd749af1599ab0daf22b60cbe97b6792cb9fe8b4220496a3adb667e58a5c3c

Identifiers

httpclient-4.5.1.jar

Description:

 
   Apache HttpComponents Client
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/httpclient-4.5.1.jar
MD5: 53cad957821a4bacaf9e108af24e6f90
SHA1: 7e3cecc566df91338c6c67883b89ddd05a17db43
SHA256:0ba1a340188f33408632cedbe25d6fe17c1458bde17680a06cd6f6a69476ff74

Identifiers

  • cpe: cpe:/a:apache:httpclient:4.5.1  Confidence:Low  
  • maven: org.apache.httpcomponents:httpclient:4.5.1  Confidence:High

httpcore-4.4.3.jar

Description:

 
   Apache HttpComponents Core (blocking I/O)
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/httpcore-4.4.3.jar
MD5: 5eba53f2780907ee01f224e1133f4bde
SHA1: e876a79d561e5c6207b78d347e198c8c4531a5e5
SHA256:e4ce096fab656865f0d78d88887377111fb2f3bcd5004c1cddbc899987f32b5e

Identifiers

  • maven: org.apache.httpcomponents:httpcore:4.4.3  Confidence:High

httpmime-4.5.jar

Description:

 
   Apache HttpComponents HttpClient - MIME coded entities
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/httpmime-4.5.jar
MD5: 8a768c022f99922e56daba7b3d185d65
SHA1: 7bdb321e86724b16af6134a0fd22fec649eda971
SHA256:7c4c1b47ea07a4325f06adf770d74c50b84512236df8860c872ca9fa9d58ac39

Identifiers

  • maven: org.apache.httpcomponents:httpmime:4.5  Confidence:High

jetty-io-9.2.12.v20150709.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/jetty-io-9.2.12.v20150709.jar
MD5: 78effcd19de2bc16fa60debc99843e8b
SHA1: c02e9e303d231a589e0c8866c1ee89bcdeb40a55
SHA256:81a16206da9e710b3b4250cf4728c2aef300f12699a7cd2828aef94568a3c7ed

Identifiers

  • maven: org.eclipse.jetty:jetty-io:9.2.12.v20150709  Confidence:High

jetty-util-9.2.12.v20150709.jar

Description:

 Utility classes for Jetty

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/jetty-util-9.2.12.v20150709.jar
MD5: 2fa490274ea58515ab882a20e66a9a16
SHA1: d99d38adfdb5ec677643f04fa862554b0bb8b42e
SHA256:6e6c7b72b1a7d87e3a5924f849ecfc0059c23e748423f370e99b5a44d8edb3d7

Identifiers

  • maven: org.eclipse.jetty:jetty-util:9.2.12.v20150709  Confidence:High
  • cpe: cpe:/a:jetty:jetty:9.2.12.v20150709  Confidence:Low  
  • cpe: cpe:/a:eclipse:jetty:9.2.12.v20150709  Confidence:Low  

CVE-2017-7656  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.

Vulnerable Software & Versions: (show all)

CVE-2017-7657  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-190 Integer Overflow or Wraparound

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

Vulnerable Software & Versions: (show all)

CVE-2017-7658  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-19 Data Processing Errors

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Vulnerable Software & Versions: (show all)

CVE-2017-9735  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

Vulnerable Software & Versions:

jna-platform-4.1.0.jar

Description:

 Java Native Access Platform

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
ASL, version 2: http://www.apache.org/licenses/
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/jna-platform-4.1.0.jar
MD5: 533e404eda70bbf8e40de134ffeec95b
SHA1: 23457ad1cf75c2c16763330de5565a0e67b4bc0a
SHA256:f91ba7c0f26c34f04bf57d2ae30d4b19f906e7bb1de90eb3e1f4fdbf45d0c541

Identifiers

lib-selenium.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/lib-selenium.jar
MD5: f591d1ad5d726e32f64e77e5c45cfe65
SHA1: e7e31b8af4f842eb1e57a97b0f5f2c7dfe1a6676
SHA256:016a029a58751c6be0017afe54c1a32239fab27621444dc1a965ee01baba152b

Identifiers

  • None

nekohtml-1.9.22.jar

Description:

 An HTML parser and tag balancer.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/nekohtml-1.9.22.jar
MD5: a97dfe2d0ceb81ffbdd15436961b0f23
SHA1: 4f54af68ecb345f2453fb6884672ad08414154e3
SHA256:452978e8b6667c7b8357fd3f0a2f2f405e4560a7148143a69181735da5d19045

Identifiers

selenium-api-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-api-2.48.2.jar
MD5: edd38db05640d62a5c0e7e961f88241d
SHA1: a0ae87eb600f042cf678266221e948d02cf9bce1
SHA256:5f2d190a2b1bb157444540d4a7089107c7f0165acf5401877185b4afd105c7c3

Identifiers

  • maven: org.seleniumhq.selenium:selenium-api:2.48.2  Confidence:High

selenium-chrome-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-chrome-driver-2.48.2.jar
MD5: af47f8c41436d67e80ece4489db6d784
SHA1: 1c22091849c3f4ee5b7418e7eb91ee1e88d76ccc
SHA256:bb5ad652ba0f91cc3ce5c4e35085214d482a855d692d47f216c044e413450c4b

Identifiers

  • maven: org.seleniumhq.selenium:selenium-chrome-driver:2.48.2  Confidence:High

selenium-edge-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-edge-driver-2.48.2.jar
MD5: 285eca8b078f22e01ef6fe72dd77db60
SHA1: 58ce29b698328f076bb5204ba97339437c61698f
SHA256:91510f858885fb0f214203aef7eba36d5233d5e022640f7b8c77189508a970b8

Identifiers

  • maven: org.seleniumhq.selenium:selenium-edge-driver:2.48.2  Confidence:High

selenium-firefox-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-firefox-driver-2.48.2.jar
MD5: 32fa527b688cc811a731c8b62d9f0298
SHA1: 947d3e890dac4ee569af6ab667eab3da223b4ba6
SHA256:42825eb9e6fea09110c9e462738ea3e9ab155e553344789042441394bd8910b9

Identifiers

  • maven: org.seleniumhq.selenium:selenium-firefox-driver:2.48.2  Confidence:High

selenium-htmlunit-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-htmlunit-driver-2.48.2.jar
MD5: a56ad5893d225a897fa010b0603ae303
SHA1: 2d75ff755ae721373cd925eb06175addae6c4f10
SHA256:344780544682a1169d8e74b6d0f7843fab0ee3d51efbdc544351a1ce2615260b

Identifiers

  • maven: org.seleniumhq.selenium:selenium-htmlunit-driver:2.48.2  Confidence:High

selenium-ie-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-ie-driver-2.48.2.jar
MD5: 96d3bb724c6505ac5d5963ca4bddeb5b
SHA1: 8278d774a0945374e1a2f7cf1577c3c896e92144
SHA256:95d176f996e678149578a2b57ca87c9dc7d175577fc9e8b994d3e64ef9f88f65

Identifiers

  • maven: org.seleniumhq.selenium:selenium-ie-driver:2.48.2  Confidence:High

selenium-java-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-java-2.48.2.jar
MD5: cb8653053bc72c5a63d9233ab97356db
SHA1: 97e2c7b45cfe3e11a33d4710660838eb57a42531
SHA256:5d3a2562379270ec7acc46cc42d27f9255f42b61cd79444a41a73ff55a5b444e

Identifiers

  • maven: org.seleniumhq.selenium:selenium-java:2.48.2  Confidence:High

selenium-leg-rc-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-leg-rc-2.48.2.jar
MD5: 6bb9d5033d4ddd825eb4704641137763
SHA1: 5a8fc124ecfcc2f99ff44f2d032210b60d91c6d6
SHA256:d2f92575d460d673ca66d9b6dcaeb179b319273cf480d796962da96971daa05c

Identifiers

  • maven: org.seleniumhq.selenium:selenium-leg-rc:2.48.2  Confidence:High

selenium-remote-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-remote-driver-2.48.2.jar
MD5: 0ca557bf5621f59f7ec9e2c25c129b4e
SHA1: c35f3cbc64b254ae931c373f126c3a5ef82dde4a
SHA256:64d0aed881964938b18b0a23cedd2bba410c8c41ce1bf26fc280f57b36b2d29a

Identifiers

  • maven: org.seleniumhq.selenium:selenium-remote-driver:2.48.2  Confidence:High

selenium-safari-driver-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-safari-driver-2.48.2.jar
MD5: a0ddfdee72b3c6ac2b38966fe7eb9641
SHA1: 06a6340819a62ba1e0ba8277d8f2949127f455a3
SHA256:f7649066cefa5f73182170ca3c3c394bbc3c7e23133d9f5daf3126a801cc3871

Identifiers

  • maven: org.seleniumhq.selenium:selenium-safari-driver:2.48.2  Confidence:High

selenium-support-2.48.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/selenium-support-2.48.2.jar
MD5: fdf863b7d4f0205aece209a4f369d0b8
SHA1: bc39b5db73598c65ebaeba15db64dd07ed0212fd
SHA256:638fd743db6557d344c68b1a7a07f1db164174425ad1d3307609c90f99c34430

Identifiers

  • maven: org.seleniumhq.selenium:selenium-support:2.48.2  Confidence:High

serializer-2.7.2.jar

Description:

 
    Serializer to write out XML, HTML etc. as a stream of characters from an input DOM or from input
    SAX events.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/serializer-2.7.2.jar
MD5: e8325763fd4235f174ab7b72ed815db1
SHA1: 24247f3bb052ee068971393bdb83e04512bb1c3c
SHA256:e8f5b4340d3b12a0cfa44ac2db4be4e0639e479ae847df04c4ed8b521734bb4a

Identifiers

  • cpe: cpe:/a:apache:xalan-java:2.7.2  Confidence:Low  
  • maven: xalan:serializer:2.7.2   Confidence:Highest

websocket-api-9.2.12.v20150709.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/websocket-api-9.2.12.v20150709.jar
MD5: 24ea17254d3623e981ddb9eaf646817f
SHA1: 6bb55e8ef1a385e40f144a240492915b89914cfb
SHA256:4bf92ec42aaf8e6fd219ffc408ae68a3e1988638bb17494f72ebb65ddd4f6dc0

Identifiers

  • maven: org.eclipse.jetty.websocket:websocket-api:9.2.12.v20150709  Confidence:High

websocket-client-9.2.12.v20150709.jar

Description:

 Administrative parent pom for Jetty modules

License:

http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/websocket-client-9.2.12.v20150709.jar
MD5: b3ae1e2cdaa4c010e4fe1cc13cc79483
SHA1: 79e439a426514af24e693c78662cb2b4db2be3c6
SHA256:79a0d55d6e05dff0e69a149deac5211cb57025d2d9b2bb998a653eb80d99f41c

Identifiers

  • cpe: cpe:/a:jetty:jetty:9.2.12.v20150709  Confidence:Low  
  • cpe: cpe:/a:eclipse:jetty:9.2.12.v20150709  Confidence:Low  
  • maven: org.eclipse.jetty.websocket:websocket-client:9.2.12.v20150709  Confidence:High

CVE-2017-7656  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-284 Improper Access Control

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly. An HTTP/1 style request line (i.e. method space URI space version) that declares a version of HTTP/0.9 was accepted and treated as a 0.9 request. If deployed behind an intermediary that also accepted and passed through the 0.9 version (but did not act on it), then the response sent could be interpreted by the intermediary as HTTP/1 headers. This could be used to poison the cache if the server allowed the origin client to generate arbitrary content in the response.

