diff --git a/test.json b/test.json new file mode 100644 index 00000000..53da1035 --- /dev/null +++ b/test.json @@ -0,0 +1,4597 @@ +{ + "_id": "67643203f50e5eea18b5c378", + "entityInfo": { + "_id": "sha256:f931196f4992d2e1f6d74454e26d11059835c8fd00b4a029d4ef2a8a29fc6f37", + "type": "ciImage", + "hostname": "pb0b0911817", + "scanTime": "2024-12-19T14:47:29.14Z", + "binaries": [ + { + "name": "busybox", + "path": "/bin/busybox", + "md5": "1576ce566744140ab57ddcd5917e4a63", + "version": "1.36.1", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "groups", + "path": "/bin/groups", + "md5": "801420474a900fe4db9eb0a4615ab2af", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "upperLOWER", + "path": "/lib/security/pam_filter/upperLOWER", + "md5": "2142a9d49cf832143df9937501e9c67d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "java", + "path": "/opt/java/openjdk/bin/java", + "md5": "6cb616b2fb069aec0646f1b49dc5c690", + "version": "17.0.13", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "jfr", + "path": "/opt/java/openjdk/bin/jfr", + "md5": "e1515d1682ce8e7c65e498d12598b3e3", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "jrunscript", + "path": "/opt/java/openjdk/bin/jrunscript", + "md5": "f061f8d05291cf044c91d84364c591e3", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "keytool", + "path": "/opt/java/openjdk/bin/keytool", + "md5": "8cc4803734c6a3d0ff5379c5334cdfe0", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "rmiregistry", + "path": "/opt/java/openjdk/bin/rmiregistry", + "md5": "3751a853875f40b500b0192744909634", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "jexec", + "path": "/opt/java/openjdk/lib/jexec", + "md5": "29777228843646d22bc788dd3d5f548f", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "jspawnhelper", + "path": "/opt/java/openjdk/lib/jspawnhelper", + "md5": "badcd58172a066a543c129589f93bb5e", + "cveCount": 0, + "missingPkg": true, + "fileMode": 493 + }, + { + "name": "apk", + "path": "/sbin/apk", + "md5": "cb09c38645127b1430b0090a00dfa998", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "faillock", + "path": "/sbin/faillock", + "md5": "daa2a81034b17ee9af3b706619f3c4bf", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "mkhomedir_helper", + "path": "/sbin/mkhomedir_helper", + "md5": "5af320dc590c8298d34434b447d8ff85", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "pam_timestamp_check", + "path": "/sbin/pam_timestamp_check", + "md5": "5bf6a7d72b45f028c26d9708a33d7896", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "pwhistory_helper", + "path": "/sbin/pwhistory_helper", + "md5": "8d54423afb8c56a19ef3290468b79317", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "unix_chkpwd", + "path": "/sbin/unix_chkpwd", + "md5": "aca7eee1640111fbbaa1d6beb9ce7821", + "cveCount": 0, + "fileMode": 4194797 + }, + { + "name": "unix_update", + "path": "/sbin/unix_update", + "md5": "94e6b36c0521381eedcb42438fd9fc51", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "c_rehash", + "path": "/usr/bin/c_rehash", + "md5": "95f091170064acf1bdc76825528e76ca", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "chage", + "path": "/usr/bin/chage", + "md5": "6e88a4d4cf5c119fd11fb79845c5c5d1", + "cveCount": 0, + "fileMode": 8389101 + }, + { + "name": "chfn", + "path": "/usr/bin/chfn", + "md5": "6147b178a4d8aa94c77b1fc4b412ce5e", + "cveCount": 0, + "fileMode": 8389101 + }, + { + "name": "chsh", + "path": "/usr/bin/chsh", + "md5": "e4c753e477e8d6138423e6a517e0eeb4", + "cveCount": 0, + "fileMode": 8389101 + }, + { + "name": "coreutils", + "path": "/usr/bin/coreutils", + "md5": "ed7fa3d3f7c760821727bae7f2f36e03", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "dirmngr", + "path": "/usr/bin/dirmngr", + "md5": "121407473bacea49225bd252c48c750f", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "dirmngr-client", + "path": "/usr/bin/dirmngr-client", + "md5": "6b446b53b28b2260e9f381cdbd2632c9", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "env", + "path": "/usr/bin/env", + "md5": "2af261b30378f50779f0335eed194e9c", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "expiry", + "path": "/usr/bin/expiry", + "md5": "e14222f885b182222b5ff44bfa391074", + "cveCount": 0, + "fileMode": 8389101 + }, + { + "name": "fc-cache", + "path": "/usr/bin/fc-cache", + "md5": "352d4c47904b9e7611b03e3b4250d29c", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-cat", + "path": "/usr/bin/fc-cat", + "md5": "eee660d6f9b8c79cae6142e27545007d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-conflist", + "path": "/usr/bin/fc-conflist", + "md5": "7df64e648425ab5a9c3100643d90ab19", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-list", + "path": "/usr/bin/fc-list", + "md5": "aa2a962820dbd8f67d17074da8d6d5bf", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-match", + "path": "/usr/bin/fc-match", + "md5": "5a35cbbbb4263aa29d3c59ea73603916", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-pattern", + "path": "/usr/bin/fc-pattern", + "md5": "7bbfcd743ab50ccf99ce02143a633031", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-query", + "path": "/usr/bin/fc-query", + "md5": "d779a4383f2f853aeb23df3ac6c8a525", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-scan", + "path": "/usr/bin/fc-scan", + "md5": "502c24e4863b887e1a742ff3700eecae", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fc-validate", + "path": "/usr/bin/fc-validate", + "md5": "c07b9002ae9cc226e12d6cfa55375913", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "fmt", + "path": "/usr/bin/fmt", + "md5": "a2f1b664e2610ea988fd34ce071eab20", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "getconf", + "path": "/usr/bin/getconf", + "md5": "db94f4ca57469e446ad158357cd18af4", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "getent", + "path": "/usr/bin/getent", + "md5": "c74b5e742fa7b3f29c50559d2b5318a5", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpasswd", + "path": "/usr/bin/gpasswd", + "md5": "7f48e814e98c79ce173fa5723766c94f", + "cveCount": 0, + "fileMode": 8389101 + }, + { + "name": "gpg", + "path": "/usr/bin/gpg", + "md5": "4397447b75145d283226aaa8577bb819", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-agent", + "path": "/usr/bin/gpg-agent", + "md5": "5ba4125ec8f5b3999600fcd6e7d2db6b", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-card", + "path": "/usr/bin/gpg-card", + "md5": "c6c31071c557fe749f50261b3b9e2766", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-connect-agent", + "path": "/usr/bin/gpg-connect-agent", + "md5": "ee8bed4daaa34b87698def6d9c360c7d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-error", + "path": "/usr/bin/gpg-error", + "md5": "2a14d0e6f11a9e249b6f28d255c29a92", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-wks-client", + "path": "/usr/bin/gpg-wks-client", + "md5": "0ab67bb85e5174168cc0b8529134b80b", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-wks-server", + "path": "/usr/bin/gpg-wks-server", + "md5": "befe9d9697057174a13e2bdf70c4f20d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpgconf", + "path": "/usr/bin/gpgconf", + "md5": "7ce98e7ba0822750a46aafd9dc9ace52", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpgparsemail", + "path": "/usr/bin/gpgparsemail", + "md5": "663d8453403de8a8e1bdf5dc253153ac", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpgsm", + "path": "/usr/bin/gpgsm", + "md5": "b6984ec1ab9487c57c3a734c5333a6be", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpgsplit", + "path": "/usr/bin/gpgsplit", + "md5": "98d5d0cbe991ce8ea2ad33c5d17cae41", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpgtar", + "path": "/usr/bin/gpgtar", + "md5": "dec56048ded7095198a06547116a1b8e", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpgv", + "path": "/usr/bin/gpgv", + "md5": "5a182cc1e7628044a719e53ea73353d8", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "iconv", + "path": "/usr/bin/iconv", + "md5": "0b89dd0fd22c2702f145f440b9b5c663", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "kbxutil", + "path": "/usr/bin/kbxutil", + "md5": "66ccf4e07ab8dc93e0e35ce7b1ba3efe", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "locale", + "path": "/usr/bin/locale", + "md5": "473ef4ca0a7995f263bfc5babae545e6", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "mkfontscale", + "path": "/usr/bin/mkfontscale", + "md5": "5bbac10e6f6d047c2c523724d5f4b7f4", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "openssl", + "path": "/usr/bin/openssl", + "md5": "ede8cf3216438528636c93c047a08162", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "p11-kit", + "path": "/usr/bin/p11-kit", + "md5": "426675e67d0adfca5c121ab36207426d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "passwd", + "path": "/usr/bin/passwd", + "md5": "bae2d28153b18591b32cc8f6178ec40e", + "cveCount": 0, + "fileMode": 8389101 + }, + { + "name": "pinentry-curses", + "path": "/usr/bin/pinentry-curses", + "md5": "f9a5e7c7e7761619e797adb5f0252298", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "scanelf", + "path": "/usr/bin/scanelf", + "md5": "0e409b1929f1a7cb5e80e58599926644", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "sha512sum", + "path": "/usr/bin/sha512sum", + "md5": "8c1e6062ae146d7dbddcd3c24ad72a85", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "ssl_client", + "path": "/usr/bin/ssl_client", + "md5": "581d6eb0b827b57f38ec10634bd208cb", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "trust", + "path": "/usr/bin/trust", + "md5": "acb880516d2a56cba01648efffa0f4d0", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "watchgnupg", + "path": "/usr/bin/watchgnupg", + "md5": "31f90434c9997022d5ef35825bbbcc07", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "dirmngr_ldap", + "path": "/usr/libexec/dirmngr_ldap", + "md5": "df061b589e97ccdd4493da506dec7f65", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-auth", + "path": "/usr/libexec/gpg-auth", + "md5": "84a35939b92244055e56409c456332e4", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-check-pattern", + "path": "/usr/libexec/gpg-check-pattern", + "md5": "8c53278ba839890a9f80f6b53280831a", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-pair-tool", + "path": "/usr/libexec/gpg-pair-tool", + "md5": "ce6b8e9940ac76d7f4d1d2dcb41daf0f", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-preset-passphrase", + "path": "/usr/libexec/gpg-preset-passphrase", + "md5": "482535dcaba0707adb7b73fee17d6e9d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "gpg-protect-tool", + "path": "/usr/libexec/gpg-protect-tool", + "md5": "3ffc935f8825c63daf4038c61d42a6cf", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "keyboxd", + "path": "/usr/libexec/keyboxd", + "md5": "9750ad67c838ebf5883eb7d8c618f55c", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "p11-kit-remote", + "path": "/usr/libexec/p11-kit/p11-kit-remote", + "md5": "5983d91a27a802221ceeb2447cd8dc83", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "chgpasswd", + "path": "/usr/sbin/chgpasswd", + "md5": "f9b51f0d3613ab4af65e2944670b98f2", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "chpasswd", + "path": "/usr/sbin/chpasswd", + "md5": "a95d4706a0678c63747b91647c5e18c2", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "groupadd", + "path": "/usr/sbin/groupadd", + "md5": "cb73cf282d3326401de297290f729d67", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "groupdel", + "path": "/usr/sbin/groupdel", + "md5": "d8c08c5bf1380cc68014211e4241a1d8", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "groupmems", + "path": "/usr/sbin/groupmems", + "md5": "b771b5e445ebc9fb9e597e1f98e45268", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "groupmod", + "path": "/usr/sbin/groupmod", + "md5": "b0aae65308f6a64c96cc075fd37c751e", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "grpck", + "path": "/usr/sbin/grpck", + "md5": "edfa89fc2a5d0cc53dd9a32e22ee22f0", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "logoutd", + "path": "/usr/sbin/logoutd", + "md5": "1eb983c570d25a52eba75b74c4ec3d78", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "newusers", + "path": "/usr/sbin/newusers", + "md5": "7b4388d9ca8317f60f6c0776a2c75726", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "pwck", + "path": "/usr/sbin/pwck", + "md5": "1837b2ced5f6695134f23de691c52e53", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "update-ca-certificates", + "path": "/usr/sbin/update-ca-certificates", + "md5": "d5b817721ddd43ba6b1aac0e1ec0c096", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "useradd", + "path": "/usr/sbin/useradd", + "md5": "c781941bc28a21496ed74e35c1fff03c", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "userdel", + "path": "/usr/sbin/userdel", + "md5": "bdd20372902305faf6c178faa9a87961", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "usermod", + "path": "/usr/sbin/usermod", + "md5": "346ea74cf73869d4fd36d308f882d62d", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "vipw", + "path": "/usr/sbin/vipw", + "md5": "a44b05ebd15040aaae6e34d79dc0d52f", + "cveCount": 