Vulnerable Software & Versions: (show all)

CVE-2017-7657  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-190 Integer Overflow or Wraparound

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly. The chunk length parsing was vulnerable to an integer overflow. Thus a large chunk size could be interpreted as a smaller chunk size and content sent as chunk body could be interpreted as a pipelined request. If Jetty was deployed behind an intermediary that imposed some authorization and that intermediary allowed arbitrarily large chunks to be passed on unchanged, then this flaw could be used to bypass the authorization imposed by the intermediary as the fake pipelined request would not be interpreted by the intermediary as a request.

Vulnerable Software & Versions: (show all)

CVE-2017-7658  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-19 Data Processing Errors

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second. When presented with a content-length and a chunked encoding header, the content-length was ignored (as per RFC 2616). If an intermediary decided on the shorter length, but still passed on the longer body, then body content could be interpreted by Jetty as a pipelined request. If the intermediary was imposing authorization, the fake pipelined request would bypass that authorization.

Vulnerable Software & Versions: (show all)

CVE-2017-9735  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.

Vulnerable Software & Versions:

xalan-2.7.2.jar

Description:

 
    Xalan-Java is an XSLT processor for transforming XML documents into HTML,
    text, or other XML document types. It implements XSL Transformations (XSLT)
    Version 1.0 and XML Path Language (XPath) Version 1.0 and can be used from
    the command line, in an applet or a servlet, or as a module in other program.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-selenium/xalan-2.7.2.jar
MD5: 6aa6607802502c8016b676f25f8e4873
SHA1: d55d3f02a56ec4c25695fe67e1334ff8c2ecea23
SHA256:a44bd80e82cb0f4cfac0dac8575746223802514e3cec9dc75235bc0de646af14

Identifiers

  • maven: xalan:xalan:2.7.2   Confidence:Highest
  • cpe: cpe:/a:apache:xalan-java:2.7.2  Confidence:Low  

jaxen-1.1.1.jar

Description:

 Jaxen is a universal Java XPath engine.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-xml/jaxen-1.1.1.jar
MD5: 261d1aa59865842ecc32b3848b0c6538
SHA1: 9f5d3c5974dbe5cf69c2c2ec7d8a4eb6e0fce7f9
SHA256:160958f42f60fff817d6c0b1b02fd9284b3f0fcb46e61d38866f65b7af4d329d

Identifiers

jdom-1.1.jar

Description:

 
    JDOM is, quite simply, a Java representation of an XML document. JDOM provides a way to represent that document for
    easy and efficient reading, manipulation, and writing. It has a straightforward API, is a lightweight and fast, and
    is optimized for the Java programmer. It's an alternative to DOM and SAX, although it integrates well with both DOM
    and SAX.
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-xml/jdom-1.1.jar
MD5: adf67fc5dcf48e1593640ad7e02f6ad4
SHA1: 1d04c0f321ea337f3661cf7ede8f4c6f653a8fdd
SHA256:3c167654499436ee9c19674b519d04e7364085533f6facada1bf90b16ad34897

Identifiers

lib-xml.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-xml/lib-xml.jar
MD5: 1e62ddc7e9854b9cd712fe48d8d32ecb
SHA1: 43234b17153c93de913e9de51dbec558771c466b
SHA256:1cf75da0d40496eb9644f898497ea175172d7f19ee695fdcf261cbab419d6a2a

Identifiers

  • None

microformats-reltag.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/microformats-reltag/microformats-reltag.jar
MD5: 910556f0ac7a507030769f6297e27d4c
SHA1: c9ea6e788c3043e91501277d539e912572c20b8f
SHA256:0c605cee5eade39781218a50f9bc5d1172867510e2a6f10030222c8741775f5a

Identifiers

  • None

mimetype-filter.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/mimetype-filter/mimetype-filter.jar
MD5: 21457cb844e2f8aa122ef5037ef5c97e
SHA1: f0d1e92d1986b3ac9b69681e25c2a9d245cb7bdb
SHA256:d3f704b46d52f8f3bd47cf01dfd6bb75ca656fb1c121e8e2ddc369a0096b5be7

Identifiers

  • None

parse-ext.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-ext/parse-ext.jar
MD5: ac36ae630053df6d0618063c79bf7914
SHA1: df3cca9034d94e85eacca02a77b6590efede1097
SHA256:c906ae5594d6011bf2a076ef3c61bb0d13915cca1b838accabf49d50cffa826d

Identifiers

  • None

parse-html.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-html/parse-html.jar
MD5: b9ad5c547aa4700701b800cbc609c6f4
SHA1: efd84fcb70e7bd2c7be3e3d2cb618aefe2d31b4a
SHA256:1333af4b9a8b43600aa5aa1d0012b7029ed7c3f7a51a8902d4312fcbcb38617f

Identifiers

  • None

parse-js.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-js/parse-js.jar
MD5: dc200e2a89495ca6c7747104150752fe
SHA1: 35a736090947e66996b31b813a9010d28d3cd212
SHA256:c27ce949416ada214b05604bbac80334d0fa689425676bc94606783e75dc95cf

Identifiers

  • None

parse-metatags.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-metatags/parse-metatags.jar
MD5: 4a044af7f0e15b845056502433edab20
SHA1: 5b553ea79d745b1272a16aa5c51a48fb2d434dbf
SHA256:644ce9de86d63affdb07f5a9b753784c2032eda217de90e40b61d2a19c5357b6

Identifiers

  • None

javaswf.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-swf/javaswf.jar
MD5: 05b689de727f5707e17b86b37a243d69
SHA1: 30cfcb4164c185bd3c2502eaa218ab32911cceca
SHA256:18296394efaedd8a0e86abeb76a9e680d719d4a6c3a450214d4562c6a001c4b2

Identifiers

  • None

parse-swf.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-swf/parse-swf.jar
MD5: 90577b77838a05237b55c9ed1e837ff8
SHA1: 12a98c8090767ea6c9822d236a82fbc2c2fab0e1
SHA256:8139c7117a9c4467aec0b26b9e3f71d55e29dc12d419469b2149af1106942e4c

Identifiers

  • None

FastInfoset-1.2.13.jar

Description:

 Open Source implementation of the Fast Infoset Standard for Binary XML (http://www.itu.int/ITU-T/asn1/).

License:

http://www.opensource.org/licenses/apache2.0.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/FastInfoset-1.2.13.jar
MD5: 4f941b36a4c9e827e68e8f3249253240
SHA1: 098f56b9354e27bd2941cc5d461344e240ae51ae
SHA256:27a77db909f3c2833c0b1a37c55af1db06045118ad2eed96ce567b6632bce038

Identifiers

  • maven: com.sun.xml.fastinfoset:FastInfoset:1.2.13  Confidence:High

activation-1.1.1.jar

Description:

 The JavaBeans(TM) Activation Framework is used by the JavaMail(TM) API to manage MIME data

License:

COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/activation-1.1.1.jar
MD5: 46a37512971d8eca81c3fcf245bf07d2
SHA1: 485de3a253e23f645037828c07f1d7f1af40763a
SHA256:ae475120e9fcd99b4b00b38329bd61cdc5eb754eee03fe66c01f50e137724f99

Identifiers

apache-mime4j-core-0.8.2.jar

Description:

 Java stream based MIME message parser

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/apache-mime4j-core-0.8.2.jar
MD5: fc845475cb799719adfb627b564b095a
SHA1: 94919d81969c67c5894646338bf10fbc35f5a946
SHA256:55d1624378d8cc98466b050566a4746e5563cdd66054d87365ef613cb1f13276

Identifiers

  • maven: org.apache.james:apache-mime4j-core:0.8.2  Confidence:High
  • cpe: cpe:/a:apache:james:0.8.2  Confidence:Low  

asm-6.2.jar

Description:

 ASM, a very small and fast Java bytecode manipulation framework

License:

BSD: http://asm.ow2.org/license.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/asm-6.2.jar
MD5: 7abdce94068615d690495f45eb6eb980
SHA1: 1b6c4ff09ce03f3052429139c2a68e295cae6604
SHA256:917bda888bc543187325d5fbc1034207eed152574ef78df1734ca0aee40b7fc8

Identifiers

bcmail-jdk15on-1.60.jar

Description:

 The Bouncy Castle Java S/MIME APIs for handling S/MIME protocols. This jar contains S/MIME APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs. The JavaMail API and the Java activation framework will also be needed.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/bcmail-jdk15on-1.60.jar
MD5: 43955f9f9b98389d316d4cd0bbff07d0
SHA1: df0250131a6e85e546ec5b1bf964f7f2ff3a42fc
SHA256:e5a4ca074046d0e0e1f3fa550da16c7b9616c12fef5a2416e953804f28444e35

Identifiers

bcpkix-jdk15on-1.60.jar

Description:

 The Bouncy Castle Java APIs for CMS, PKCS, EAC, TSP, CMP, CRMF, OCSP, and certificate generation. This jar contains APIs for JDK 1.5 to JDK 1.8. The APIs can be used in conjunction with a JCE/JCA provider such as the one provided with the Bouncy Castle Cryptography APIs.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/bcpkix-jdk15on-1.60.jar
MD5: edc6f012c19cf74d70964187a4ab32ba
SHA1: d0c46320fbc07be3a24eb13a56cee4e3d38e0c75
SHA256:a82ac5bc24bcbf6ba9eb70f334d6782e25245c8da36d9848ad553b5b7b68efd1

Identifiers

bcprov-jdk15on-1.60.jar

Description:

 The Bouncy Castle Crypto package is a Java implementation of cryptographic algorithms. This jar contains JCE provider and lightweight API for the Bouncy Castle Cryptography APIs for JDK 1.5 to JDK 1.8.

License:

Bouncy Castle Licence: http://www.bouncycastle.org/licence.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/bcprov-jdk15on-1.60.jar
MD5: 435ff931af9ed4430d2a27456b0386b2
SHA1: bd47ad3bd14b8e82595c7adaa143501e60842a84
SHA256:7f1a0e6badab38666f8467a9a0ee96656b2f8ec8623867ed34f3cdc173b7ee07

Identifiers

  • cpe: cpe:/a:bouncycastle:bouncy_castle_crypto_package:1.60  Confidence:Low  
  • maven: org.bouncycastle:bcprov-jdk15on:1.60   Confidence:Highest
  • cpe: cpe:/a:bouncycastle:bouncy-castle-crypto-package:1.60  Confidence:Low  

commons-collections4-4.2.jar

Description:

 The Apache Commons Collections package contains types that extend and augment the Java Collections Framework.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/commons-collections4-4.2.jar
MD5: b290524be8a0dbb6521df95f4ce80c8d
SHA1: 54ebea0a5b653d3c680131e73fe807bb8f78c4ed
SHA256:6a594721d51444fd97b3eaefc998a77f606dedb03def494f74755aead3c9df3e

Identifiers

  • maven: org.apache.commons:commons-collections4:4.2  Confidence:High
  • cpe: cpe:/a:apache:commons_collections:4.2  Confidence:Low  

commons-compress-1.18.jar

Description:

 
Apache Commons Compress software defines an API for working with
compression and archive formats.  These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/commons-compress-1.18.jar
MD5: bcbecfff4bdb0d3d0cdead3d995da2ef
SHA1: 1191f9f2bc0c47a8cce69193feb1ff0a8bcb37d5
SHA256:5f2df1e467825e4cac5996d44890c4201c000b43c0b23cffc0782d28a0beb9b0

Identifiers

  • cpe: cpe:/a:apache:commons-compress:1.18  Confidence:Low  
  • maven: org.apache.commons:commons-compress:1.18  Confidence:High

commons-io-2.6.jar

Description:

 
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/commons-io-2.6.jar
MD5: 467c2a1f64319c99b5faf03fc78572af
SHA1: 815893df5f31da2ece4040fe0a12fd44b577afaf
SHA256:f877d304660ac2a142f3865badfc971dec7ed73c747c7f8d5d2f5139ca736513

Identifiers

  • maven: commons-io:commons-io:2.6  Confidence:High

cxf-core-3.2.6.jar

Description:

 Apache CXF Core

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/cxf-core-3.2.6.jar
MD5: 4692a933d6a360f960fb45b27da6ebf4
SHA1: de6b2ef9cb8a45ec5417f6783d6640851a2c9547
SHA256:b1c77b83d8e5c18a3ac904b7b652c00ad9772a5d14ba31867d85741441512403

Identifiers

  • maven: org.apache.cxf:cxf-core:3.2.6  Confidence:High
  • cpe: cpe:/a:apache:cxf:3.2.6  Confidence:Low  

dec-0.1.2.jar

Description:

 Brotli is a generic-purpose lossless compression algorithm.

License:

http://www.opensource.org/licenses/mit-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/dec-0.1.2.jar
MD5: 4b1cd14cf29733941cc536b27e6aedfa
SHA1: 0c26a897ae0d524809eef1c786cc6183b4ddcc3b
SHA256:615c0c3efef990d77831104475fba6a1f7971388691d4bad1471ad84101f6d52

Identifiers

  • maven: org.brotli:dec:0.1.2  Confidence:High
  • cpe: cpe:/a:id:id-software:0.1.2  Confidence:Low  

fontbox-2.0.12.jar

Description:

 
    The Apache FontBox library is an open source Java tool to obtain low level information
    from font files. FontBox is a subproject of Apache PDFBox.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/fontbox-2.0.12.jar
MD5: d58f35a262f19b1ef6d8ae272ea3b01a
SHA1: 566fd1d6b25012bb82078da08b82e6d0ba8c884a
SHA256:3753f3fc7d10a81efe7139abbf1d456a3dbb89d68782ede95f7da78a57d9c924

Identifiers

  • maven: org.apache.pdfbox:fontbox:2.0.12  Confidence:High
  • cpe: cpe:/a:apache:pdfbox:2.0.12  Confidence:Low  

geoapi-3.0.1.jar

Description:

 

The development community in building GIS solutions is sustaining an enormous level
 of effort. The GeoAPI project aims to reduce duplication and increase interoperability
 by providing neutral, interface-only APIs derived from OGC/ISO Standards.
  

License:

https://raw.githubusercontent.com/opengeospatial/geoapi/master/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/geoapi-3.0.1.jar
MD5: fa9a86892774b94b2bde0446ebbebd62
SHA1: a69b261841b0794b82b8d42fcd6e9a370eb62809
SHA256:ca1dfeba112d0dea575c7abba76a8ecd6ea7818e508de964302a9cfc4779b837

Identifiers

  • maven: org.opengis:geoapi:3.0.1  Confidence:High

gson-2.8.5.jar

Description:

 Gson JSON library

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/gson-2.8.5.jar
MD5: 089104cb90d8b4e1aa00b1f5faef0742
SHA1: f645ed69d595b24d4cf8b3fbb64cc505bede8829
SHA256:233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81

Identifiers

  • maven: com.google.code.gson:gson:2.8.5  Confidence:High

guava-17.0.jar

Description:

 
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/guava-17.0.jar
MD5: 89fef81c2adfa9b50a64ed5cd5d8c155
SHA1: 9c6ef172e8de35fd8d4d8783e4821e57cdef7445
SHA256:8c36a80ea613d0b6b8040a17cf837c5bbe3677bc1b06a058a6c174fdb787ebbc

Identifiers

  • maven: com.google.guava:guava:17.0  Confidence:High

httpmime-4.5.6.jar

Description:

 
   Apache HttpComponents HttpClient - MIME coded entities
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/httpmime-4.5.6.jar
MD5: 420691e1f1627f04fbc4b52eccddddd5
SHA1: 164343da11db817e81e24e0d9869527e069850c9
SHA256:0b2b1102c18d3c7e05a77214b9b7501a6f6056174ae5604e0e256776eda7553e

Identifiers

  • maven: org.apache.httpcomponents:httpmime:4.5.6  Confidence:High

isoparser-1.1.22.jar

Description:

 A generic parser and writer for all ISO 14496 based files (MP4, Quicktime, DCF, PDCF, ...)
    

License:

Apache Software License - Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/isoparser-1.1.22.jar
MD5: b6cb35cf16232e5850de5900f753ed91
SHA1: 70b5c26b52c120d2e94643717a764c4a67640fd6
SHA256:f37f0a997dcc494409b60aeb48cef319348503f84efcd1edcb0fcfb81148fc2d

Identifiers

  • maven: com.googlecode.mp4parser:isoparser:1.1.22  Confidence:High

istack-commons-runtime-3.0.5.jar

Description:

 istack common utility code

License:

https://glassfish.java.net/public/CDDL+GPL_1_1.html, https://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/istack-commons-runtime-3.0.5.jar
MD5: e78d6807e3f0fbc3514293a74418501b
SHA1: 8052dc9920dfab5d50b8ca95c95a6ce4296a8f8b
SHA256:f19ac45cfbbe12fa952be1e691eae80a74c9c7f4ac46ab3f760ca9cfa3bc694b

Identifiers

  • maven: com.sun.istack:istack-commons-runtime:3.0.5  Confidence:High

jackcess-2.1.12.jar

Description:

 A pure Java library for reading from and writing to MS Access databases.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jackcess-2.1.12.jar
MD5: 7d051d8dd93f2fe7e5e86389ea380619
SHA1: 8a422b016925475b2234b576a0f7ee3f55f1f9e2
SHA256:347e666d8f6abf382a0e1a7597421911423f20cf71237225f9eb53626f377f22

Identifiers

  • maven: com.healthmarketscience.jackcess:jackcess:2.1.12  Confidence:High

jackcess-encrypt-2.1.4.jar

Description:

 An add-on to the Jackcess library for handling encryption in MS Access files.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jackcess-encrypt-2.1.4.jar
MD5: 8fe86865a5c6709013cdd43142558786
SHA1: dfe7134b759597276ff87b7acf662bef1c1c4fd8
SHA256:a469b8dba21381a1bdf5bed5bb5de0b2050f194a2794ecd04eedc9f867b9b6e6

Identifiers

  • maven: com.healthmarketscience.jackcess:jackcess-encrypt:2.1.4  Confidence:High

jackson-core-2.9.6.jar

Description:

 Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jackson-core-2.9.6.jar
MD5: f3cf83b839fac92307cad542c2ded5c4
SHA1: 4e393793c37c77e042ccc7be5a914ae39251b365
SHA256:fab8746aedd6427788ee390ea04d438ec141bff7eb3476f8bdd5d9110fb2718a

Identifiers

  • cpe: cpe:/a:fasterxml:jackson:2.9.6  Confidence:Low  
  • maven: com.fasterxml.jackson.core:jackson-core:2.9.6  Confidence:High

jackson-databind-2.9.6.jar

Description:

 General data-binding functionality for Jackson: works on core streaming API

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jackson-databind-2.9.6.jar
MD5: c6634d654c2df15a987bc37ec8d2b6b2
SHA1: cfa4f316351a91bfd95cb0644c6a2c95f52db1fc
SHA256:657e3e979446d61f88432b9c50f0ccd9c1fe4f1c822d533f5572e4c0d172a125

Identifiers

  • maven: com.fasterxml.jackson.core:jackson-databind:2.9.6  Confidence:High
  • cpe: cpe:/a:fasterxml:jackson:2.9.6  Confidence:Low  
  • cpe: cpe:/a:fasterxml:jackson-databind:2.9.6  Confidence:Low  

jai-imageio-core-1.4.0.jar

Description:

 
    Java Advanced Imaging Image I/O Tools API core, but without the classes 
    involved with javax.media.jai dependencies, JPEG2000 or 
    codecLibJIIO, meaning that this library can be distributed under the 
    modified BSD license and should be GPL compatible.
  

License:

BSD 3-clause License w/nuclear disclaimer: LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jai-imageio-core-1.4.0.jar
MD5: 6978d733bfb55c0a82639f724fe5f3bb
SHA1: fb6d79b929556362a241b2f65a04e538062f0077
SHA256:8ad3c68e9efffb10ac87ff8bc589adf64b04a729c5194c079efd0643607fd72a

Identifiers

  • maven: com.github.jai-imageio:jai-imageio-core:1.4.0  Confidence:High

javax.annotation-api-1.3.jar

Description:

 Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/javax.annotation-api-1.3.jar
MD5: 707336a61fa1a548342bc793362bd9da
SHA1: 67747496d8b5c1f300ed3cde4ba69d6f453ba984
SHA256:f43f8ca10941606fb675785286981c166be1393f584020ffd965c6863f62232c

Identifiers

  • maven: javax.annotation:javax.annotation-api:1.3  Confidence:High

javax.ws.rs-api-2.1.jar

Description:

 Java API for RESTful Web Services (JAX-RS)

License:

CDDL 1.1: https://oss.oracle.com/licenses/CDDL+GPL-1.1
GPL2 w/ CPE: https://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/javax.ws.rs-api-2.1.jar
MD5: 2f754caa430ca5a51a662d6aa821a152
SHA1: 426a0862406536e690c7caa8bb6ed32191986fac
SHA256:1a4295889416c6972addcd425dfeeee6e6ede110e8b2dc8b49044e9b400ad5db

Identifiers

  • maven: javax.ws.rs:javax.ws.rs-api:2.1  Confidence:High
  • cpe: cpe:/a:ws_project:ws:2.1  Confidence:Low  

jaxb-api-2.3.0.jar

Description:

 JAXB (JSR 222) API

License:

https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jaxb-api-2.3.0.jar
MD5: ffa4ea6fada02493779bcd7f04f11ea3
SHA1: 99f802e0cb3e953ba3d6e698795c4aeb98d37c48
SHA256:883007989d373d19f352ba9792b25dec21dc7d0e205a710a93a3815101bb3d03

Identifiers

  • maven: javax.xml.bind:jaxb-api:2.3.0  Confidence:High

jaxb-core-2.3.0.1.jar

Description:

 JAXB Core module. Contains sources required by XJC, JXC and Runtime modules.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jaxb-core-2.3.0.1.jar
MD5: cf8cf4e22ac1bd9cae7fcf712a485c24
SHA1: 33277bae433ecd0fdebd53812eb084da443575b6
SHA256:2c18be9ca61964ad5a6f37f6c92b50a0c20539a64c04af885ce5d6b4524dbbcd

Identifiers

  • maven: org.glassfish.jaxb:jaxb-core:2.3.0.1  Confidence:High

jaxb-runtime-2.3.0.1.jar

Description:

 JAXB (JSR 222) Reference Implementation

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jaxb-runtime-2.3.0.1.jar
MD5: 348973508037a72bfbd3a35f25d658e9
SHA1: 8687b05c5930cf122cb22f4aac48814fbb44075e
SHA256:94246b208a20309c2d4e99c22440ec9eae8b7d3518a558a6b4038f74fb36f720

Identifiers

  • maven: org.glassfish.jaxb:jaxb-runtime:2.3.0.1  Confidence:High

jbig2-imageio-3.0.2.jar

Description:

 
	Java Image I/O plugin for reading JBIG2-compressed image data. 
	Formerly known as the levigo JBig2 ImageIO plugin (com.levigo.jbig2:levigo-jbig2-imageio).
    