0, + "fileMode": 493 + } + ], + "Secrets": [], + "startupBinaries": [ + { + "name": "coreutils", + "path": "/usr/bin/coreutils", + "md5": "ed7fa3d3f7c760821727bae7f2f36e03", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "openssl", + "path": "/usr/bin/openssl", + "md5": "ede8cf3216438528636c93c047a08162", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "java", + "path": "/opt/java/openjdk/bin/java", + "md5": "6cb616b2fb069aec0646f1b49dc5c690", + "cveCount": 0, + "fileMode": 493 + }, + { + "name": "busybox", + "path": "/bin/busybox", + "md5": "1576ce566744140ab57ddcd5917e4a63", + "cveCount": 0, + "fileMode": 493 + } + ], + "osDistro": "alpine", + "osDistroVersion": "3.20.3", + "osDistroRelease": "3.20.3", + "distro": "Alpine Linux v3.20", + "packages": [ + { + "pkgsType": "package", + "pkgs": [ + { + "version": "1.3.1-r1", + "name": "zlib", + "cveCount": 183, + "license": "Zlib", + "layerTime": 1734619576, + "purl": "pkg:apk/alpine/zlib@1.3.1-r1", + "author": "Natanael Copa " + }, + { + "version": "2024b-r0", + "name": "tzdata", + "cveCount": 0, + "license": "Public-Domain", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/tzdata@2024b-r0", + "author": "Natanael Copa " + }, + { + "version": "2.14.1.1-r0", + "name": "skalibs", + "cveCount": 0, + "license": "ISC", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/skalibs@2.14.1.1-r0", + "author": "Laurent Bercot " + }, + { + "version": "4.15.1-r0", + "name": "shadow", + "cveCount": 151, + "license": "BSD-3-Clause", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/shadow@4.15.1-r0", + "author": "Stuart Cardall " + }, + { + "version": "1.3.0-r0", + "name": "pinentry", + "cveCount": 0, + "license": "GPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/pinentry@1.3.0-r0", + "author": "Natanael Copa " + }, + { + "version": "1.6-r4", + "name": "npth", + "cveCount": 0, + "license": "LGPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/npth@1.6-r4", + "author": "Natanael Copa " + }, + { + "version": "3.9.1-r0", + "name": "nettle", + "cveCount": 121, + "license": "GPL-2.0-or-later OR LGPL-3.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/nettle@3.9.1-r0", + "author": "Fabian Affolter " + }, + { + "version": "1.2.3-r2", + "name": "musl-obstack", + "cveCount": 0, + "license": "GPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/musl-obstack@1.2.3-r2", + "author": "Natanael Copa " + }, + { + "version": "1.2.2-r6", + "name": "mkfontscale", + "cveCount": 0, + "license": "MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/mkfontscale@1.2.2-r6", + "author": "Natanael Copa " + }, + { + "version": "1.6.0-r0", + "name": "linux-pam", + "cveCount": 42, + "license": "BSD-3-Clause", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/linux-pam@1.6.0-r0", + "author": "Natanael Copa " + }, + { + "version": "1.2-r0", + "name": "libunistring", + "cveCount": 0, + "license": "GPL-2.0-or-later OR LGPL-3.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libunistring@1.2-r0", + "author": "Natanael Copa " + }, + { + "version": "1.2-r3", + "name": "libucontext", + "cveCount": 0, + "license": "ISC", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libucontext@1.2-r3", + "author": "Ariadne Conill " + }, + { + "version": "4.19.0-r2", + "name": "libtasn1", + "cveCount": 127, + "license": "LGPL-2.1-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libtasn1@4.19.0-r2", + "author": "Natanael Copa " + }, + { + "version": "1.6.44-r0", + "name": "libpng", + "cveCount": 88, + "license": "Libpng", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libpng@1.6.44-r0", + "author": "Natanael Copa " + }, + { + "version": "1.1.0-r0", + "name": "libmd", + "cveCount": 0, + "license": "BSD-3-Clause AND BSD-2-Clause AND ISC AND Beerware AND Public Domain", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libmd@1.1.0-r0", + "author": "omni " + }, + { + "version": "1.6.6-r0", + "name": "libksba", + "cveCount": 171, + "license": "LGPL-3.0-only AND GPL-2.0-only AND GPL-3.0-only", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libksba@1.6.6-r0", + "author": "Natanael Copa " + }, + { + "version": "2.3.7-r0", + "name": "libidn2", + "cveCount": 34, + "license": "GPL-2.0-or-later OR LGPL-3.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libidn2@2.3.7-r0", + "author": "Natanael Copa " + }, + { + "version": "1.49-r0", + "name": "libgpg-error", + "cveCount": 0, + "license": "GPL-2.0-or-later AND LGPL-2.1-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libgpg-error@1.49-r0", + "author": "Natanael Copa " + }, + { + "version": "1.10.3-r0", + "name": "libgcrypt", + "cveCount": 105, + "license": "LGPL-2.1-or-later AND GPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libgcrypt@1.10.3-r0", + "author": "Natanael Copa " + }, + { + "version": "1.1.8-r0", + "name": "libfontenc", + "cveCount": 9, + "license": "MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libfontenc@1.1.8-r0", + "author": "Natanael Copa " + }, + { + "version": "3.4.6-r0", + "name": "libffi", + "cveCount": 4, + "license": "MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libffi@3.4.6-r0", + "author": "Natanael Copa " + }, + { + "version": "0.12.2-r0", + "name": "libbsd", + "cveCount": 25, + "license": "BSD-3-Clause", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libbsd@0.12.2-r0", + "author": "Natanael Copa " + }, + { + "version": "2.5.7-r0", + "name": "libassuan", + "cveCount": 0, + "license": "LGPL-2.1-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/libassuan@2.5.7-r0", + "author": "Natanael Copa " + }, + { + "version": "3.8.5-r0", + "name": "gnutls", + "cveCount": 464, + "license": "LGPL-2.1-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/gnutls@3.8.5-r0", + "author": "Natanael Copa " + }, + { + "version": "6.3.0-r1", + "name": "gmp", + "cveCount": 41, + "license": "LGPL-3.0-or-later OR GPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/gmp@6.3.0-r1", + "author": "Natanael Copa " + }, + { + "version": "1.23-r1", + "name": "gdbm", + "cveCount": 0, + "license": "GPL-3.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/gdbm@1.23-r1", + "author": "Natanael Copa " + }, + { + "version": "1.1.0-r4", + "name": "gcompat", + "cveCount": 0, + "license": "NCSA", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/gcompat@1.1.0-r4", + "author": "Peter Shkenev " + }, + { + "version": "2.13.2-r0", + "name": "freetype", + "cveCount": 628, + "license": "FTL OR GPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/freetype@2.13.2-r0", + "author": "Carlo Landmeter " + }, + { + "version": "2.15.0-r1", + "name": "fontconfig", + "cveCount": 45, + "license": "MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/fontconfig@2.15.0-r1", + "author": "Natanael Copa " + }, + { + "version": "2.37-r5", + "name": "font-dejavu", + "cveCount": 0, + "license": "Bitstream-Vera", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/font-dejavu@2.37-r5", + "author": "Natanael Copa " + }, + { + "version": "1.0.7-r1", + "name": "encodings", + "cveCount": 0, + "license": "Public Domain", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/encodings@1.0.7-r1", + "author": "Natanael Copa " + }, + { + "version": "2.14.4-r1", + "name": "apk-tools", + "cveCount": 35, + "license": "GPL-2.0-only", + "layerTime": 1725624336, + "purl": "pkg:apk/alpine/apk-tools@2.14.4-r1", + "author": "Natanael Copa " + }, + { + "version": "2.4-r1", + "name": "alpine-keys", + "cveCount": 0, + "license": "MIT", + "layerTime": 1725624336, + "purl": "pkg:apk/alpine/alpine-keys@2.4-r1", + "author": "Natanael Copa " + }, + { + "version": "3.45.3-r1", + "name": "sqlite", + "binaryPkgs": [ + "sqlite-libs" + ], + "cveCount": 457, + "license": "blessing", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/sqlite@3.45.3-r1", + "author": "Celeste " + }, + { + "version": "1.3.7-r2", + "name": "pax-utils", + "binaryPkgs": [ + "scanelf" + ], + "cveCount": 0, + "license": "GPL-2.0-only", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/pax-utils@1.3.7-r2", + "author": "Natanael Copa " + }, + { + "version": "3.3.2-r1", + "name": "openssl", + "binaryPkgs": [ + "libssl3", + "libcrypto3", + "openssl" + ], + "cveCount": 3696, + "license": "Apache-2.0", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/openssl@3.3.2-r1", + "author": "Natanael Copa " + }, + { + "version": "0.1.2.2-r1", + "name": "utmps", + "binaryPkgs": [ + "utmps-libs" + ], + "cveCount": 0, + "license": "ISC", + "layerTime": 1734619576, + "purl": "pkg:apk/alpine/utmps@0.1.2.2-r1", + "author": "Laurent Bercot " + }, + { + "version": "2.6.8-r0", + "name": "openldap", + "binaryPkgs": [ + "libldap" + ], + "cveCount": 774, + "license": "OLDAP-2.8", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/openldap@2.6.8-r0", + "author": "Natanael Copa " + }, + { + "version": "2.6.4-r0", + "name": "expat", + "binaryPkgs": [ + "libexpat" + ], + "cveCount": 1035, + "license": "MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/expat@2.6.4-r0", + "author": "Carlo Landmeter " + }, + { + "version": "1.0.8-r6", + "name": "bzip2", + "binaryPkgs": [ + "libbz2" + ], + "cveCount": 78, + "license": "bzip2-1.0.6", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/bzip2@1.0.8-r6", + "author": "Natanael Copa " + }, + { + "version": "9.5-r1", + "name": "coreutils", + "binaryPkgs": [ + "coreutils-sha512sum", + "coreutils-fmt", + "coreutils-env", + "coreutils" + ], + "cveCount": 91, + "license": "GPL-3.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/coreutils@9.5-r1", + "author": "Natanael Copa " + }, + { + "version": "1.36.1-r29", + "name": "busybox", + "binaryPkgs": [ + "ssl_client", + "busybox-binsh", + "busybox" + ], + "cveCount": 593, + "license": "GPL-2.0-only", + "layerTime": 1725624336, + "purl": "pkg:apk/alpine/busybox@1.36.1-r29", + "author": "S\u00f6ren Tempel " + }, + { + "version": "0.25.3-r0", + "name": "p11-kit", + "binaryPkgs": [ + "p11-kit-trust", + "p11-kit" + ], + "cveCount": 79, + "license": "BSD-3-Clause", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/p11-kit@0.25.3-r0", + "author": "Fabian Affolter " + }, + { + "version": "6.4_p20240420-r2", + "name": "ncurses", + "binaryPkgs": [ + "ncurses-terminfo-base", + "libncursesw" + ], + "cveCount": 417, + "license": "X11", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/ncurses@6.4_p20240420-r2", + "author": "Natanael Copa " + }, + { + "version": "1.2.5-r0", + "name": "musl", + "binaryPkgs": [ + "musl-utils", + "musl" + ], + "cveCount": 83, + "license": "MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/musl@1.2.5-r0", + "author": "Natanael Copa " + }, + { + "version": "2.1.28-r6", + "name": "cyrus-sasl", + "binaryPkgs": [ + "libsasl" + ], + "cveCount": 87, + "license": "BSD-3-Clause-Attribution AND BSD-4-Clause", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/cyrus-sasl@2.1.28-r6", + "author": "Natanael Copa " + }, + { + "version": "0.22.5-r0", + "name": "gettext", + "binaryPkgs": [ + "libintl" + ], + "cveCount": 33, + "license": "LGPL-2.1-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/gettext@0.22.5-r0", + "author": "Carlo Landmeter " + }, + { + "version": "2.5.2-r0", + "name": "attr", + "binaryPkgs": [ + "libattr" + ], + "cveCount": 0, + "license": "LGPL-2.1-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/attr@2.5.2-r0", + "author": "Natanael Copa " + }, + { + "version": "20240705-r0", + "name": "ca-certificates", + "binaryPkgs": [ + "ca-certificates-bundle", + "ca-certificates" + ], + "cveCount": 23, + "license": "MPL-2.0 AND MIT", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/ca-certificates@20240705-r0", + "author": "Natanael Copa " + }, + { + "version": "1.1.0-r2", + "name": "brotli", + "binaryPkgs": [ + "brotli-libs" + ], + "cveCount": 30, + "license": "MIT", + "layerTime": 1725624336, + "purl": "pkg:apk/alpine/brotli@1.1.0-r2", + "author": "prspkt " + }, + { + "version": "0.1.0-r1", + "name": "musl-locales", + "binaryPkgs": [ + "musl-locales-lang", + "musl-locales" + ], + "cveCount": 0, + "license": "LGPL-3.0-only", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/musl-locales@0.1.0-r1", + "author": "TBK " + }, + { + "version": "2.3.2-r0", + "name": "acl", + "binaryPkgs": [ + "libacl" + ], + "cveCount": 4, + "license": "LGPL-2.1-or-later AND GPL-2.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/acl@2.3.2-r0", + "author": "Natanael Copa " + }, + { + "version": "2.4.5-r0", + "name": "gnupg", + "binaryPkgs": [ + "gpgv", + "gpgsm", + "gpg-wks-server", + "gpg-agent", + "gpg", + "gnupg-wks-client", + "gnupg-utils", + "gnupg-keyboxd", + "gnupg-gpgconf", + "gnupg-dirmngr" + ], + "cveCount": 79, + "license": "GPL-3.0-or-later", + "layerTime": 1734468953, + "purl": "pkg:apk/alpine/gnupg@2.4.5-r0", + "author": "Natanael Copa " + }, + { + "version": "3.6.5-r0", + "name": "alpine-baselayout", + "binaryPkgs": [ + "alpine-baselayout-data", + "alpine-baselayout" + ], + "cveCount": 0, + "license": "GPL-2.0-only", + "layerTime": 1725624336, + "purl": "pkg:apk/alpine/alpine-baselayout@3.6.5-r0", + "author": "Natanael Copa " + } + ] + }, + { + "pkgsType": "jar", + "pkgs": [ + { + "version": "1.0-1", + "name": "com.github.stephenc.jcip_jcip-annotations", + "path": "/home/appuser/ms_extractor.jar/nimbus-jose-jwt-9.40.jar", + "cveCount": 0, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.github.stephenc.jcip/jcip-annotations@1.0-1" + }, + { + "version": "2.2.0", + "name": "resilience4j-retry", + "path": "/home/appuser/ms_extractor.jar/resilience4j-retry-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-retry@2.2.0" + }, + { + "version": "2.0.13", + "name": "org.slf4j_jul-to-slf4j", + "path": "/home/appuser/ms_extractor.jar/jul-to-slf4j-2.0.13.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.slf4j/jul-to-slf4j@2.0.13" + }, + { + "version": "6.1.6", + "name": "org.springframework_spring-r2dbc", + "path": "/home/appuser/ms_extractor.jar/spring-r2dbc-6.1.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework/spring-r2dbc@6.1.6" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-serialization-json", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-serialization-json-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-serialization-json@1.5.0" + }, + { + "version": "2.1", + "name": "com.ongres.scram_common", + "path": "/home/appuser/ms_extractor.jar/common-2.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.ongres.scram/common@2.1" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-serialization-multipart", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-serialization-multipart-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-serialization-multipart@1.5.0" + }, + { + "version": "1.0.1.RELEASE", + "name": "io.r2dbc_r2dbc-pool", + "path": "/home/appuser/ms_extractor.jar/r2dbc-pool-1.0.1.RELEASE.jar", + "cveCount": 0, + "license": "Apache License 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/io.r2dbc/r2dbc-pool@1.0.1.RELEASE" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_apache-client", + "path": "/home/appuser/ms_extractor.jar/apache-client-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/apache-client@2.23.8" + }, + { + "version": "1.2.1", + "name": "hadoop-core", + "path": "/home/appuser/ms_extractor.jar/hadoop-core-1.2.1.jar", + "cveCount": 12, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Apache", + "purl": "pkg:maven/hadoop-core@1.2.1" + }, + { + "version": "3.1", + "name": "org.apache_commons-httpclient", + "path": "/home/appuser/ms_extractor.jar/commons-httpclient-3.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache/commons-httpclient@3.1" + }, + { + "version": "1.7.1", + "name": "jackson-xc", + "path": "/home/appuser/ms_extractor.jar/jackson-xc-1.7.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "http://fasterxml.com", + "purl": "pkg:maven/jackson-xc@1.7.1" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_aws-query-protocol", + "path": "/home/appuser/ms_extractor.jar/aws-query-protocol-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/aws-query-protocol@2.23.8" + }, + { + "version": "2.3", + "name": "com.nimbusds_content-type", + "path": "/home/appuser/ms_extractor.jar/content-type-2.3.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.nimbusds/content-type@2.3" + }, + { + "version": "3.2.5", + "name": "org.springframework.data_spring-data-r2dbc", + "path": "/home/appuser/ms_extractor.jar/spring-data-r2dbc-3.2.5.jar", + "cveCount": 0, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework.data/spring-data-r2dbc@3.2.5" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_aws-json-protocol", + "path": "/home/appuser/ms_extractor.jar/aws-json-protocol-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/aws-json-protocol@2.23.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_http-client-spi", + "path": "/home/appuser/ms_extractor.jar/http-client-spi-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/http-client-spi@2.23.8" + }, + { + "version": "2.10.1", + "name": "com.google.code.gson_gson", + "path": "/home/appuser/ms_extractor.jar/gson-2.10.1.jar", + "cveCount": 1, + "license": "Apache-2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.google.code.gson/gson@2.10.1" + }, + { + "version": "2.2.0", + "name": "resilience4j-framework-common", + "path": "/home/appuser/ms_extractor.jar/resilience4j-framework-common-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-framework-common@2.2.0" + }, + { + "version": "1.16.1", + "name": "commons-codec_commons-codec", + "path": "/home/appuser/ms_extractor.jar/commons-codec-1.16.1.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-codec/commons-codec@1.16.1" + }, + { + "version": "1.11.0", + "name": "org.apache.commons_commons-text", + "path": "/home/appuser/ms_extractor.jar/commons-text-1.11.0.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.commons/commons-text@1.11.0" + }, + { + "version": "2.4", + "name": "commons-lang_commons-lang", + "path": "/home/appuser/ms_extractor.jar/commons-lang-2.4.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-lang/commons-lang@2.4" + }, + { + "version": "3.1", + "name": "asm_asm", + "path": "/home/appuser/ms_extractor.jar/asm-3.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/asm/asm@3.1" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_aws-core", + "path": "/home/appuser/ms_extractor.jar/aws-core-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/aws-core@2.23.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_checksums-spi", + "path": "/home/appuser/ms_extractor.jar/checksums-spi-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/checksums-spi@2.23.8" + }, + { + "version": "0.16", + "name": "net.openhft_zero-allocation-hashing", + "path": "/home/appuser/ms_extractor.jar/parquet-column-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/net.openhft/zero-allocation-hashing@0.16" + }, + { + "version": "2.2.0", + "name": "resilience4j-reactor", + "path": "/home/appuser/ms_extractor.jar/resilience4j-reactor-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-reactor@2.2.0" + }, + { + "version": "6.1.6", + "name": "spring-webflux", + "path": "/home/appuser/ms_extractor.jar/spring-webflux-6.1.6.jar", + "cveCount": 4, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "spring-webflux", + "purl": "pkg:maven/spring-webflux@6.1.6" + }, + { + "version": "2.0.8", + "name": "org.apache.oro_oro", + "path": "/home/appuser/ms_extractor.jar/oro-2.0.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.oro/oro@2.0.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_identity-spi", + "path": "/home/appuser/ms_extractor.jar/identity-spi-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/identity-spi@2.23.8" + }, + { + "version": "2.0.65.Final", + "name": "io.netty_netty-tcnative-boringssl-static", + "path": "/home/appuser/ms_extractor.jar/netty-tcnative-boringssl-static-2.0.65.Final.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-tcnative-boringssl-static@2.0.65.Final" + }, + { + "version": "3.2.5", + "name": "org.springframework.data_spring-data-commons", + "path": "/home/appuser/ms_extractor.jar/spring-data-commons-3.2.5.jar", + "cveCount": 3, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework.data/spring-data-commons@3.2.5" + }, + { + "version": "4.4.16", + "name": "org.apache.httpcomponents_httpcore", + "path": "/home/appuser/ms_extractor.jar/httpcore-4.4.16.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.httpcomponents/httpcore@4.4.16" + }, + { + "version": "1.4.14", + "name": "ch.qos.logback_logback-core", + "path": "/home/appuser/ms_extractor.jar/logback-core-1.4.14.jar", + "cveCount": 4, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/ch.qos.logback/logback-core@1.4.14" + }, + { + "version": "2.1", + "name": "com.ongres.scram_client", + "path": "/home/appuser/ms_extractor.jar/client-2.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.ongres.scram/client@2.1" + }, + { + "version": "0.52", + "name": "xmlenc", + "path": "/home/appuser/ms_extractor.jar/xmlenc-0.52.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Ernst de Haan", + "purl": "pkg:maven/xmlenc@0.52" + }, + { + "version": "4.0.5", + "name": "org.glassfish.jaxb_txw2", + "path": "/home/appuser/ms_extractor.jar/jaxb-core-4.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.glassfish.jaxb/txw2@4.0.5" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-transport", + "path": "/home/appuser/ms_extractor.jar/netty-transport-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-transport@4.1.109.Final" + }, + { + "version": "2.2.0", + "name": "resilience4j-micrometer", + "path": "/home/appuser/ms_extractor.jar/resilience4j-micrometer-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-micrometer@2.2.0" + }, + { + "version": "1.8.0", + "name": "org.apache_commons-beanutils-core", + "path": "/home/appuser/ms_extractor.jar/commons-beanutils-core-1.8.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache/commons-beanutils-core@1.8.0" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_protocol-core", + "path": "/home/appuser/ms_extractor.jar/protocol-core-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/protocol-core@2.23.8" + }, + { + "version": "1.12.5", + "name": "io.micrometer_micrometer-commons", + "path": "/home/appuser/ms_extractor.jar/micrometer-commons-1.12.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.micrometer/micrometer-commons@1.12.5" + }, + { + "version": "4.0.5", + "name": "com.sun.xml.bind_jaxb-core", + "path": "/home/appuser/ms_extractor.jar/jaxb-core-4.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.sun.xml.bind/jaxb-core@4.0.5" + }, + { + "version": "6.1.6", + "name": "spring-aop", + "path": "/home/appuser/ms_extractor.jar/spring-aop-6.1.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "spring-aop", + "purl": "pkg:maven/spring-aop@6.1.6" + }, + { + "version": "9.6", + "name": "org.ow2.asm_asm", + "path": "/home/appuser/ms_extractor.jar/asm-9.