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jbig2-imageio-3.0.2.jar
MD5: 75dacf14cc468045f89d7f5fff1aa494
SHA1: 46a53edceceabcdf9b81cd6d14f052bdfa171f4b
SHA256:3dc510cd41511f2e2382eb7ac3550b2f94e21847f0b7221be8ddd0f2252a8fe4

Identifiers

  • cpe: cpe:/a:apache:pdfbox:3.0.2  Confidence:Low  
  • maven: org.apache.pdfbox:jbig2-imageio:3.0.2  Confidence:High

jcommander-1.35.jar

Description:

 A Java framework to parse command line options with annotations.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jcommander-1.35.jar
MD5: 90216444fab67357c5bdf3293b47107e
SHA1: 47592e181b0bdbbeb63029e08c5e74f6803c4edd
SHA256:019c12fec1ce5c02cbabb150f6ac8a86d92a0ecc9c89a549e5537283e863000c

Identifiers

  • maven: com.beust:jcommander:1.35  Confidence:High

jdom2-2.0.6.jar

Description:

 
		A complete, Java-based solution for accessing, manipulating, 
		and outputting XML data
	

License:

Similar to Apache License but with the acknowledgment clause removed: https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jdom2-2.0.6.jar
MD5: 86a30c9b1ddc08ca155747890db423b7
SHA1: 6f14738ec2e9dd0011e343717fa624a10f8aab64
SHA256:1345f11ba606d15603d6740551a8c21947c0215640770ec67271fe78bea97cf5

Identifiers

jempbox-1.8.16.jar

Description:

 
    The Apache JempBox library is an open source Java tool that implements Adobe's XMP(TM)
    specification. JempBox is a subproject of Apache PDFBox.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jempbox-1.8.16.jar
MD5: 1cb997cdd8302c7e19131c81ba0b7ee2
SHA1: 1f41de81768ef84ca2d8cda4cb79e9272c8ee966
SHA256:ebef7cca5a5a77768e686972b4a89f0ffce7b46907fd96ac3d4f6ce2fa038055

Identifiers

  • maven: org.apache.pdfbox:jempbox:1.8.16  Confidence:High
  • cpe: cpe:/a:apache:pdfbox:1.8.16  Confidence:Low  

jhighlight-1.0.3.jar

Description:

 
    JHighlight is an embeddable pure Java syntax highlighting
    library that supports Java, HTML, XHTML, XML and LZX
    languages and outputs to XHTML.
    
    It also supports RIFE templates tags and highlights them
    clearly so that you can easily identify the difference
    between your RIFE markup and the actual marked up source.
	

License:

CDDL, v1.0: http://www.opensource.org/licenses/cddl1.php
LGPL, v2.1 or later: http://www.opensource.org/licenses/lgpl-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jhighlight-1.0.3.jar
MD5: 318e72a07b2bbe089f0c41df45d2f484
SHA1: 88831dce3d56aa53a1bfcba78518e8939b8d4779
SHA256:34405394e068b5d8c40ed45928ce077f8b5140bf33851a55b9cb53116ded43e5

Identifiers

  • maven: org.codelibs:jhighlight:1.0.3  Confidence:High

jmatio-1.5.jar

Description:

 Matlab's MAT-file I/O API in JAVA. Supports Matlab 5 MAT-flie format reading and writing. Written in pure JAVA.

License:

BSD: http://www.linfo.org/bsdlicense.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jmatio-1.5.jar
MD5: 6eccf45b3a4bb3dd0518afcf37b8ed35
SHA1: 517d932cc87a3b564f3f7a07ac347b725b619ab4
SHA256:70db8cf9a1818072f290fd464f14a8369c9c58993e6640128a6e8a6379d67ac7

Identifiers

  • maven: org.tallison:jmatio:1.5  Confidence:High

jna-4.3.0.jar

Description:

 Java Native Access

License:

LGPL, version 2.1: http://www.gnu.org/licenses/licenses.html
Apache License v2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jna-4.3.0.jar
MD5: d44a0d3bcb98b1aace47610bfb0c0758
SHA1: f11d386a05132f54a51c99085f016e496f345ea3
SHA256:b6232fac240d35c3b151213be3b45eae2a6757638c79a658982a4ca2b28baaa5

Identifiers

jsoup-1.11.3.jar

Description:

 jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do.

License:

The MIT License: https://jsoup.org/license
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jsoup-1.11.3.jar
MD5: 4735085c4a37313b00887dd0a0f99813
SHA1: 36da09a8f68484523fa2aaa100399d612b247d67
SHA256:df2c71a4240ecbdae7cdcd1667bcf0d747e4e3dcefe8161e787adcff7e5f2fa0

Identifiers

  • cpe: cpe:/a:jsoup:jsoup:1.11.3  Confidence:Low  
  • maven: org.jsoup:jsoup:1.11.3  Confidence:High

jul-to-slf4j-1.7.25.jar

Description:

 JUL to SLF4J bridge

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jul-to-slf4j-1.7.25.jar
MD5: ab28124cb05fec600f2ffe37b94629e0
SHA1: 0af5364cd6679bfffb114f0dec8a157aaa283b76
SHA256:416c5a0c145ad19526e108d44b6bf77b75412d47982cce6ce8d43abdbdbb0fac

Identifiers

  • maven: org.slf4j:jul-to-slf4j:1.7.25  Confidence:High
  • cpe: cpe:/a:slf4j:slf4j:1.7.25  Confidence:Low  

junrar-2.0.0.jar

Description:

 rar decompression library in plain java

License:

UnRar License: https://raw.github.com/junrar/junrar/master/license.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/junrar-2.0.0.jar
MD5: 0ca29e3b24ec650e74324b50275000f3
SHA1: db1f89ba102d1375c6a9d481ebc0e8cd880ab16d
SHA256:6c043acfffb80228cdc84f0624f2f18874ee1a0e7830198a1f7cb492f72ee843

Identifiers

  • maven: com.github.junrar:junrar:2.0.0  Confidence:High

metadata-extractor-2.11.0.jar

Description:

 Java library for extracting EXIF, IPTC, XMP, ICC and other metadata from image files.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/metadata-extractor-2.11.0.jar
MD5: e95f394e786c0c7f22e61bff2e54ff8d
SHA1: 5f11883f6d06a16ca5fb8a9edf7c6c1237a92da0
SHA256:f5ec56c6b01afbfd7019e2da73bdec5d22c60d620c0e8043e6a85adb554d0df7

Identifiers

  • maven: com.drewnoakes:metadata-extractor:2.11.0  Confidence:High
  • cpe: cpe:/a:id:id-software:2.11.0  Confidence:Low  

openjson-1.0.10.jar

Description:

 A clean-room Apache-licensed implementation of simple JSON processing

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/openjson-1.0.10.jar
MD5: c7c4cb9266cacc0aab5dcbb59456720c
SHA1: 8dcccbcc8bbfa15162cd7ca77bcf2b9daa90e70a
SHA256:17a837e6726315779caf82877a444e547bc5f846983e87229fa27d22aeabcbcc

Identifiers

  • maven: com.github.openjson:openjson:1.0.10  Confidence:High

opennlp-tools-1.9.0.jar

Description:

 The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/opennlp-tools-1.9.0.jar
MD5: e1a7629d6e4de3b54b949d1d3608d6b6
SHA1: 219011f318812aa3aa88a2134721549fcc3cb56a
SHA256:c4a3b39c19a14e3b6c7f07073485eb66bd27105333e7aa8c0f067040d6181ab7

Identifiers

  • cpe: cpe:/a:apache:opennlp:1.9.0  Confidence:Low  
  • maven: org.apache.opennlp:opennlp-tools:1.9.0  Confidence:High

parse-tika.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/parse-tika.jar
MD5: ae60261b7e7859894669a38607996a9f
SHA1: 93aebd1166ef9122fa052945c0289ce294b5090a
SHA256:8d194040ee841ba4f439c0f2928673ac2b16881f5303f57fd000a2504a1bd46e

Identifiers

  • cpe: cpe:/a:apache:tika:-  Confidence:Low  

CVE-2016-6809  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-502 Deserialization of Untrusted Data

Apache Tika before 1.14 allows Java code execution for serialized objects embedded in MATLAB files. The issue exists because Tika invokes JMatIO to do native deserialization.

Vulnerable Software & Versions:

parso-2.0.9.jar

Description:

 Parso is a lightweight Java library designed to read SAS7BDAT datasets. The Parso interfaces
        are analogous to libraries designed to read table-storing files, for example, CSVReader library.
        Despite its small size, the Parso library is the only full-featured open-source solution to process SAS7BDAT
        datasets, both uncompressed, CHAR-compressed and BIN-compressed. It is effective in processing clinical and
        statistical data often stored in SAS7BDAT format. Parso allows converting data into CSV format.
    

License:

Apache License v2: http://www.apache.org/licenses/LICENSE-2.0.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/parso-2.0.9.jar
MD5: d07965336923c11ababe5e4a2e4055d2
SHA1: 615d910051b7c4695397e6686cf840caf6216e19
SHA256:ff312d6f8e6ffe1b32a9665c3b757997c6e6e2d3d2c56024ada372c8c00a930f

Identifiers

pdfbox-2.0.12.jar

Description:

 
        The Apache PDFBox library is an open source Java tool for working with PDF documents.
    