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.ow2.asm/asm@9.6" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_netty-nio-client", + "path": "/home/appuser/ms_extractor.jar/netty-nio-client-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/netty-nio-client@2.23.8" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-codec-socks", + "path": "/home/appuser/ms_extractor.jar/netty-codec-socks-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-codec-socks@4.1.109.Final" + }, + { + "version": "2.5.1", + "name": "net.minidev_json-smart", + "path": "/home/appuser/ms_extractor.jar/json-smart-2.5.1.jar", + "cveCount": 3, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/net.minidev/json-smart@2.5.1" + }, + { + "version": "3.6.5", + "name": "io.projectreactor_reactor-core", + "path": "/home/appuser/ms_extractor.jar/reactor-core-3.6.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.projectreactor/reactor-core@3.6.5" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-transport-native-unix-common", + "path": "/home/appuser/ms_extractor.jar/netty-transport-native-unix-common-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-transport-native-unix-common@4.1.109.Final" + }, + { + "version": "1.4.14", + "name": "ch.qos.logback_logback-classic", + "path": "/home/appuser/ms_extractor.jar/logback-classic-1.4.14.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/ch.qos.logback/logback-classic@1.4.14" + }, + { + "version": "1.0.1", + "name": "software.amazon.eventstream_eventstream", + "path": "/home/appuser/ms_extractor.jar/eventstream-1.0.1.jar", + "cveCount": 0, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.eventstream/eventstream@1.0.1" + }, + { + "version": "2.11.0", + "name": "com.google.code.gson_gson", + "path": "/home/appuser/ms_extractor.jar/nimbus-jose-jwt-9.40.jar", + "cveCount": 1, + "license": "Apache-2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.google.code.gson/gson@2.11.0" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_http-auth", + "path": "/home/appuser/ms_extractor.jar/http-auth-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/http-auth@2.23.8" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-codec-http2", + "path": "/home/appuser/ms_extractor.jar/netty-codec-http2-4.1.109.Final.jar", + "cveCount": 4, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-codec-http2@4.1.109.Final" + }, + { + "version": "1.14.1", + "name": "org.apache.parquet_parquet-common", + "path": "/home/appuser/ms_extractor.jar/parquet-common-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.parquet/parquet-common@1.14.1" + }, + { + "version": "3.3.0", + "name": "microsoft-graph-core", + "path": "/home/appuser/ms_extractor.jar/microsoft-graph-core-3.3.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-graph-core@3.3.0" + }, + { + "version": "1.12.5", + "name": "io.micrometer_micrometer-core", + "path": "/home/appuser/ms_extractor.jar/micrometer-core-1.12.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.micrometer/micrometer-core@1.12.5" + }, + { + "version": "1.8.8", + "name": "jackson-mapper-asl", + "path": "/home/appuser/ms_extractor.jar/jackson-mapper-asl-1.8.8.jar", + "cveCount": 4, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "http://fasterxml.com", + "purl": "pkg:maven/jackson-mapper-asl@1.8.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_sdk-core", + "path": "/home/appuser/ms_extractor.jar/sdk-core-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/sdk-core@2.23.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_crt-core", + "path": "/home/appuser/ms_extractor.jar/crt-core-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/crt-core@2.23.8" + }, + { + "version": "2.17.0", + "name": "com.fasterxml.jackson.core_jackson-core", + "path": "/home/appuser/ms_extractor.jar/parquet-jackson-1.14.1.jar", + "cveCount": 3, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.17.0" + }, + { + "version": "2.1", + "name": "org.apache.commons_commons-math", + "path": "/home/appuser/ms_extractor.jar/commons-math-2.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.commons/commons-math@2.1" + }, + { + "version": "1.12.5", + "name": "io.micrometer_micrometer-observation", + "path": "/home/appuser/ms_extractor.jar/micrometer-observation-1.12.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.micrometer/micrometer-observation@1.12.5" + }, + { + "version": "4.0.5", + "name": "org.glassfish.jaxb_jaxb-core", + "path": "/home/appuser/ms_extractor.jar/jaxb-core-4.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.glassfish.jaxb/jaxb-core@4.0.5" + }, + { + "version": "2.1", + "name": "commons-io_commons-io", + "path": "/home/appuser/ms_extractor.jar/commons-io-2.1.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-io/commons-io@2.1" + }, + { + "version": "1.0.5", + "name": "reactor-pool", + "path": "/home/appuser/ms_extractor.jar/reactor-pool-1.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "io.projectreactor.addons.reactor-pool", + "purl": "pkg:maven/reactor-pool@1.0.5" + }, + { + "version": "5.9", + "name": "com.opencsv_opencsv", + "path": "/home/appuser/ms_extractor.jar/opencsv-5.9.jar", + "cveCount": 0, + "license": "Apache 2", + "layerTime": 1734619572, + "purl": "pkg:maven/com.opencsv/opencsv@5.9" + }, + { + "version": "3.37.0", + "name": "checker-qual", + "path": "/home/appuser/ms_extractor.jar/checker-qual-3.37.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "checker-qual", + "purl": "pkg:maven/checker-qual@3.37.0" + }, + { + "version": "1.15.4", + "name": "com.azure_azure-core-http-netty", + "path": "/home/appuser/ms_extractor.jar/azure-core-http-netty-1.15.4.jar", + "cveCount": 0, + "license": "The MIT License (MIT)", + "layerTime": 1734619572, + "purl": "pkg:maven/com.azure/azure-core-http-netty@1.15.4" + }, + { + "version": "6.1.14", + "name": "org.mortbay.jetty_servlet-api-2.5", + "path": "/home/appuser/ms_extractor.jar/servlet-api-2.5-6.1.14.jar", + "cveCount": 0, + "license": "CDDL 1.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.mortbay.jetty/servlet-api-2.5@6.1.14" + }, + { + "version": "3.5.1", + "name": "reactor-extra", + "path": "/home/appuser/ms_extractor.jar/reactor-extra-3.5.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "io.projectreactor.addons.reactor-extra", + "purl": "pkg:maven/reactor-extra@3.5.1" + }, + { + "version": "6.17.0", + "name": "microsoft-graph", + "path": "/home/appuser/ms_extractor.jar/microsoft-graph-6.17.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-graph@6.17.0" + }, + { + "version": "1.0.5.RELEASE", + "name": "org.postgresql_r2dbc-postgresql", + "path": "/home/appuser/ms_extractor.jar/r2dbc-postgresql-1.0.5.RELEASE.jar", + "cveCount": 0, + "license": "Apache License 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.postgresql/r2dbc-postgresql@1.0.5.RELEASE" + }, + { + "version": "1.14.1", + "name": "org.apache.parquet_parquet-hadoop", + "path": "/home/appuser/ms_extractor.jar/parquet-hadoop-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.parquet/parquet-hadoop@1.14.1" + }, + { + "version": "2.0.13", + "name": "org.slf4j_slf4j-api", + "path": "/home/appuser/ms_extractor.jar/slf4j-api-2.0.13.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.slf4j/slf4j-api@2.0.13" + }, + { + "version": "1.9.4", + "name": "commons-beanutils_commons-beanutils", + "path": "/home/appuser/ms_extractor.jar/commons-beanutils-1.9.4.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-beanutils/commons-beanutils@1.9.4" + }, + { + "version": "2.23.8", + "name": "third-party-jackson-core", + "path": "/home/appuser/ms_extractor.jar/third-party-jackson-core-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/third-party-jackson-core@2.23.8" + }, + { + "version": "2.1", + "name": "angus-activation", + "path": "/home/appuser/ms_extractor.jar/angus-activation-2.0.2.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Eclipse Foundation", + "purl": "pkg:maven/angus-activation@2.1" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-handler", + "path": "/home/appuser/ms_extractor.jar/netty-handler-4.1.109.Final.jar", + "cveCount": 5, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-handler@4.1.109.Final" + }, + { + "version": "1.14.1", + "name": "org.apache.parquet_parquet-format-structures", + "path": "/home/appuser/ms_extractor.jar/parquet-format-structures-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.parquet/parquet-format-structures@1.14.1" + }, + { + "version": "3.2.2", + "name": "commons-collections_commons-collections", + "path": "/home/appuser/ms_extractor.jar/commons-collections-3.2.2.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-collections/commons-collections@3.2.2" + }, + { + "version": "1.9.23-release-779", + "name": "kotlin-stdlib-jdk7", + "path": "/home/appuser/ms_extractor.jar/kotlin-stdlib-jdk7-1.9.23.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "JetBrains", + "purl": "pkg:maven/kotlin-stdlib-jdk7@1.9.23-release-779" + }, + { + "version": "1.31.0", + "name": "opentelemetry-api", + "path": "/home/appuser/ms_extractor.jar/opentelemetry-api-1.31.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "all", + "purl": "pkg:maven/opentelemetry-api@1.31.0" + }, + { + "version": "6.1.6", + "name": "org.springframework_spring-core", + "path": "/home/appuser/ms_extractor.jar/spring-core-6.1.6.jar", + "cveCount": 35, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework/spring-core@6.1.6" + }, + { + "version": "2.15.4", + "name": "com.fasterxml.jackson.core_jackson-databind", + "path": "/home/appuser/ms_extractor.jar/jackson-databind-2.15.4.jar", + "cveCount": 69, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.15.4" + }, + { + "version": "2.0.65.Final", + "name": "io.netty_netty-tcnative-classes", + "path": "/home/appuser/ms_extractor.jar/netty-tcnative-classes-2.0.65.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-tcnative-classes@2.0.65.Final" + }, + { + "version": "4.6", + "name": "com.github.jsqlparser_jsqlparser", + "path": "/home/appuser/ms_extractor.jar/jsqlparser-4.6.jar", + "cveCount": 0, + "license": "GNU Library or Lesser General Public License (LGPL) V2.1", + "layerTime": 1734619572, + "purl": "pkg:maven/com.github.jsqlparser/jsqlparser@4.6" + }, + { + "version": "3.2.5", + "name": "spring-boot-actuator", + "path": "/home/appuser/ms_extractor.jar/spring-boot-actuator-3.2.5.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Spring Boot Actuator", + "purl": "pkg:maven/spring-boot-actuator@3.2.5" + }, + { + "version": "2.2.0", + "name": "resilience4j-circularbuffer", + "path": "/home/appuser/ms_extractor.jar/resilience4j-circularbuffer-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-circularbuffer@2.2.0" + }, + { + "version": "1.14.1", + "name": "org.apache.parquet_parquet-jackson", + "path": "/home/appuser/ms_extractor.jar/parquet-jackson-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.parquet/parquet-jackson@1.14.1" + }, + { + "version": "2.21.1", + "name": "com.google.errorprone_error_prone_annotations", + "path": "/home/appuser/ms_extractor.jar/error_prone_annotations-2.21.1.jar", + "cveCount": 0, + "license": "Apache 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.google.errorprone/error/prone/annotations@2.21.1" + }, + { + "version": "1.9.23-release-779", + "name": "kotlin-stdlib", + "path": "/home/appuser/ms_extractor.jar/kotlin-stdlib-1.9.23.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "JetBrains", + "purl": "pkg:maven/kotlin-stdlib@1.9.23-release-779" + }, + { + "version": "6.1.14", + "name": "jsp", + "path": "/home/appuser/ms_extractor.jar/jsp-2.1-6.1.14.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Mort Bay Consulting", + "purl": "pkg:maven/jsp@6.1.14" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-transport-classes-epoll", + "path": "/home/appuser/ms_extractor.jar/netty-transport-classes-epoll-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-transport-classes-epoll@4.1.109.Final" + }, + { + "version": "1.1.3", + "name": "org.modelmapper_modelmapper", + "path": "/home/appuser/ms_extractor.jar/modelmapper-1.1.3.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.modelmapper/modelmapper@1.1.3" + }, + { + "version": "1.6", + "name": "commons-configuration_commons-configuration", + "path": "/home/appuser/ms_extractor.jar/commons-configuration-1.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-configuration/commons-configuration@1.6" + }, + { + "version": "2.5-20081211", + "name": "org.mortbay.jetty_servlet-api", + "path": "/home/appuser/ms_extractor.jar/servlet-api-2.5-20081211.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.mortbay.jetty/servlet-api@2.5-20081211" + }, + { + "version": "4.12.0", + "name": "okhttp", + "path": "/home/appuser/ms_extractor.jar/okhttp-4.12.0.jar", + "cveCount": 12, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/okhttp@4.12.0" + }, + { + "version": "0.6.1", + "name": "jets3t", + "path": "/home/appuser/ms_extractor.jar/jets3t-0.6.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "1.4.2-86 (\"Apple Computer, Inc.\")", + "purl": "pkg:maven/jets3t@0.6.1" + }, + { + "version": "5.13.0", + "name": "net.java.dev.jna_jna-platform", + "path": "/home/appuser/ms_extractor.jar/jna-platform-5.13.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/net.java.dev.jna/jna-platform@5.13.0" + }, + { + "version": "1.5.6-2", + "name": "com.github.luben_zstd-jni", + "path": "/home/appuser/ms_extractor.jar/zstd-jni-1.5.6-2.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.github.luben/zstd-jni@1.5.6-2" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_metrics-spi", + "path": "/home/appuser/ms_extractor.jar/metrics-spi-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/metrics-spi@2.23.8" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-handler-proxy", + "path": "/home/appuser/ms_extractor.jar/netty-handler-proxy-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-handler-proxy@4.1.109.Final" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-codec-dns", + "path": "/home/appuser/ms_extractor.jar/netty-codec-dns-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-codec-dns@4.1.109.Final" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-resolver", + "path": "/home/appuser/ms_extractor.jar/netty-resolver-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-resolver@4.1.109.Final" + }, + { + "version": "11.18", + "name": "com.nimbusds_oauth2-oidc-sdk", + "path": "/home/appuser/ms_extractor.jar/oauth2-oidc-sdk-11.18.jar", + "cveCount": 0, + "license": "Apache License, version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.nimbusds/oauth2-oidc-sdk@11.18" + }, + { + "version": "1.0.6", + "name": "io.github.std-uritemplate_std-uritemplate", + "path": "/home/appuser/ms_extractor.jar/std-uritemplate-1.0.6.jar", + "cveCount": 0, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/io.github.std-uritemplate/std-uritemplate@1.0.6" + }, + { + "version": "1.1", + "name": "com.ongres.stringprep_stringprep", + "path": "/home/appuser/ms_extractor.jar/stringprep-1.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.ongres.stringprep/stringprep@1.1" + }, + { + "version": "0.1.0", + "name": "object-mapper-api", + "path": "/home/appuser/ms_extractor.jar/object-mapper-api-0.1.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/object-mapper-api@0.1.0" + }, + { + "version": "1.8.8", + "name": "jackson-core-asl", + "path": "/home/appuser/ms_extractor.jar/jackson-core-asl-1.8.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "http://fasterxml.com", + "purl": "pkg:maven/jackson-core-asl@1.8.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_sts", + "path": "/home/appuser/ms_extractor.jar/sts-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/sts@2.23.8" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-codec-http", + "path": "/home/appuser/ms_extractor.jar/netty-codec-http-4.1.109.Final.jar", + "cveCount": 7, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-codec-http@4.1.109.Final" + }, + { + "version": "2.2", + "name": "org.yaml_snakeyaml", + "path": "/home/appuser/ms_extractor.jar/snakeyaml-2.2.jar", + "cveCount": 8, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.yaml/snakeyaml@2.2" + }, + { + "version": "1.2", + "name": "commons-cli_commons-cli", + "path": "/home/appuser/ms_extractor.jar/commons-cli-1.2.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-cli/commons-cli@1.2" + }, + { + "version": "4.4", + "name": "org.apache.commons_commons-collections4", + "path": "/home/appuser/ms_extractor.jar/commons-collections4-4.4.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.commons/commons-collections4@4.4" + }, + { + "version": "1.4.1", + "name": "org.apache.commons.net_commons-net", + "path": "/home/appuser/ms_extractor.jar/commons-net-1.4.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.commons.net/commons-net@1.4.1" + }, + { + "version": "17.0.13", + "name": "jrt-fs", + "path": "/opt/java/openjdk/lib/jrt-fs.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734468953, + "jarIdentifier": "Oracle Corporation", + "purl": "pkg:maven/jrt-fs@17.0.13" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_http-auth-spi", + "path": "/home/appuser/ms_extractor.jar/http-auth-spi-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/http-auth-spi@2.23.8" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-resolver-dns", + "path": "/home/appuser/ms_extractor.jar/netty-resolver-dns-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-resolver-dns@4.1.109.Final" + }, + { + "version": "4.4.0", + "name": "aws-secrets-manager-async", + "path": "/home/appuser/ms_extractor.jar/aws-secrets-manager-async-4.4.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/aws-secrets-manager-async@4.4.0" + }, + { + "version": "1.9.22", + "name": "org.aspectj.weaver_aspectjweaver", + "path": "/home/appuser/ms_extractor.jar/aspectjweaver-1.9.22.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.aspectj.weaver/aspectjweaver@1.9.22" + }, + { + "version": "2.2.0", + "name": "resilience4j-timelimiter", + "path": "/home/appuser/ms_extractor.jar/resilience4j-timelimiter-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-timelimiter@2.2.0" + }, + { + "version": "5.13.0", + "name": "net.java.dev.jna_jna", + "path": "/home/appuser/ms_extractor.jar/jna-5.13.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/net.java.dev.jna/jna@5.13.0" + }, + { + "version": "1.0.1", + "name": "stax_stax-api", + "path": "/home/appuser/ms_extractor.jar/stax-api-1.0.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/stax/stax-api@1.0.1" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_checksums", + "path": "/home/appuser/ms_extractor.jar/checksums-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/checksums@2.23.8" + }, + { + "version": "1.3.2", + "name": "javax.annotation_javax.annotation-api", + "path": "/home/appuser/ms_extractor.jar/javax.annotation-api-1.3.2.jar", + "cveCount": 0, + "license": "CDDL + GPLv2 with classpath exception", + "layerTime": 1734619572, + "purl": "pkg:maven/javax.annotation/javax.annotation-api@1.3.2" + }, + { + "version": "2.1", + "name": "jakarta.activation-api", + "path": "/home/appuser/ms_extractor.jar/jakarta.activation-api-2.1.3.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Eclipse Foundation", + "purl": "pkg:maven/jakarta.activation-api@2.1" + }, + { + "version": "4.0.5", + "name": "com.sun.xml.bind_jaxb-impl", + "path": "/home/appuser/ms_extractor.jar/jaxb-impl-4.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.sun.xml.bind/jaxb-impl@4.0.5" + }, + { + "version": "4.1.2", + "name": "com.sun.istack_istack-commons-runtime", + "path": "/home/appuser/ms_extractor.jar/jaxb-core-4.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.sun.istack/istack-commons-runtime@4.1.2" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-resolver-dns-native-macos", + "path": "/home/appuser/ms_extractor.jar/netty-resolver-dns-native-macos-4.1.109.Final-osx-x86_64.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-resolver-dns-native-macos@4.1.109.Final" + }, + { + "version": "1.1.18", + "name": "reactor-netty-http", + "path": "/home/appuser/ms_extractor.jar/reactor-netty-http-1.1.18.jar", + "cveCount": 8, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "io.projectreactor.netty.reactor-netty-http", + "purl": "pkg:maven/reactor-netty-http@1.1.18" + }, + { + "version": "1.9.23-release-779", + "name": "kotlin-stdlib-jdk8", + "path": "/home/appuser/ms_extractor.jar/kotlin-stdlib-jdk8-1.9.23.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "JetBrains", + "purl": "pkg:maven/kotlin-stdlib-jdk8@1.9.23-release-779" + }, + { + "version": "3.2.5", + "name": "spring-boot-jarmode-layertools", + "path": "/home/appuser/ms_extractor.jar/spring-boot-jarmode-layertools-3.2.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Spring Boot Layers Tools", + "purl": "pkg:maven/spring-boot-jarmode-layertools@3.2.5" + }, + { + "version": "2.15.4", + "name": "com.fasterxml.jackson.datatype_jackson-datatype-jdk8", + "path": "/home/appuser/ms_extractor.jar/jackson-datatype-jdk8-2.15.4.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.15.4" + }, + { + "version": "2.1.12", + "name": "org.hdrhistogram_HdrHistogram", + "path": "/home/appuser/ms_extractor.jar/HdrHistogram-2.1.12.jar", + "cveCount": 0, + "license": "Public Domain, per Creative Commons CC0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.hdrhistogram/HdrHistogram@2.1.12" + }, + { + "version": "13.0", + "name": "org.jetbrains_annotations", + "path": "/home/appuser/ms_extractor.jar/annotations-13.0.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.jetbrains/annotations@13.0" + }, + { + "version": "1.0", + "name": "r2dbc-spi", + "path": "/home/appuser/ms_extractor.jar/r2dbc-spi-1.0.0.RELEASE.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Reactive Relational Database Connectivity - SPI", + "purl": "pkg:maven/r2dbc-spi@1.0" + }, + { + "version": "1.52.0", + "name": "com.azure_azure-core", + "path": "/home/appuser/ms_extractor.jar/azure-core-1.52.0.jar", + "cveCount": 0, + "license": "The MIT License (MIT)", + "layerTime": 1734619572, + "purl": "pkg:maven/com.azure/azure-core@1.52.0" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_aws-xml-protocol", + "path": "/home/appuser/ms_extractor.jar/aws-xml-protocol-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/aws-xml-protocol@2.23.8" + }, + { + "version": "1.8", + "name": "com.sun.jersey_jersey-server", + "path": "/home/appuser/ms_extractor.jar/jersey-server-1.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.sun.jersey/jersey-server@1.8" + }, + { + "version": "6.1.6", + "name": "org.springframework_spring-jdbc", + "path": "/home/appuser/ms_extractor.jar/spring-jdbc-6.1.6.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework/spring-jdbc@6.1.6" + }, + { + "version": "3.1.1", + "name": "core", + "path": "/home/appuser/ms_extractor.jar/core-3.1.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "%providerName", + "purl": "pkg:maven/core@3.1.1" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_http-auth-aws", + "path": "/home/appuser/ms_extractor.jar/http-auth-aws-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/http-auth-aws@2.23.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_arns", + "path": "/home/appuser/ms_extractor.jar/arns-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/arns@2.23.8" + }, + { + "version": "3.2.5", + "name": "spring-boot-actuator-autoconfigure", + "path": "/home/appuser/ms_extractor.jar/spring-boot-actuator-autoconfigure-3.2.5.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Spring Boot Actuator AutoConfigure", + "purl": "pkg:maven/spring-boot-actuator-autoconfigure@3.2.5" + }, + { + "version": "2.2.0", + "name": "resilience4j-spring6", + "path": "/home/appuser/ms_extractor.jar/resilience4j-spring6-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-spring6@2.2.0" + }, + { + "version": "5.5.12", + "name": "jasper-runtime", + "path": "/home/appuser/ms_extractor.jar/jasper-runtime-5.5.12.