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/pdfbox-2.0.12.jar
MD5: dd67352fcb2c1afa884a3ad40e72be6f
SHA1: a7311cd267c19e1ba8154b076a63d29537154784
SHA256:bbc07ce7f7622aedadecd5f8f90f2eabdee306b2686ad13fbf35f480803f747a

Identifiers

  • maven: org.apache.pdfbox:pdfbox:2.0.12  Confidence:High
  • cpe: cpe:/a:apache:pdfbox:2.0.12  Confidence:Low  

poi-4.0.0.jar

Description:

 Apache POI - Java API To Access Microsoft Format Files

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/poi-4.0.0.jar
MD5: 1ca4d8cedbdfa632b289f1f783ba9a7e
SHA1: 7ddb9b983ed682c93a986e8bb596d5935b13086c
SHA256:f6574162cf94b1cafcb0c49f1d4da0246e2cfd479d2f31904cc37d715e756c6c

Identifiers

sis-feature-0.8.jar

Description:

 
  
Representations of geographic features.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/sis-feature-0.8.jar
MD5: abcd6da5f22d8a177f7f86ad9de6779b
SHA1: 65ea6ab21713dee99a0d2fd7196b80dd631a7e02
SHA256:c90e420f46c407060b11f62787a088b1127d9e6adb7c79d65ff5a6a99dabd9e2

Identifiers

sis-metadata-0.8.jar

Description:

 
  
Implementations of metadata derived from ISO 19115. This module provides both an implementation
 of the metadata interfaces defined in GeoAPI, and a framework for handling those metadata through
 Java reflection.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/sis-metadata-0.8.jar
MD5: de28abdfc0d83256a87db3ceb6b094c2
SHA1: b5d309428e78ebdaf1ea04aec8747a2093689e20
SHA256:d04e98ee08441d30663d1bc45582da9672360b1a148a4faccbb55a5e1437da7c

Identifiers

sis-netcdf-0.8.jar

Description:

 
  
Bridge between netCDF Climate and Forecast (CF) convention and ISO 19115 metadata.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/sis-netcdf-0.8.jar
MD5: 2096511e5dac7016da8eacd3a4914e99
SHA1: 0aa44675239c11eeb598ef054efdf2673cd4953a
SHA256:a6477f4437c0a0ed623664739b6c9ada0cceba01d5163d0793eadb5b23677511

Identifiers

sis-referencing-0.8.jar

Description:

 
  
Implementations of Coordinate Reference Systems (CRS),
 conversion and transformation services derived from ISO 19111.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/sis-referencing-0.8.jar
MD5: c0bbeebdff505844f3d7181a127abcbb
SHA1: 8c9eb6766665eea110f47c53787b7a9bc1310400
SHA256:f194d08bdda2509e104ea32004384298014ecd664aa7d7c30dacf0ee41bfa2f9

Identifiers

sis-storage-0.8.jar

Description:

 
  
Provides the interfaces and base classes to be implemented by various storage formats.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/sis-storage-0.8.jar
MD5: 5f3238f3d977f9299174e18c45cfaba2
SHA1: 53b323f55881b4cd6fe1ecf9464a7066a3ae2eb6
SHA256:7cade99264a96233e11f1fd888c23f647d94673cab0275a3d81d0d990bd204e5

Identifiers

sis-utility-0.8.jar

Description:

 
  
Miscellaneous utilities.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/sis-utility-0.8.jar
MD5: 10e3a9e45b8256c21eb143e7f6060474
SHA1: 4ad2d0805780c5a2cebc0dadbfb8307f94c91c4f
SHA256:add922cad9d64c14ff2098c8c599dcdad8f8593978ee94a68e2278aa0b0dff41

Identifiers

stax-ex-1.7.8.jar

Description:

 Extensions to JSR-173 StAX API.

License:

                Dual license consisting of the CDDL v1.1 and GPL v2
            : https://glassfish.dev.java.net/public/CDDL+GPL_1_1.html
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/stax-ex-1.7.8.jar
MD5: bf9963c5574fdd6f69a927710ec1faf6
SHA1: 377077e4441cc46be5efde9de63efdf790a59cd7
SHA256:66a8b44e63c47a088ba1953875ea5b2b0eb0769a23906405789b3bb01c9cf8dd

Identifiers

  • maven: org.jvnet.staxex:stax-ex:1.7.8  Confidence:High

stax2-api-4.1.jar

Description:

 tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
  

License:

The BSD License: http://www.opensource.org/licenses/bsd-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/stax2-api-4.1.jar
MD5: 63d94c33170b23d46f0f2e21ac708872
SHA1: b6e20f3760016b70358e9227be904ecb26a50530
SHA256:3e99c678c42ce353595b6cc71e62f25bd6e58860b3cf79b60adc9240a967924f

Identifiers

  • maven: org.codehaus.woodstox:stax2-api:4.1  Confidence:High

tika-parsers-1.19.1.jar

Description:

 Apache Tika is a toolkit for detecting and extracting metadata and    structured text content from various documents using existing parser    libraries.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/tika-parsers-1.19.1.jar
MD5: 637fbd863c68dee8b5d915d0bf115302
SHA1: 06d45a8683a7479f0e0d9d252f834d0ae44abd6b
SHA256:40522fd496284479cb5353cc45c48a3171bda74fca7d0c4afc6e21fac24be522

Identifiers

  • cpe: cpe:/a:apache:tika:1.19.1  Confidence:Low  
  • maven: org.apache.tika:tika-parsers:1.19.1  Confidence:High

txw2-2.3.0.1.jar

Description:

 
        TXW is a library that allows you to write XML documents.
    

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/txw2-2.3.0.1.jar
MD5: 5a3f2dea3ed1579b36395bf37a2415fa
SHA1: 4d654f416732fe543deeb93272ead4b59de28fbc
SHA256:2c9c288ddeee4a601d0229a18303ea89cb2fcd1295ba2a1127fffe68c611eca3

Identifiers

  • maven: org.glassfish.jaxb:txw2:2.3.0.1  Confidence:High

uimafit-core-2.2.0.jar

Description:

 Factories, Injection, and Testing library for UIMA

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/uimafit-core-2.2.0.jar
MD5: c7f4145d5800d030b2e86f243a5dd402
SHA1: db69a6b733d2ada643f46060e130eda47edd6e5a
SHA256:c7385ba76735280cac7030e967b932d276a463c222a5aa0d8f9ac3131a12bba2

Identifiers

  • cpe: cpe:/a:apache:apache_test:2.2.0  Confidence:Low  
  • maven: org.apache.uima:uimafit-core:2.2.0  Confidence:High

uimaj-core-2.9.0.jar

Description:

 The core implementation of the UIMA Java Framework

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/uimaj-core-2.9.0.jar
MD5: fcc8e2df8f54b980d033ab3536dc0a95
SHA1: 314390218c2f2d11089007719a5d4f39510d32f5
SHA256:ae55a918b605ffbbfd373301e1d4c18e8a8021e2efd8241b3baa5d48c1ad1656

Identifiers

  • maven: org.apache.uima:uimaj-core:2.9.0  Confidence:High
  • cpe: cpe:/a:apache:uimaj:2.9.0  Confidence:Low  

unit-api-1.0.jar

Description:

 Units of Measurement Standard - This JSR specifies Java packages for modeling and working with measurement values, quantities and their corresponding units.

License:

BSD: LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/unit-api-1.0.jar
MD5: 0e62b80ee212b7bb9d3cd150ff988a93
SHA1: 6b960260278588d7ff02fe376e5aad39a9c7440b
SHA256:35da65fdbd3f9c1fe79cfc8399db975fd97660d8a219febfda9fd1a5fc058f10

Identifiers

  • maven: javax.measure:unit-api:1.0  Confidence:High

woodstox-core-5.1.0.jar

Description:

 
        Woodstox is a high-performance XML processor that
        implements Stax (JSR-173), SAX2 and Stax2 APIs
    

License:

The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/woodstox-core-5.1.0.jar
MD5: 88b7a2312146e237a9941b1f00bf456d
SHA1: bd416e84cbd20cb5f2cf13c30b023e814a4d6107
SHA256:6d6107c3e6aac8f1c3e3762b89164b329fb2b15ec0afc8961cf6c4dc355f10bf

Identifiers

  • maven: com.fasterxml.woodstox:woodstox-core:5.1.0  Confidence:High

xmlbeans-3.0.1.jar

Description:

 XmlBeans main jar

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/xmlbeans-3.0.1.jar
MD5: e61160376525c448371c18d0ecdbf70a
SHA1: 50d94da791ab1e799a11d6f82410fd7d49f402ca
SHA256:ec7b2aa7e1352753d18ac2daa7a68880f160a26087ede464ed329807238c0922

Identifiers

xz-1.8.jar

Description:

 XZ data compression

License:

Public Domain
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/xz-1.8.jar
MD5: 5f982127e0de85b785c4b2abad21aa2e
SHA1: c4f7d054303948eb6a4066194253886c8af07128
SHA256:8c7964b36fe3f0cbe644b04fcbff84e491ce81917db2f5bfa0cba8e9548aff5d

Identifiers

  • cpe: cpe:/a:tukaani:xz:1.8  Confidence:Low  
  • maven: org.tukaani:xz:1.8   Confidence:Highest

CVE-2015-4035  

Severity:Medium
CVSS Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CWE: CWE-20 Improper Input Validation

scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names containing semicolons, which allows remote attackers to execute arbitrary code by having a user run xzgrep on a crafted file name.

Vulnerable Software & Versions:

parse-zip.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-zip/parse-zip.jar
MD5: a25e0fd6d165a1a1023d887d4b0f4db9
SHA1: 26267e88b191a716c5bb6bbe5fd589b79862b2c7
SHA256:cf428e948c516011d4973023656ed5394951a8d00da03eee8154c64992312677

Identifiers

  • cpe: cpe:/a:zip_project:zip:-  Confidence:Low  

CVE-2018-13684  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
CWE: CWE-190 Integer Overflow or Wraparound

The mintToken function of a smart contract implementation for ZIP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

Vulnerable Software & Versions:

commons-cli-2.0-mahout.jar

Description:

 
    Commons CLI provides a simple API for presenting, processing and
    validating a command line interface.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/commons-cli-2.0-mahout.jar
MD5: 703565f9521e7755c6fa2347c94dcf8d
SHA1: f1df8dc67ae086159ac66bd92c0bb54254776a93
SHA256:0dbc0532a36415455b6e867f402ed2673ff9c229a292507d5a4d1e4921290367

Identifiers

  • maven: org.apache.commons:commons-cli:2.0-SNAPSHOT  Confidence:High

commons-lang3-3.1.jar

Description:

 
  Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/commons-lang3-3.1.jar
MD5: 71b48e6b3e1b1dc73fe705604b9c7584
SHA1: 905075e6c80f206bbe6cf1e809d2caa69f420c76
SHA256:131f0519a8e4602e47cf024bfd7e0834bcf5592a7207f9a2fdb711d4f5afc166

Identifiers

  • maven: org.apache.commons:commons-lang3:3.1  Confidence:High

commons-math3-3.2.jar

Description:

 The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/commons-math3-3.2.jar
MD5: aaa32530c0f744813570ff73db018698
SHA1: ec2544ab27e110d2d431bdad7d538ed509b21e62
SHA256:6268a9a0ea3e769fc493a21446664c0ef668e48c93d126791f6f3f757978fee2

Identifiers

  • maven: org.apache.commons:commons-math3:3.2  Confidence:High

guava-14.0.1.jar

Description:

 
    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has two code dependencies - javax.annotation
    per the JSR-305 spec and javax.inject per the JSR-330 spec.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/guava-14.0.1.jar
MD5: 58553f87d83b9f8ec74bd3529083ee2f
SHA1: 69e12f4c6aeac392555f1ea86fab82b5e5e31ad4
SHA256:d69df3331840605ef0e5fe4add60f2d28e870e3820937ea29f713d2035d9ab97

Identifiers

  • maven: com.google.guava:guava:14.0.1  Confidence:High

jackson-core-asl-1.9.12.jar

Description:

 Jackson is a high-performance JSON processor (parser, generator)

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/jackson-core-asl-1.9.12.jar
MD5: 9eecf9a28910728023f8004620f13535
SHA1: ecfc6f73a841c4c3c653b59651a3f9d5f1286469
SHA256:eb1fcba3554c8408fa40d17fb5d085ce1502d990c08940766e90d18801ad9c3a

Identifiers

lucene-analyzers-common-5.5.0.jar

Description:

 Additional Analyzers

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/lucene-analyzers-common-5.5.0.jar
MD5: 86dd4e953341d6b9b6bb01ce9fa68bc6
SHA1: 1e0e8243a4410be20c34683034fafa7bb52e55cc
SHA256:995bd1b8c6e4a748956e28d2307f42d0a81ff1f9ec1412f4fff3fbe3045b13ef

Identifiers

lucene-core-5.5.0.jar

Description:

 Apache Lucene Java Core

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/lucene-core-5.5.0.jar
MD5: 05fa9206e10ace78de5b107e18ab02aa
SHA1: a74fd869bb5ad7fe6b4cd29df9543a34aea81164
SHA256:8a0192d922969fbb090f03361dc465c888c5f525ea7b3f77c4ff751a98150b98

Identifiers

mahout-core-0.9.jar

Description:

 Scalable machine learning libraries

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/mahout-core-0.9.jar
MD5: ccdddf6be37bc2a7a6e6848c8cecea2a
SHA1: 22a63210e10d39be2edcc01564f5d5f68f91eeb7
SHA256:ef68f6d4b3cd17c6f259c0b513685bd84c88c1acbb2be1833bd7fc27bc1198e9

Identifiers

  • maven: org.apache.mahout:mahout-core:0.9  Confidence:High

mahout-math-0.10.1.jar

Description:

 High performance scientific and technical computing data structures and methods,
    mostly based on CERN's
    Colt Java API
  

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/mahout-math-0.10.1.jar
MD5: 2361ef691cd4f19dbf16da7e760120dd
SHA1: dcb2ea595466113bd7adbe50f0d094a5c01bfc8d
SHA256:0d3159beef984291d310970ebb02cedd20616cb1dceda9d632cc04071e1e97c5

Identifiers

  • maven: org.apache.mahout:mahout-math:0.10.1  Confidence:High

parsefilter-naivebayes.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/parsefilter-naivebayes.jar
MD5: 1f8c5c65e15c1391f96db9cb39168221
SHA1: ea521c024f7674bddb80da224cf37f1e7ad3bc97
SHA256:3e820031e65fbb13dff9af0b365d67d740713c9652ba54249a25e27b05e40ff8

Identifiers

  • None

slf4j-api-1.7.12.jar

Description:

 The slf4j API

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/slf4j-api-1.7.12.jar
MD5: 68910bf95dbcf90ce5859128f0f75d1e
SHA1: 8e20852d05222dc286bf1c71d78d0531e177c317
SHA256:0aee9a77a4940d72932b0d0d9557793f872e66a03f598e473f45e7efecdccf99

Identifiers

  • cpe: cpe:/a:slf4j:slf4j:1.7.12  Confidence:Low  
  • maven: org.slf4j:slf4j-api:1.7.12  Confidence:High

solr-commons-csv-3.5.0.jar

Description:

 The Apache Software Foundation provides support for the Apache community of open-source software projects.    The Apache projects are characterized by a collaborative, consensus based development process, an open and    pragmatic software license, and a desire to create high quality software that leads the way in its field.    We consider ourselves not simply a group of projects sharing a server, but rather a community of developers    and users.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/solr-commons-csv-3.5.0.jar
MD5: 39315876eee49767a1c2946851278f5b
SHA1: 97ba33976975a85568a8bd579b885fe3b47f6c08
SHA256:d153b383d9de162bdd1b45da729943cc1dc779febe7fdc3dcfa751493068ad38

Identifiers

  • maven: org.apache.commons:commons-csv:1.0-SNAPSHOT  Confidence:High
  • cpe: cpe:/a:apache:solr:1.0.0  Confidence:Highest  

CVE-2009-3821  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in the Apache Solr Search (solr) extension 1.0.0 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Software & Versions:

CVE-2012-6612  

Severity:High
CVSS Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

The (1) UpdateRequestHandler for XSLT or (2) XPathEntityProcessor in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, different vectors than CVE-2013-6407.

Vulnerable Software & Versions: (show all)

CVE-2013-6397  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT.  NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.

Vulnerable Software & Versions: (show all)

CVE-2013-6407  

Severity:Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Vulnerable Software & Versions: (show all)

CVE-2013-6408  

Severity:Medium
CVSS Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:N/A:P)

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.

Vulnerable Software & Versions: (show all)

CVE-2015-8795  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schema-Browser page, related to webapp/web/js/scripts/schema-browser.js.

Vulnerable Software & Versions:

CVE-2015-8796  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI in Apache Solr before 5.3 allows remote attackers to inject arbitrary web script or HTML via a crafted schema-browse URL.

Vulnerable Software & Versions:

CVE-2015-8797  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.

Vulnerable Software & Versions:

CVE-2017-3163  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.

Vulnerable Software & Versions: (show all)

t-digest-3.1.jar

Description:

 Data structure which allows accurate estimation of quantiles and related rank statistics

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/t-digest-3.1.jar
MD5: ba0c00142170b71bd3ae17d2d7e4e38b
SHA1: 451ed219688aed5821a789428fd5e10426d11312
SHA256:271f3a5a4bc79d7554c9e9e557669af83bcbda0db871e0b8c969d56e51c123a9

Identifiers

  • maven: com.tdunning:t-digest:3.1  Confidence:High

xmlpull-1.1.3.1.jar

License:

Public Domain: http://www.xmlpull.org/v1/download/unpacked/LICENSE.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/xmlpull-1.1.3.1.jar
MD5: cc57dacc720eca721a50e78934b822d2
SHA1: 2b8e230d2ab644e4ecaa94db7cdedbc40c805dfa
SHA256:34e08ee62116071cbb69c0ed70d15a7a5b208d62798c59f2120bb8929324cb63

Identifiers

xpp3_min-1.1.4c.jar

Description:

 MXP1 is a stable XmlPull parsing engine that is based on ideas from XPP and in particular XPP2 but completely revised and rewritten to take the best advantage of latest JIT JVMs such as Hotspot in JDK 1.4+.

License:

Indiana University Extreme! Lab Software License, vesion 1.1.1: http://www.extreme.indiana.edu/viewcvs/~checkout~/XPP3/java/LICENSE.txt
Public Domain: http://creativecommons.org/licenses/publicdomain
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/xpp3_min-1.1.4c.jar
MD5: dcd95bcb84b09897b2b66d4684c040da
SHA1: 19d4e90b43059058f6e056f794f0ea4030d60b86
SHA256:bfc90e9e32d0eab1f397fb974b5f150a815188382ac41f372a7149d5bc178008

Identifiers

xstream-1.4.4.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-naivebayes/xstream-1.4.4.jar
MD5: 4b2a6d156777975a7d15fe53a1c37fe7
SHA1: 488e9e4a47afc81d2b2dec3c3eb3a4d0f10fe105
SHA256:29e83a585d56a76b1d417dade617465d18f8aab7bec1390b742508c7d173318a

Identifiers

  • cpe: cpe:/a:xstream_project:xstream:1.4.4  Confidence:Low  
  • maven: com.thoughtworks.xstream:xstream:1.4.4  Confidence:High

CVE-2016-3674  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N)
CWE: CWE-200 Information Exposure

Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document.

Vulnerable Software & Versions:

CVE-2017-7957  

Severity:Medium
CVSS Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
CWE: CWE-20 Improper Input Validation

XStream through 1.4.9, when a certain denyTypes workaround is not used, mishandles attempts to create an instance of the primitive type 'void' during unmarshalling, leading to a remote application crash, as demonstrated by an xstream.fromXML("<void/>") call.

Vulnerable Software & Versions:

parsefilter-regex.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parsefilter-regex/parsefilter-regex.jar
MD5: f48bf959e08179c9297c791d16f82632
SHA1: e11a556cfbfe2c475423271aeae7dd8527424375
SHA256:0e7542675c8990c1ba049e94bb13264bd8384aee61c74832e6f848f61c1b24f9

Identifiers

  • None

protocol-file.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-file/protocol-file.jar
MD5: a0851d47b24f6bca0875b7482c978996
SHA1: 694111f4518c7f5caf51b5ff81c8a373a93f5dba
SHA256:5be1e78ad537ee763f94c2c14a969c2785e9567aac2f62febfa262a521312c00

Identifiers

  • None

commons-net-1.2.2.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-ftp/commons-net-1.2.2.jar
MD5: 092ead7cc4989f3a14495f6006cf9d2f
SHA1: 57a100f070def45b3161783235df6ba8c610ba17
SHA256:4a0232e659088776082f3b0af0ba28bca9531bb5a92276abc0a5344635ad5928

Identifiers

protocol-ftp.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-ftp/protocol-ftp.jar
MD5: 094b5037e54589a3a3d537b3864a2412
SHA1: 7d3a86c233e75c75b365ea7817b6b8986153bb14
SHA256:706f717638240cadc959f4119fe84479df1b88447ba982ddc0b034294606b819

Identifiers

  • None

protocol-htmlunit.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-htmlunit/protocol-htmlunit.jar
MD5: c426d5882ce36474cc3e871f716aa4ce
SHA1: c6619101be9859a6b4a59f925e103d123a5fb627
SHA256:70a651f65b9583bd249b896561df121a5eb5d6f177003379632f64976527fe3a

Identifiers

  • None

protocol-http.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-http/protocol-http.jar
MD5: 26972505d2681ce76af41275af694270
SHA1: f64bc3b171e40ec408902f86802ff199a3b4dd00
SHA256:ef21e73f47e0653be614df7096fbae96eddfa25cd85f2f3ec636768ff5b3f42a

Identifiers

  • None

jsoup-1.8.1.jar

Description:

 jsoup HTML parser

License:

The MIT License: http://jsoup.com/license
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-httpclient/jsoup-1.8.1.jar
MD5: 3e473766c65d0f19bfeceaf810ef2f07
SHA1: 1eb6690b0c629d7000c77a72df5e822fb974f521
SHA256:974de5e63ab0c23b5278e1202b89a6e80e6048337dba768cefea9d7d4b0c688f

Identifiers

  • maven: org.jsoup:jsoup:1.8.1  Confidence:High
  • cpe: cpe:/a:jsoup:jsoup:1.8.1  Confidence:Low  

CVE-2015-6748  

Severity:Medium
CVSS Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CWE: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.