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "1.4.2_09-b05 (Sun Microsystems Inc.)", + "purl": "pkg:maven/jasper-runtime@5.5.12" + }, + { + "version": "1.8", + "name": "commons-digester_commons-digester", + "path": "/home/appuser/ms_extractor.jar/commons-digester-1.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-digester/commons-digester@1.8" + }, + { + "version": "2.0.2", + "name": "org.eclipse.angus_angus-activation", + "path": "/home/appuser/ms_extractor.jar/angus-activation-2.0.2.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.eclipse.angus/angus-activation@2.0.2" + }, + { + "version": "2.15.4", + "name": "com.fasterxml.jackson.module_jackson-module-parameter-names", + "path": "/home/appuser/ms_extractor.jar/jackson-module-parameter-names-2.15.4.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.15.4" + }, + { + "version": "2.0.3", + "name": "org.latencyutils_LatencyUtils", + "path": "/home/appuser/ms_extractor.jar/LatencyUtils-2.0.3.jar", + "cveCount": 0, + "license": "Public Domain, per Creative Commons CC0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.latencyutils/LatencyUtils@2.0.3" + }, + { + "version": "1.6.5", + "name": "ant_ant", + "path": "/home/appuser/ms_extractor.jar/ant-1.6.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/ant/ant@1.6.5" + }, + { + "version": "4.0.5", + "name": "org.glassfish.jaxb_jaxb-runtime", + "path": "/home/appuser/ms_extractor.jar/jaxb-impl-4.0.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.5" + }, + { + "version": "3.2.5", + "name": "spring-boot-devtools", + "path": "/home/appuser/ms_extractor.jar/spring-boot-devtools-3.2.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Spring Boot Developer Tools", + "purl": "pkg:maven/spring-boot-devtools@3.2.5" + }, + { + "version": "1.7.1", + "name": "jackson-jaxrs", + "path": "/home/appuser/ms_extractor.jar/jackson-jaxrs-1.7.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "http://fasterxml.com", + "purl": "pkg:maven/jackson-jaxrs@1.7.1" + }, + { + "version": "2.1.3", + "name": "jakarta.activation_jakarta.activation-api", + "path": "/home/appuser/ms_extractor.jar/jakarta.activation-api-2.1.3.jar", + "cveCount": 0, + "license": "EDL 1.0", + "layerTime": 1734619572, + "purl": "pkg:maven/jakarta.activation/jakarta.activation-api@2.1.3" + }, + { + "version": "2.2.0", + "name": "resilience4j-bulkhead", + "path": "/home/appuser/ms_extractor.jar/resilience4j-bulkhead-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-bulkhead@2.2.0" + }, + { + "version": "1.13.3", + "name": "com.azure_azure-identity", + "path": "/home/appuser/ms_extractor.jar/azure-identity-1.13.3.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.azure/azure-identity@1.13.3" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_s3", + "path": "/home/appuser/ms_extractor.jar/s3-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/s3@2.23.8" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-transport-native-kqueue", + "path": "/home/appuser/ms_extractor.jar/netty-transport-native-kqueue-4.1.109.Final-osx-x86_64.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-transport-native-kqueue@4.1.109.Final" + }, + { + "version": "3.1.0", + "name": "org.jctools_jctools-core", + "path": "/home/appuser/ms_extractor.jar/netty-common-4.1.109.Final.jar", + "cveCount": 0, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.jctools/jctools-core@3.1.0" + }, + { + "version": "1.1.10.5", + "name": "org.xerial.snappy_snappy-java", + "path": "/home/appuser/ms_extractor.jar/snappy-java-1.1.10.5.jar", + "cveCount": 4, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.xerial.snappy/snappy-java@1.1.10.5" + }, + { + "version": "3.2.5", + "name": "org.springframework.data_spring-data-relational", + "path": "/home/appuser/ms_extractor.jar/spring-data-relational-3.2.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework.data/spring-data-relational@3.2.5" + }, + { + "version": "2.17.0", + "name": "com.fasterxml.jackson.core_jackson-annotations", + "path": "/home/appuser/ms_extractor.jar/parquet-jackson-1.14.1.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.17.0" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-transport-native-epoll", + "path": "/home/appuser/ms_extractor.jar/netty-transport-native-epoll-4.1.109.Final-linux-x86_64.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-transport-native-epoll@4.1.109.Final" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-serialization-text", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-serialization-text-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-serialization-text@1.5.0" + }, + { + "version": "6.1.14", + "name": "org.mortbay.jetty_jsp-2.1", + "path": "/home/appuser/ms_extractor.jar/jsp-2.1-6.1.14.jar", + "cveCount": 0, + "license": "CDDL 1.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.mortbay.jetty/jsp-2.1@6.1.14" + }, + { + "version": "1.2", + "name": "commons-logging_commons-logging", + "path": "/home/appuser/ms_extractor.jar/commons-logging-1.2.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-logging/commons-logging@1.2" + }, + { + "version": "1.7", + "name": "com.nimbusds_lang-tag", + "path": "/home/appuser/ms_extractor.jar/lang-tag-1.7.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.nimbusds/lang-tag@1.7" + }, + { + "version": "3.2.5", + "name": "spring-boot-autoconfigure", + "path": "/home/appuser/ms_extractor.jar/spring-boot-autoconfigure-3.2.5.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Spring Boot AutoConfigure", + "purl": "pkg:maven/spring-boot-autoconfigure@3.2.5" + }, + { + "version": "6.1.6", + "name": "org.springframework_spring-tx", + "path": "/home/appuser/ms_extractor.jar/spring-tx-6.1.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework/spring-tx@6.1.6" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_annotations", + "path": "/home/appuser/ms_extractor.jar/annotations-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/annotations@2.23.8" + }, + { + "version": "2.15.4", + "name": "com.fasterxml.jackson.datatype_jackson-datatype-jsr310", + "path": "/home/appuser/ms_extractor.jar/jackson-datatype-jsr310-2.15.4.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.15.4" + }, + { + "version": "2.21.1", + "name": "org.apache.logging.log4j_log4j-to-slf4j", + "path": "/home/appuser/ms_extractor.jar/log4j-to-slf4j-2.21.1.jar", + "cveCount": 0, + "license": "Apache-2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.21.1" + }, + { + "version": "1.1", + "name": "org.codehaus.jettison_jettison", + "path": "/home/appuser/ms_extractor.jar/jettison-1.1.jar", + "cveCount": 5, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.codehaus.jettison/jettison@1.1" + }, + { + "version": "2.2.0", + "name": "resilience4j-spring-boot3", + "path": "/home/appuser/ms_extractor.jar/resilience4j-spring-boot3-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-spring-boot3@2.2.0" + }, + { + "version": "6.1.6", + "name": "spring-jcl", + "path": "/home/appuser/ms_extractor.jar/spring-jcl-6.1.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "spring-jcl", + "purl": "pkg:maven/spring-jcl@6.1.6" + }, + { + "version": "1.3.0", + "name": "com.azure_azure-json", + "path": "/home/appuser/ms_extractor.jar/azure-json-1.3.0.jar", + "cveCount": 0, + "license": "The MIT License (MIT)", + "layerTime": 1734619572, + "purl": "pkg:maven/com.azure/azure-json@1.3.0" + }, + { + "version": "6.1.6", + "name": "spring-expression", + "path": "/home/appuser/ms_extractor.jar/spring-expression-6.1.6.jar", + "cveCount": 8, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "spring-expression", + "purl": "pkg:maven/spring-expression@6.1.6" + }, + { + "version": "2.15.4", + "name": "com.fasterxml.jackson.core_jackson-core", + "path": "/home/appuser/ms_extractor.jar/jackson-core-2.15.4.jar", + "cveCount": 3, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-core@2.15.4" + }, + { + "version": "6.1.26", + "name": "org.mortbay.jetty_jetty", + "path": "/home/appuser/ms_extractor.jar/jetty-6.1.26.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.mortbay.jetty/jetty@6.1.26" + }, + { + "version": "5.5.12", + "name": "jasper-compiler", + "path": "/home/appuser/ms_extractor.jar/jasper-compiler-5.5.12.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "1.4.2_09-b05 (Sun Microsystems Inc.)", + "purl": "pkg:maven/jasper-compiler@5.5.12" + }, + { + "version": "2.15.4", + "name": "com.fasterxml.jackson.core_jackson-annotations", + "path": "/home/appuser/ms_extractor.jar/jackson-annotations-2.15.4.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.15.4" + }, + { + "version": "1.1.18", + "name": "io.projectreactor.netty_reactor-netty-core", + "path": "/home/appuser/ms_extractor.jar/reactor-netty-core-1.1.18.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.projectreactor.netty/reactor-netty-core@1.1.18" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-http-okHttp", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-http-okHttp-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-http-okHttp@1.5.0" + }, + { + "version": "2.2.0", + "name": "resilience4j-ratelimiter", + "path": "/home/appuser/ms_extractor.jar/resilience4j-ratelimiter-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-ratelimiter@2.2.0" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_utils", + "path": "/home/appuser/ms_extractor.jar/utils-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/utils@2.23.8" + }, + { + "version": "1.8", + "name": "com.sun.jersey_jersey-json", + "path": "/home/appuser/ms_extractor.jar/jersey-json-1.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.sun.jersey/jersey-json@1.8" + }, + { + "version": "1.17.1", + "name": "com.microsoft.azure_msal4j", + "path": "/home/appuser/ms_extractor.jar/msal4j-1.17.1.jar", + "cveCount": 1, + "license": "MIT License", + "layerTime": 1734619572, + "purl": "pkg:maven/com.microsoft.azure/msal4j@1.17.1" + }, + { + "version": "1.1", + "name": "com.ongres.stringprep_saslprep", + "path": "/home/appuser/ms_extractor.jar/saslprep-1.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.ongres.stringprep/saslprep@1.1" + }, + { + "version": "3.2.5", + "name": "spring-boot", + "path": "/home/appuser/ms_extractor.jar/spring-boot-3.2.5.jar", + "cveCount": 38, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Spring Boot", + "purl": "pkg:maven/spring-boot@3.2.5" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-abstractions", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-abstractions-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-abstractions@1.5.0" + }, + { + "version": "2.2.0", + "name": "resilience4j-annotations", + "path": "/home/appuser/ms_extractor.jar/resilience4j-annotations-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-annotations@2.2.0" + }, + { + "version": "1.0", + "name": "org.apache.commons.el_commons-el", + "path": "/home/appuser/ms_extractor.jar/commons-el-1.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.commons.el/commons-el@1.0" + }, + { + "version": "2.2.0", + "name": "resilience4j-circuitbreaker", + "path": "/home/appuser/ms_extractor.jar/resilience4j-circuitbreaker-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-circuitbreaker@2.2.0" + }, + { + "version": "2.2.0", + "name": "resilience4j-consumer", + "path": "/home/appuser/ms_extractor.jar/resilience4j-consumer-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-consumer@2.2.0" + }, + { + "version": "2.17.0", + "name": "com.fasterxml.jackson.core_jackson-databind", + "path": "/home/appuser/ms_extractor.jar/parquet-jackson-1.14.1.jar", + "cveCount": 69, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.17.0" + }, + { + "version": "1.1.0", + "name": "com.azure_azure-xml", + "path": "/home/appuser/ms_extractor.jar/azure-xml-1.1.0.jar", + "cveCount": 0, + "license": "The MIT License (MIT)", + "layerTime": 1734619572, + "purl": "pkg:maven/com.azure/azure-xml@1.1.0" + }, + { + "version": "2.1", + "name": "jsp-api", + "path": "/home/appuser/ms_extractor.jar/jsp-api-2.1-6.1.14.