Vulnerable Software & Versions:

protocol-httpclient.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-httpclient/protocol-httpclient.jar
MD5: 0beb41a639030995a7a2d96473857b80
SHA1: 0a72d62a5c4fe588fc5595e9bef55c8596f01849
SHA256:cf74f6881846a5db49286e8f76a2eec10051b65e0670307ac0daaa5f8fb73042

Identifiers

  • cpe: cpe:/a:apache:httpclient:-  Confidence:Low  

protocol-interactiveselenium.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-interactiveselenium/protocol-interactiveselenium.jar
MD5: f7ed8c19b663a37f7296fab5e6c9ce0e
SHA1: 35eb72d370bbe202df84f98bf3ccb7bb1fd45e8b
SHA256:4beec81e881201e0a730f57b37e5b41c908cb042aec410223daf22eb1fe07b41

Identifiers

  • None

okhttp-3.10.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-okhttp/okhttp-3.10.0.jar
MD5: 6aaeda95994c63c8901930c2866ba04b
SHA1: 7ef0f1d95bf4c0b3ba30bbae25e0e562b05cf75e
SHA256:4aca3e552afb1ceb47f8956685f6295a276e49fa03f9066f8b6be83bec56fb66

Identifiers

  • cpe: cpe:/a:squareup:okhttp:3.10.0  Confidence:Low  
  • cpe: cpe:/a:squareup:okhttp3:3.10.0  Confidence:Low  
  • maven: com.squareup.okhttp3:okhttp:3.10.0  Confidence:High

okio-1.14.0.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-okhttp/okio-1.14.0.jar
MD5: ae447128b0a0625524178873c6b9aa12
SHA1: 102d7be47241d781ef95f1581d414b0943053130
SHA256:4633c331f50642ebe795dc089d6a5928aff43071c9d17e7840a009eea2fe95a3

Identifiers

  • maven: com.squareup.okio:okio:1.14.0  Confidence:High

protocol-okhttp.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-okhttp/protocol-okhttp.jar
MD5: 85d5cf0ff16219c8d35aed500607c9b4
SHA1: 42f01e2e0995b96777eec0da3e8fcb31a5896754
SHA256:a71f9cbac853dcc75b260263f3efad2b6a4dd6886a496bbef6e3affa82c054b3

Identifiers

  • None

protocol-selenium.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/protocol-selenium/protocol-selenium.jar
MD5: dac2fb01d3f2856da935dff00ff71959
SHA1: 7cd5d1e05ae9dec4444e52760554f36b1e0288d6
SHA256:5f0c11c3eda812efd478ccc615491f407e3ad8e87dcc3a18361ad2c0526a33d7

Identifiers

  • None

publish-rabbitmq.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/publish-rabbitmq/publish-rabbitmq.jar
MD5: 2f4695778e25565afb1d89957be48cff
SHA1: d92654cceca35d6253418acacb9fc285191f0b56
SHA256:96963443eb089139541878374698cc5b46aa0836f568a57afb1c7c57fb48e869

Identifiers

  • None

scoring-depth.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/scoring-depth/scoring-depth.jar
MD5: 24f73b5f5a5bd6d967cd156c23bf3e0b
SHA1: 178730354ac2b55aed60bf220e566ddace70143a
SHA256:325d83a968de9e73132cad2213baa60f34f352cfae65717e80b65dc192bf5390

Identifiers

  • None

scoring-link.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/scoring-link/scoring-link.jar
MD5: a31d453d39ad96aac7060b6a9f829240
SHA1: cfc8930ec028b36ae5dca86275f14538cc43b2ab
SHA256:236ea64da734c3b03f2d44a2a1a425e115467924cc4e7ccb2ca1ae01b4ee53f5

Identifiers

  • None

scoring-opic.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/scoring-opic/scoring-opic.jar
MD5: 96f4f4708b42576afd090a1efd66a8ba
SHA1: df58d1aa16ccb017cf44a60a2c47c295cc64c726
SHA256:8e9c1f2e565f422921e1b9715ec29ca5b2491297cfeebb3731308e18e1c8375a

Identifiers

  • None

scoring-orphan.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/scoring-orphan/scoring-orphan.jar
MD5: b5f29af8e03f328cf25e61dbe73ad275
SHA1: b9fb07e39dd0ba376fd79f7545b75e296d901c09
SHA256:250e3c5d95391eb4730dbd5982d827bf2804b22e4d3d60a4b12ea0bfa73e81ec

Identifiers

  • None

scoring-similarity.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/scoring-similarity/scoring-similarity.jar
MD5: ff9946dccb1cec9c94b883c28b4ede11
SHA1: 262d04d9c94b5a278ed87737d780ac977f314c83
SHA256:5f46bad394a3b679801103a180671df65a8353cf18b295be3b1f82eadab54d8f

Identifiers

  • None

subcollection.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/subcollection/subcollection.jar
MD5: d9750009884f8ac22c7a970eab9c0784
SHA1: 0c5844345b3b5bda67e5f5bd987b68e707bf6b32
SHA256:889ca4b09ffaea9009d4f3b1e56fd4becf99f2b891cd7e9e5407caea565ec55e

Identifiers

  • None

tld.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/tld/tld.jar
MD5: f7a612d9c3be9a8ddbeb6663a8ac229e
SHA1: d0121441ca955e1405ef8e81b2285cf63de58686
SHA256:0ad12b15d8d07e191f959caea2b9995d75796449872225f467e611a26e3eaf86

Identifiers

  • None

automaton-1.11-8.jar

Description:

 A DFA/NFA (finite-state automata) implementation with
		Unicode alphabet (UTF16) and support for the standard regular
		expression operations (concatenation, union, Kleene star) and a number
		of non-standard ones (intersection, complement, etc.) 

License:

BSD: http://www.opensource.org/licenses/bsd-license.php
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-automaton/automaton-1.11-8.jar
MD5: 3467dcbbba2fe68a4e07a5826988e034
SHA1: 6ebfa65eb431ff4b715a23be7a750cbc4cc96d0f
SHA256:a24475f6ccfe1cc7a4fe9e34e05ce687b0ce0c6e8cb781e0eced3b186482c61e

Identifiers

urlfilter-automaton.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-automaton/urlfilter-automaton.jar
MD5: 7ab29bf63aa5670c3644c0eeb9517888
SHA1: 91e645c387ac0e220875720e2b4b39d7ce586db4
SHA256:8a4e1bc19dd3c696db71a10c4163099ea172595f96de3d21c98d2b9b3f0e8649

Identifiers

  • None

urlfilter-domain.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-domain/urlfilter-domain.jar
MD5: 89e778ce8db716a8fc2ccff88490c22e
SHA1: 41e15727e47ecd7ed8182167e261e53aebcee2f9
SHA256:7ec04ee62bc51239a3eb431f109f77f08d66b8ec76a389544d0f37503596d6cf

Identifiers

  • None

urlfilter-domainblacklist.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-domainblacklist/urlfilter-domainblacklist.jar
MD5: 72d1c7fa468baf91dd503c4cbbb33ad7
SHA1: 45013d8a79fcd26cd0f0ff8d5f176a65818893cc
SHA256:63ef35f1f647c04784b45541e2a2b9d72761b61472f95f9f8170ba37cf13a67a

Identifiers

  • None

urlfilter-ignoreexempt.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-ignoreexempt/urlfilter-ignoreexempt.jar
MD5: 27434f9c0eec3f37851ebbb2cc767400
SHA1: 032ae057252aa8b51ed5558de8c601c4e11b91c8
SHA256:c1eb53da2fbe1c8d0b3d44e67650de31c91f640117a4d0a78f885942c0788257

Identifiers

  • None

urlfilter-prefix.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-prefix/urlfilter-prefix.jar
MD5: 99320681883413420be903561f28b26e
SHA1: 84615ef0e1944e5e05afd6afd35f85f9d42fe3d7
SHA256:d32a3e6e87dcda25e66b78cf4c4fc2e5691ca1b59906888107009feddae6681a

Identifiers

  • None

urlfilter-regex.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-regex/urlfilter-regex.jar
MD5: 32ecebaabe598accd6e971945ba3250d
SHA1: 4895ba2438433cef2a63701bc2f97b0f695baf82
SHA256:aeac33eca7a90c5dc677937e34f450b51aa54be53b736e79972c0ea78136b35e

Identifiers

  • None

urlfilter-suffix.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-suffix/urlfilter-suffix.jar
MD5: 812d0858ff1b54b2267e26a856815862
SHA1: 39fe03565c1c0e889e086faafdcf5cde473fcf11
SHA256:e13da7b63cc41b0ce21babf8021cb424c3f6ac9607156048fbac6a194ba3183d

Identifiers

  • None

urlfilter-validator.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlfilter-validator/urlfilter-validator.jar
MD5: bc90ef3f46d09088b9d7e2ccaa79de2f
SHA1: f010c15ce02256f1c9c40ad4a7e71c9fd74b1eb6
SHA256:3d4ac396e02ed90129bb66ba79036f27a4c7031e71dfd048ebc29f96c6a312bc

Identifiers

  • None

urlmeta.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlmeta/urlmeta.jar
MD5: a828c63e4a85805e833a322bea4a43d8
SHA1: 65ffc65336f25b56945c53db7245862cc49efc00
SHA256:224652b35d67c90f300ef265751206791e862290318a58d6a05fc2333c3b9f00

Identifiers

  • None

urlnormalizer-ajax.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-ajax/urlnormalizer-ajax.jar
MD5: 7e5dc387ee1aa74176b7010152a845cc
SHA1: 51e913dc0608d5e90b513915ff179539dcec2da2
SHA256:d539b95410daf5de5eaa40d59bd43db7904b5709d8ec0fec7fba739dc84e21fe

Identifiers

  • None

urlnormalizer-basic.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-basic/urlnormalizer-basic.jar
MD5: 3f79dabd57252939d10d95f42b9a19d6
SHA1: 2f61082282732671c82f252dda981a8535f1b4b0
SHA256:a6869c583bbad84726984dd990ad790bb120180159bde97d077639431091ac6c

Identifiers

  • None

urlnormalizer-host.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-host/urlnormalizer-host.jar
MD5: 7d805d477a24c4ae8a5d7f6b7e47c8f8
SHA1: 9d5450300641a214f71be880f8e4b97795f7f2da
SHA256:136df24df848c1140b1d8b1ec7002b281b53c761745bcaa846b0723fbb15b559

Identifiers

  • None

urlnormalizer-pass.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-pass/urlnormalizer-pass.jar
MD5: 6f8e3d2248e6469c249d4a66e633e395
SHA1: c90297abc60f5bd4aa37487a3897820be4d5d803
SHA256:6843a7e29a552012dc475f48c5801da0fb73ee76968f5254d7e6c54d598261f1

Identifiers

  • None

urlnormalizer-protocol.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-protocol/urlnormalizer-protocol.jar
MD5: b7aa60c29e8b99bdd3ba5a97f7996a8e
SHA1: 31b5f800c1bc99ed1e2932b93c1584b5bdbf83f3
SHA256:f63f8173e4a68cf0b2317db64b8217ecc6162d9cb26082b0e61f20ef4af1813e

Identifiers

  • None

urlnormalizer-querystring.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-querystring/urlnormalizer-querystring.jar
MD5: fb22712e11bd3b2e6cf49254f648f607
SHA1: f5632d882a0bf27fbb063d087f71870286252c27
SHA256:0bb521e7fa3da2c70b7cf5017f39b8d00267de3722a71a6da8bc19236653f743

Identifiers

  • None

urlnormalizer-regex.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-regex/urlnormalizer-regex.jar
MD5: 3827bfd63ba177ae0bff3975a45b8430
SHA1: 7f91f5dc66ae64606490d8b04bd0350cac8c058a
SHA256:237b41f81f0affa927936f8840d52274bd54882cec4c578ca64f71191f5fbbc5

Identifiers

  • None

urlnormalizer-slash.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/urlnormalizer-slash/urlnormalizer-slash.jar
MD5: cbef3537b94e5e78cbd0eefc5addcf67
SHA1: 26f50216e943d29b532c662f334f4fba99944e2d
SHA256:3018b4081233ac33d022d10b6e18ede0dd885d81a363cd62d74ce10317bcd2a2

Identifiers

  • None

leveldbjni-all-1.8.jar: leveldbjni.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/leveldbjni-all-1.8.jar/META-INF/native/windows32/leveldbjni.dll
MD5: 551b9310a9ed358359296a89715df2f4
SHA1: bba450e93688b872b3fcaa31e8457950e97d8429
SHA256:3cf3f6284f99acad369a15f0b4eca8e0dec2b0342651c519e4665570da8a68ee

Identifiers

  • None

leveldbjni-all-1.8.jar: leveldbjni.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/leveldbjni-all-1.8.jar/META-INF/native/windows64/leveldbjni.dll
MD5: 4b6fa20009ca1eb556e752671461a3f2
SHA1: 978ca9c96c03eb220556ce5bc96c715f95a0967c
SHA256:7794f7bbc848d1a9ad98996f2c68a1cf12ac17562f646c6d7f5733404a7b5ef1

Identifiers

  • None

snappy-java-1.0.4.1.jar: snappyjava.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/snappy-java-1.0.4.1.jar/org/xerial/snappy/native/Windows/amd64/snappyjava.dll
MD5: 09989290a9d23aa887ad3919c8daf6bd
SHA1: 1ca8cb25c14aa3574e1c2d362e11b97b889dc466
SHA256:f0bcc10fb910803d2ce1dfc36fe792066a27570ecacdeedf9d98e7b758f37b44

Identifiers

  • None

snappy-java-1.0.4.1.jar: snappyjava.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/snappy-java-1.0.4.1.jar/org/xerial/snappy/native/Windows/x86/snappyjava.dll
MD5: 02d0731854ac1be878dc4d6e2555aa2d
SHA1: baf474b2ad0b6873e2d99764ea61dcb42f850e24
SHA256:e063f8c7329c9e95f61fac2d2c91330440cd45ff832582a46080c082fa8a0c56

Identifiers

  • None

ehcache-core-2.6.2.jar: sizeof-agent.jar

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/ehcache-core-2.6.2.jar/net/sf/ehcache/pool/sizeof/sizeof-agent.jar
MD5: 5ad919b3ac0516897bdca079c9a222a8
SHA1: e86399a80ae6a6c7a563717eaa0ce9ba4708571c
SHA256:3bcd560ca5f05248db9b689244b043e9c7549e3791281631a64e5dfff15870d2

Identifiers

  • maven: net.sf.ehcache:sizeof-agent:1.0.1  Confidence:High

jna-4.1.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jna-4.1.0.jar/com/sun/jna/w32ce-arm/jnidispatch.dll
MD5: 57697cbdd321ae7d06f5da04e821f908
SHA1: 67167f2b2fce8db5f9f64a372b0da54730d3ee51
SHA256:361e173e6e50cb1bf8b7fab38c1ff99686ea819e58ee30348e7756cb0418a9f6

Identifiers

  • None

jna-4.1.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jna-4.1.0.jar/com/sun/jna/win32-x86-64/jnidispatch.dll
MD5: 06b2f1f909d2436dff20d7a668ef26a9
SHA1: bd1bdda9a91f3b0d9067e323f7394bef933f81f6
SHA256:e7864cb5509990ccf3f3d8a2ad1eaf41491ebb82df35408ee79957385d8355b3

Identifiers

  • None

jna-4.1.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/any23/jna-4.1.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: 05a72ada9247aeb114a9ef01a394b6c4
SHA1: 8b32cc82740fc62afdf5ea211f1ca8bb72269bbf
SHA256:12c6ecdab2cab372548ebf059548873a2f414a1b7b4389502702b7ab912f9a39

Identifiers

  • None

jna-4.2.2.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/jna-4.2.2.jar/com/sun/jna/win32-x86-64/jnidispatch.dll
MD5: b04c620540a971e93390ba9ec7cc8641
SHA1: cb612a48eff7c60c40a6bb64b78fb47d5709f5e7
SHA256:1b2af8b31416f68051db213bcdcf82775e29191b6d069c327988e02e654030ad

Identifiers

  • None

jna-4.2.2.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/jna-4.2.2.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: d2f0da769204b8c45c207d8f3d8fc37e
SHA1: c6870c1b8be2dbf1d737c918963d2f183aa778e1
SHA256:064c34c9f92f6aca636b5b53006b539853268570f048f33155c6a6635d6c0e7b

Identifiers

  • None

jna-3.4.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/jna-3.4.0.jar/com/sun/jna/win32-amd64/jnidispatch.dll
MD5: 715c98aa5955e7e07fb99d87f522e73a
SHA1: 0981d98dd34df47cd4bb915e5d20b5750eb33ef2
SHA256:b7f1133492a060a857a1ef0877e18e382f1c418e5dac2e674abc65f336241d61

Identifiers

  • None

jna-3.4.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/jna-3.4.0.jar/com/sun/jna/w32ce-arm/jnidispatch.dll
MD5: f9761a775488b6128b46314574b59906
SHA1: de3b707726ebc4496e55509d1ceba8bcf6ad5b9c
SHA256:1a4ea4533acc49657be3144810be8f2a33e1b9cefc979951f2efbdb07bb4c7e7

Identifiers

  • None

jna-3.4.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/jna-3.4.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: 50754352847b5e71e11abf4d30407148
SHA1: bb2fe694c6d7bca89fd431c0984c832ed35a4f0e
SHA256:3c99066b7516dcaa4f1d9ef596aed1398321bb356a46fbb3dbea4d700a32a3c3

Identifiers

  • None

operalaunchers-1.1.jar: launcher-win32-i86pc.exe

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/lib-htmlunit/operalaunchers-1.1.jar/launchers/launcher-win32-i86pc.exe
MD5: 471167643016e8b2f444e8f5ca380af1
SHA1: d3a503274506205ef5781b14cf26f0c08997d591
SHA256:bdac0e75ee6d9801714b756798e219f5f5666155d28ce6eba7ecea6d4e58ebd7

Identifiers

  • None

jna-4.3.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jna-4.3.0.jar/com/sun/jna/win32-x86-64/jnidispatch.dll
MD5: 6f86fbe1eb1ea0c42dcb5556cc1965b2
SHA1: 53b5e54c69d9830b331ab7d9c72cf9579e678293
SHA256:3d03802ea632d4a9b3d227f48620483a204860215cef882c0590cb87191eeac0

Identifiers

  • None

jna-4.3.0.jar: jnidispatch.dll

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/parse-tika/jna-4.3.0.jar/com/sun/jna/win32-x86/jnidispatch.dll
MD5: cae90c2a46596b978a8b60c40a40f7b6
SHA1: 51833911ce8793e80abaf6284694d4c099a5e800
SHA256:199ce3ece25457536d64413df1fc314f2627e46344548fab8d7af25d27a0f409

Identifiers

  • None

antlr4-4.5.1.jar (shaded: org.antlr:antlr4-runtime:4.5.1)

Description:

 The ANTLR 4 Runtime

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/antlr4-4.5.1.jar/META-INF/maven/org.antlr/antlr4-runtime/pom.xml
MD5: 9d1d96c3ffedf7f287c0de8032becdde
SHA1: 47a3c5bc681610d2ca3ec9e499eaaece74fa89c1
SHA256:4f7e70ffbcf4223f836b620034d0f0eb5ee67a32a956ef726d2a22337285e7b7

Identifiers

  • maven: org.antlr:antlr4-runtime:4.5.1  Confidence:High

antlr4-4.5.1.jar (shaded: org.abego.treelayout:org.abego.treelayout.core:1.0.1)

Description:

 Efficient and customizable TreeLayout Algorithm in Java.

License:

BSD 3-Clause "New" or "Revised" License (BSD-3-Clause): http://treelayout.googlecode.com/files/LICENSE.TXT
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/antlr4-4.5.1.jar/META-INF/maven/org.abego.treelayout/org.abego.treelayout.core/pom.xml
MD5: 0fd589167b7a434db7580a66737649b9
SHA1: e8da72b4e31c6610ca57fde5f73d5ee4d1d5f957
SHA256:7c8cbfca64e970440d4f287f3516a96c00692a0394fca1d57b12a97a96f0ea11

Identifiers

  • maven: org.abego.treelayout:org.abego.treelayout.core:1.0.1  Confidence:High

htrace-core-3.1.0-incubating.jar (shaded: commons-logging:commons-logging:1.1.1)

Description:

 Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/htrace-core-3.1.0-incubating.jar/META-INF/maven/commons-logging/commons-logging/pom.xml
MD5: 976d812430b8246deeaf2ea54610f263
SHA1: 76672afb562b9e903674ad3a544cdf2092f1faa3
SHA256:d0f2e16d054e8bb97add9ca26525eb2346f692809fcd2a28787da8ceb3c35ee8

Identifiers

  • maven: commons-logging:commons-logging:1.1.1  Confidence:High

jaxb-core-2.2.11.jar (shaded: com.sun.istack:istack-commons-runtime:2.21)

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-core-2.2.11.jar/META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xml
MD5: caebf95d1d57fc0321b36137e246e192
SHA1: 04c234cf684a202c5c9bb7f0a198ba97e958f8f4
SHA256:ebe7137b5fbfd050545f9a7f3f339ae55beb0b53755071b4fd62aa024c626d1c

Identifiers

  • maven: com.sun.istack:istack-commons-runtime:2.21  Confidence:High

jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-core:2.2.11)

Description:

 JAXB Core module. Contains sources required by XJC, JXC and Runtime modules.

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-core-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/jaxb-core/pom.xml
MD5: e43898fed87ecb9838381436b212416c
SHA1: f3208abdc61be827cf28838c3881213648807821
SHA256:ec31409f203bcabf99534f59231ec0576d875d4d4b7349b09566a7a8c8179b24

Identifiers

  • maven: org.glassfish.jaxb:jaxb-core:2.2.11  Confidence:High

jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:txw2:2.2.11)

Description:

 
        TXW is a library that allows you to write XML documents.
    

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-core-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/txw2/pom.xml
MD5: 83d24d59202baf2810daa01739963822
SHA1: 4be03527dbf2428f7ea99fb9c2f50f089dffad5e
SHA256:8514cb724b4fca59a5cf272b632e539bd0a0f3cacf1844082d0a173a86406bd8

Identifiers

  • maven: org.glassfish.jaxb:txw2:2.2.11  Confidence:High

jaxb-impl-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.2.11)

Description:

 JAXB (JSR 222) Reference Implementation

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/lib/jaxb-impl-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/jaxb-runtime/pom.xml
MD5: fa2e4dc2609e6a4d96418f4ac6519e8d
SHA1: 6a1651361e4c2392aff30da0df648187f670f8cb
SHA256:e5327b31b595ab8143e97836d5ccdf85feb91e7ff5666f7b26913632facca4aa

Identifiers

  • maven: org.glassfish.jaxb:jaxb-runtime:2.2.11  Confidence:High

netty-common-4.1.7.Final.jar (shaded: io.netty:netty-common:4.1.7.Final)

File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/netty-common-4.1.7.Final.jar/META-INF/maven/io.netty/netty-common/pom.xml
MD5: 05e1b886e3e56ab83bdb8070a17cc552
SHA1: 6ec2d761bcd48fe3c6adb9e50298e666260743e5
SHA256:c1b2ae56e8e705833dfcfcad71fce12881e89b87befc0750f9660d6a3365ba90

Identifiers

  • maven: io.netty:netty-common:4.1.7.Final  Confidence:High
  • cpe: cpe:/a:netty_project:netty:4.1.7  Confidence:Low  

netty-common-4.1.7.Final.jar (shaded: org.jctools:jctools-core:1.2.1)

Description:

 Java Concurrency Tools Core Library

License:

Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /mnt/data/wastl/proj/crawler/nutch/git/trunk/build/plugins/indexer-elastic/netty-common-4.1.7.Final.jar/META-INF/maven/org.jctools/jctools-core/pom.xml
MD5: b104e807eab8c5ec728e4440814b4e86
SHA1: 890d905133422e4be5df7cffa81e7dd9c5336d7e
SHA256:12444dc7be1ea1e1b5361f4bb9fb9ae04197b64846c3ce915b363cfafbcdf8d9

Identifiers

  • maven: org.jctools:jctools-core:1.2.1  Confidence:High


This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the Node Security Platform.