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Mort Bay Consulting", + "purl": "pkg:maven/jsp-api@2.1" + }, + { + "version": "1.3.0", + "name": "com.microsoft.azure_msal4j-persistence-extension", + "path": "/home/appuser/ms_extractor.jar/msal4j-persistence-extension-1.3.0.jar", + "cveCount": 0, + "license": "MIT License", + "layerTime": 1734619572, + "purl": "pkg:maven/com.microsoft.azure/msal4j-persistence-extension@1.3.0" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-resolver-dns-classes-macos", + "path": "/home/appuser/ms_extractor.jar/netty-resolver-dns-classes-macos-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-resolver-dns-classes-macos@4.1.109.Final" + }, + { + "version": "2.5", + "name": "servlet-api", + "path": "/home/appuser/ms_extractor.jar/servlet-api-2.5-6.1.14.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Mort Bay Consulting", + "purl": "pkg:maven/servlet-api@2.5" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_json-utils", + "path": "/home/appuser/ms_extractor.jar/json-utils-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/json-utils@2.23.8" + }, + { + "version": "1.8", + "name": "com.sun.jersey_jersey-core", + "path": "/home/appuser/ms_extractor.jar/jersey-core-1.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.sun.jersey/jersey-core@1.8" + }, + { + "version": "6.1.26", + "name": "org.mortbay.jetty_jetty-util", + "path": "/home/appuser/ms_extractor.jar/jetty-util-6.1.26.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.mortbay.jetty/jetty-util@6.1.26" + }, + { + "version": "6.1.14", + "name": "org.mortbay.jetty_jsp-api-2.1", + "path": "/home/appuser/ms_extractor.jar/jsp-api-2.1-6.1.14.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.mortbay.jetty/jsp-api-2.1@6.1.14" + }, + { + "version": "6.1.6", + "name": "org.springframework_spring-context", + "path": "/home/appuser/ms_extractor.jar/spring-context-6.1.6.jar", + "cveCount": 3, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework/spring-context@6.1.6" + }, + { + "version": "1.12.5", + "name": "io.micrometer_micrometer-jakarta9", + "path": "/home/appuser/ms_extractor.jar/micrometer-jakarta9-1.12.5.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.micrometer/micrometer-jakarta9@1.12.5" + }, + { + "version": "1.8.0.10", + "name": "hsqldb", + "path": "/home/appuser/ms_extractor.jar/hsqldb-1.8.0.10.jar", + "cveCount": 34, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "The HSQLDB Development Group", + "purl": "pkg:maven/hsqldb@1.8.0.10" + }, + { + "version": "3.13.0", + "name": "org.apache.commons_commons-lang3", + "path": "/home/appuser/ms_extractor.jar/commons-lang3-3.13.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.commons/commons-lang3@3.13.0" + }, + { + "version": "0.5.0", + "name": "net.jodah_typetools", + "path": "/home/appuser/ms_extractor.jar/modelmapper-1.1.3.jar", + "cveCount": 0, + "license": "Apache License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/net.jodah/typetools@0.5.0" + }, + { + "version": "0.27", + "name": "io.airlift_aircompressor", + "path": "/home/appuser/ms_extractor.jar/aircompressor-0.27.jar", + "cveCount": 1, + "license": "Apache License 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/io.airlift/aircompressor@0.27" + }, + { + "version": "4.5.13", + "name": "org.apache.httpcomponents_httpclient", + "path": "/home/appuser/ms_extractor.jar/httpclient-4.5.13.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.httpcomponents/httpclient@4.5.13" + }, + { + "version": "1.14.1", + "name": "org.apache.parquet_parquet-encoding", + "path": "/home/appuser/ms_extractor.jar/parquet-encoding-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.parquet/parquet-encoding@1.14.1" + }, + { + "version": "2.5.1", + "name": "net.minidev_accessors-smart", + "path": "/home/appuser/ms_extractor.jar/accessors-smart-2.5.1.jar", + "cveCount": 0, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/net.minidev/accessors-smart@2.5.1" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_secretsmanager", + "path": "/home/appuser/ms_extractor.jar/secretsmanager-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/secretsmanager@2.23.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_regions", + "path": "/home/appuser/ms_extractor.jar/regions-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/regions@2.23.8" + }, + { + "version": "4.0.2", + "name": "jakarta.xml.bind_jakarta.xml.bind-api", + "path": "/home/appuser/ms_extractor.jar/jakarta.xml.bind-api-4.0.2.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/jakarta.xml.bind/jakarta.xml.bind-api@4.0.2" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-transport-classes-kqueue", + "path": "/home/appuser/ms_extractor.jar/netty-transport-classes-kqueue-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-transport-classes-kqueue@4.1.109.Final" + }, + { + "version": "1.6", + "name": "commons-pool_commons-pool", + "path": "/home/appuser/ms_extractor.jar/commons-pool-1.6.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/commons-pool/commons-pool@1.6" + }, + { + "version": "20210419.1", + "name": "healthcheck-exec-cmd-trunk.", + "path": "/home/appuser/ms_extractor.jar/healthcheck-exec-cmd-trunk.20210419.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/healthcheck-exec-cmd-trunk.@20210419.1" + }, + { + "version": "1.0.4", + "name": "reactive-streams", + "path": "/home/appuser/ms_extractor.jar/reactive-streams-1.0.4.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "Reactive Streams SIG", + "purl": "pkg:maven/reactive-streams@1.0.4" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_endpoints-spi", + "path": "/home/appuser/ms_extractor.jar/endpoints-spi-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/endpoints-spi@2.23.8" + }, + { + "version": "3.1.0", + "name": "jakarta.persistence_jakarta.persistence-api", + "path": "/home/appuser/ms_extractor.jar/jakarta.persistence-api-3.1.0.jar", + "cveCount": 0, + "license": "Eclipse Public License v. 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/jakarta.persistence/jakarta.persistence-api@3.1.0" + }, + { + "version": "1.14.1", + "name": "org.apache.parquet_parquet-column", + "path": "/home/appuser/ms_extractor.jar/parquet-column-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.parquet/parquet-column@1.14.1" + }, + { + "version": "3.6.0", + "name": "okio-jvm", + "path": "/home/appuser/ms_extractor.jar/okio-jvm-3.6.0.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "com.squareup.okio", + "purl": "pkg:maven/okio-jvm@3.6.0" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-codec", + "path": "/home/appuser/ms_extractor.jar/netty-codec-4.1.109.Final.jar", + "cveCount": 2, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-codec@4.1.109.Final" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-buffer", + "path": "/home/appuser/ms_extractor.jar/netty-buffer-4.1.109.Final.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-buffer@4.1.109.Final" + }, + { + "version": "1.0.0.RELEASE", + "name": "io.r2dbc_r2dbc-spi", + "path": "/home/appuser/ms_extractor.jar/r2dbc-spi-1.0.0.RELEASE.jar", + "cveCount": 0, + "license": "Apache License 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/io.r2dbc/r2dbc-spi@1.0.0.RELEASE" + }, + { + "version": "2.1.1", + "name": "jakarta.annotation_jakarta.annotation-api", + "path": "/home/appuser/ms_extractor.jar/jakarta.annotation-api-2.1.1.jar", + "cveCount": 0, + "license": "EPL 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1" + }, + { + "version": "2.17.0", + "name": "com.fasterxml.jackson.datatype_jackson-datatype-jdk8", + "path": "/home/appuser/ms_extractor.jar/parquet-jackson-1.14.1.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.17.0" + }, + { + "version": "4.4.0", + "name": "secrets-manager-api", + "path": "/home/appuser/ms_extractor.jar/secrets-manager-api-4.4.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/secrets-manager-api@4.4.0" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-authentication-azure", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-authentication-azure-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-authentication-azure@1.5.0" + }, + { + "version": "3.1.8", + "name": "caffeine", + "path": "/home/appuser/ms_extractor.jar/caffeine-3.1.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "com.github.ben-manes.caffeine", + "purl": "pkg:maven/caffeine@3.1.8" + }, + { + "version": "1.31.0", + "name": "opentelemetry-context", + "path": "/home/appuser/ms_extractor.jar/opentelemetry-context-1.31.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "context", + "purl": "pkg:maven/opentelemetry-context@1.31.0" + }, + { + "version": "4.1.109.Final", + "name": "io.netty_netty-common", + "path": "/home/appuser/ms_extractor.jar/netty-common-4.1.109.Final.jar", + "cveCount": 1, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/io.netty/netty-common@4.1.109.Final" + }, + { + "version": "9.40", + "name": "com.nimbusds_nimbus-jose-jwt", + "path": "/home/appuser/ms_extractor.jar/nimbus-jose-jwt-9.40.jar", + "cveCount": 5, + "license": "The Apache Software License, Version 2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/com.nimbusds/nimbus-jose-jwt@9.40" + }, + { + "version": "2.21.1", + "name": "org.apache.logging.log4j_log4j-api", + "path": "/home/appuser/ms_extractor.jar/log4j-api-2.21.1.jar", + "cveCount": 0, + "license": "Apache-2.0", + "layerTime": 1734619572, + "purl": "pkg:maven/org.apache.logging.log4j/log4j-api@2.21.1" + }, + { + "version": "0.1.0", + "name": "object-mapper", + "path": "/home/appuser/ms_extractor.jar/object-mapper-0.1.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/object-mapper@0.1.0" + }, + { + "version": "2.2.0", + "name": "resilience4j-core", + "path": "/home/appuser/ms_extractor.jar/resilience4j-core-2.2.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "resilience4j", + "purl": "pkg:maven/resilience4j-core@2.2.0" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_auth", + "path": "/home/appuser/ms_extractor.jar/auth-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/auth@2.23.8" + }, + { + "version": "2.23.8", + "name": "software.amazon.awssdk_profiles", + "path": "/home/appuser/ms_extractor.jar/profiles-2.23.8.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/software.amazon.awssdk/profiles@2.23.8" + }, + { + "version": "6.1.6", + "name": "spring-web", + "path": "/home/appuser/ms_extractor.jar/spring-web-6.1.6.jar", + "cveCount": 4, + "license": "", + "layerTime": 1734619572, + "jarIdentifier": "spring-web", + "purl": "pkg:maven/spring-web@6.1.6" + }, + { + "version": "1.5.0", + "name": "microsoft-kiota-serialization-form", + "path": "/home/appuser/ms_extractor.jar/microsoft-kiota-serialization-form-1.5.0.jar", + "cveCount": 0, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/microsoft-kiota-serialization-form@1.5.0" + }, + { + "version": "6.1.6", + "name": "org.springframework_spring-beans", + "path": "/home/appuser/ms_extractor.jar/spring-beans-6.1.6.jar", + "cveCount": 3, + "license": "", + "layerTime": 1734619572, + "purl": "pkg:maven/org.springframework/spring-beans@6.1.6" + } + ] + } + ], + "files": [], + "packageManager": true, + "applications": [ + { + "name": "busybox", + "version": "1.36.1", + "path": "/bin/busybox", + "layerTime": 1725624336, + "knownVulnerabilities": 34, + "installedFromPackage": true, + "originPackageName": "busybox" + }, + { + "name": "java", + "version": "17.0.13", + "path": "/opt/java/openjdk/bin/java", + "layerTime": 1729698092, + "knownVulnerabilities": 432 + } + ], + "isARM64": false, + "redHatNonRPMImage": false, + "foundSecrets": null, + "secretScanMetrics": {}, + "image": { + "entrypoint": [ + "sh", + "-c", + "java $JAVA_OPTS -jar ms_extractor.jar" + ], + "created": "2024-12-19T14:46:16.737Z" + }, + "history": [ + { + "created": 1725624336, + "instruction": "ADD alpine-minirootfs-3.20.3-x86_64.tar.gz / # buildkit", + "sizeBytes": 7797760, + "id": "", + "emptyLayer": false + }, + { + "created": 1725624336, + "instruction": "CMD [\"/bin/sh\"]", + "id": "", + "emptyLayer": true + }, + { + "created": 1729698092, + "instruction": "ENV JAVA_HOME=/opt/java/openjdk", + "id": "", + "emptyLayer": true + }, + { + "created": 1729698092, + "instruction": "ENV PATH=/opt/java/openjdk/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", + "id": "", + "emptyLayer": true + }, + { + "created": 1729698092, + "instruction": "ENV LANG=en_US.UTF-8 LANGUAGE=en_US:en LC_ALL=en_US.UTF-8", + "id": "", + "emptyLayer": true + }, + { + "created": 1729698092, + "instruction": "RUN /bin/sh -c set -eux; apk add --no-cache fontconfig ttf-dejavu gnupg ca-certificates p11-kit-trust musl-locales musl-locales-lang tzdata coreutils openssl ; rm -rf /var/cache/apk/* # buildkit", + "sizeBytes": 38156465, + "id": "", + "emptyLayer": false + }, + { + "created": 1729698092, + "instruction": "ENV JAVA_VERSION=jdk-17.0.13+11", + "id": "", + "emptyLayer": true + }, + { + "created": 1729698092, + "instruction": "RUN /bin/sh -c set -eux; ARCH=\"$(apk --print-arch)\"; case \"${ARCH}\" in x86_64) ESUM='7a2df4e2f86eca649af1e17d990ab8e354cb6dee389606025b9d05f75623c388'; BINARY_URL='https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.13%2B11/OpenJDK17U-jre_x64_alpine-linux_hotspot_17.0.13_11.tar.gz'; ;; *) echo \"Unsupported arch: ${ARCH}\"; exit 1; ;; esac; wget -O /tmp/openjdk.tar.gz ${BINARY_URL}; wget -O /tmp/openjdk.tar.gz.sig ${BINARY_URL}.sig; export GNUPGHOME=\"$(mktemp -d)\"; gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 3B04D753C9050D9A5D343F39843C48A565F8F04B; gpg --batch --verify /tmp/openjdk.tar.gz.sig /tmp/openjdk.tar.gz; rm -r \"${GNUPGHOME}\" /tmp/openjdk.tar.gz.sig; echo \"${ESUM} */tmp/openjdk.tar.gz\" | sha256sum -c -; mkdir -p \"$JAVA_HOME\"; tar --extract --file /tmp/openjdk.tar.gz --directory \"$JAVA_HOME\" --strip-components 1 --no-same-owner ; rm -f /tmp/openjdk.tar.gz ${JAVA_HOME}/lib/src.zip; # buildkit", + "sizeBytes": 139387010, + "id": "", + "emptyLayer": false + }, + { + "created": 1729698092, + "instruction": "RUN /bin/sh -c set -eux; echo \"Verifying install ...\"; echo \"java --version\"; java --version; echo \"Complete.\" # buildkit", + "id": "", + "emptyLayer": true + }, + { + "created": 1729698092, + "instruction": "COPY --chmod=755 entrypoint.sh /__cacert_entrypoint.sh # buildkit", + "sizeBytes": 5307, + "id": "", + "emptyLayer": false + }, + { + "created": 1729698092, + "instruction": "ENTRYPOINT [\"/__cacert_entrypoint.sh\"]", + "id": "", + "emptyLayer": true + }, + { + "created": 1734468950, + "instruction": "LABEL source_images=eclipse-temurin:17.0.13_11-...", + "id": "", + "emptyLayer": true + }, + { + "created": 1734468953, + "instruction": "RUN apk add --no-cache alpine-conf && setup-timezone -z America/Bogota", + "sizeBytes": 4018010, + "id": "", + "emptyLayer": false + }, + { + "created": 1734468953, + "instruction": "ENV TZ=America/Bogota", + "id": "", + "emptyLayer": true + }, + { + "created": 1734468953, + "instruction": "USER root", + "id": "", + "emptyLayer": true + }, + { + "created": 1734468954, + "instruction": "COPY multi:df4e3223d8115a630c340c296065b2581354fc5ff61c6d5132d32feffe3c6657 in /usr/local/share/ca-certificates/ ", + "sizeBytes": 600639, + "id": "", + "emptyLayer": false + }, + { + "created": 1734468954, + "instruction": "COPY file:3cdcee0b6c6805219fb2acec0445ae4b53402b9410f695599945c0eaa4b12bb2 in /root/ ", + "sizeBytes": 4002, + "id": "", + "emptyLayer": false + }, + { + "created": 1734468958, + "instruction": "RUN apk update --no-cache && apk upgrade --available --purge --no-cache && apk add ca-certificates shadow --no-cache && rm -rf /var/cache/apk/*", + "sizeBytes": 3151572, + "id": "", + "emptyLayer": false + }, + { + "created": 1734468958, + "instruction": "RUN update-ca-certificates -f && cat /etc/ssl/certs/ca-certificates.crt >> /usr/local/share/ca-certificates/bancolombia_certs.crt", + "sizeBytes": 1657881, + "id": "", + "emptyLayer": false + }, + { + "created": 1734469143, + "instruction": "RUN sh /root/cerimportjks.sh 6GUrHR7YpucnX3Zh", + "sizeBytes": 429297, + "id": "", + "emptyLayer": false + }, + { + "created": 1734469143, + "instruction": "RUN mkdir -p /home/appuser && HOME=/home/appuser && chmod -R 0755 /home/appuser", + "id": "", + "emptyLayer": true + }, + { + "created": 1734469144, + "instruction": "RUN addgroup -S -g 10101 appuser && adduser -S -D -s /sbin/nologin -h /home/appuser -G appuser appuser", + "sizeBytes": 3076, + "id": "", + "emptyLayer": false + }, + { + "created": 1734469144, + "instruction": "WORKDIR /home/appuser", + "id": "", + "emptyLayer": true + }, + { + "created": 1734469144, + "instruction": "RUN apk del alpine-conf", + "sizeBytes": 131041, + "id": "", + "emptyLayer": false + }, + { + "created": 1734619572, + "instruction": "LABEL version=2024.12.19 maintainer=Proyecto Ba...", + "id": "", + "emptyLayer": true + }, + { + "created": 1734619572, + "instruction": "COPY ms_extractor.jar ms_extractor.jar # buildkit", + "sizeBytes": 152205979, + "id": "", + "emptyLayer": false + }, + { + "created": 1734619572, + "instruction": "RUN /bin/sh -c mkdir -p /tmp/parquet/schema # buildkit", + "id": "", + "emptyLayer": true + }, + { + "created": 1734619576, + "instruction": "RUN /bin/sh -c apk update && apk add --no-cache libc6-compat # buildkit", + "sizeBytes": 2585844, + "id": "", + "emptyLayer": false + }, + { + "created": 1734619576, + "instruction": "ENV JAVA_OPTS=-XX:+UseContainerSupport -Xmx500m -Djava.security.egd=file:/dev/./urandom -Djava.io.tmpdir=/tmp/", + "id": "", + "emptyLayer": true + }, + { + "created": 1734619576, + "instruction": "USER appuser", + "id": "", + "emptyLayer": true + }, + { + "tags": [ + "jav:1" + ], + "created": 1734619576, + "instruction": "ENTRYPOINT [\"sh\" \"-c\" \"java $JAVA_OPTS -jar ms_extractor.jar\"]", + "id": "sha256:f931196f4992d2e1f6d74454e26d11059835c8fd00b4a029d4ef2a8a29fc6f37", + "emptyLayer": true + } + ], + "id": "sha256:f931196f4992d2e1f6d74454e26d11059835c8fd00b4a029d4ef2a8a29fc6f37", + "complianceIssues": [ + { + "text": "", + "id": 406, + "severity": "medium", + "cvss": 0, + "status": "", + "cve": "", + "cause": "", + "description": "One of the important security triads is availability. Adding HEALTHCHECK instruction to your\ncontainer image ensures that the docker engine periodically checks the running container\ninstances against that instruction to ensure that the instances are still working", + "title": "(CIS_Docker_v1.5.0 - 4.6) Add HEALTHCHECK instruction to the container image", + "vecStr": "", + "exploit": "", + "riskFactors": null, + "link": "", + "type": "image", + "packageName": "", + "packageVersion": "", + "packageType": "", + "layerTime": 0, + "templates": [ + "GDPR", + "DISA STIG" + ], + "twistlock": false, + "cri": false, + "published": 0, + "fixDate": 0, + "discovered": "0001-01-01T00:00:00Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + } + ], + "allCompliance": {}, + "vulnerabilities": [ + { + "text": "", + "id": 47, + "severity": "high", + "cvss": 7.5, + "status": "fixed in 6.1.13", + "cve": "CVE-2024-38816", + "cause": "", + "description": "Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process in which the Spring application is running. Specifically, an application is vulnerable when both of the following are true: * the web application uses RouterFunctionsu00a0to serve static resources * resource handling is explicitly configured with a FileSystemResourceu00a0location However, malicious requests are blocked and rejected when any of the following is true: * the Spring Security HTTP Firewall https://docs.spring.io/spring-security/reference/servlet/exploits/firewall.html u00a0is in use * the application runs on Tomcat or Jetty", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "Has fix": {}, + "High severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38816", + "type": "image", + "packageName": "spring-webflux", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1726209042, + "fixDate": 1730835303, + "applicableRules": [ + ">=6.1.0", + "<6.1.13" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "critical", + "cvss": 9.8, + "status": "open", + "cve": "CVE-2019-10202", + "cause": "", + "description": "A series of deserialization vulnerabilities have been discovered in Codehaus 1.9.x implemented in EAP 7. This CVE fixes CVE-2017-17485, CVE-2017-7525, CVE-2017-15095, CVE-2018-5968, CVE-2018-7489, CVE-2018-1000873, CVE-2019-12086 reported for FasterXML jackson-databind by implementing a whitelist approach that will mitigate these vulnerabilities and future ones alike.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "Critical severity": {}, + "DoS - High": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2019-10202", + "type": "image", + "packageName": "jackson-mapper-asl", + "packageVersion": "1.8.8", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1653411448, + "fixDate": 0, + "applicableRules": [ + "<=1.9.13" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "high", + "cvss": 7.5, + "status": "fixed in 2.14.0", + "cve": "CVE-2024-47554", + "cause": "", + "description": "Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - High": {}, + "Has fix": {}, + "High severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-47554", + "type": "image", + "packageName": "commons-io_commons-io", + "packageVersion": "2.1", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1727958648, + "fixDate": 1727979187, + "applicableRules": [ + ">=2.0", + "<2.14.0" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 5.3, + "status": "fixed in 6.1.14, 6.0.25, 5.3.41", + "cve": "CVE-2024-38820", + "cause": "", + "description": "The fix for CVE-2022-22968 made disallowedFieldsu00a0patterns in DataBinderu00a0case insensitive. However, String.toLowerCase()u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38820", + "type": "image", + "packageName": "org.springframework_spring-core", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1729232103, + "fixDate": 1732450888, + "applicableRules": [ + "<6.1.14", + ">=6.1.0" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 4.8, + "status": "fixed in 6.1.14", + "cve": "CVE-2024-38827", + "cause": "", + "description": "The usage of String.toLowerCase()u00a0and String.toUpperCase()u00a0has some Localeu00a0dependent exceptions that could potentially result in authorization rules not working properly.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827", + "type": "image", + "packageName": "org.springframework_spring-core", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1733153501, + "fixDate": 1733176328, + "applicableRules": [ + "<6.1.14" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 4.8, + "status": "fixed in 6.1.14", + "cve": "CVE-2024-38827", + "cause": "", + "description": "The usage of String.toLowerCase()u00a0and String.toUpperCase()u00a0has some Localeu00a0dependent exceptions that could potentially result in authorization rules not working properly.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827", + "type": "image", + "packageName": "org.springframework_spring-jdbc", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1733153501, + "fixDate": 1733176328, + "applicableRules": [ + "<6.1.14" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "high", + "cvss": 7.5, + "status": "fixed in 1.5.4", + "cve": "CVE-2023-1436", + "cause": "", + "description": "An infinite recursion is triggered in Jettison when constructing a JSONArray from a Collection that contains a self-reference in one of its elements. This leads to a StackOverflowError exception being thrown. ", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - High": {}, + "Has fix": {}, + "High severity": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2023-1436", + "type": "image", + "packageName": "org.codehaus.jettison_jettison", + "packageVersion": "1.1", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1679466621, + "fixDate": 1679524881, + "applicableRules": [ + "<1.5.4" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "high", + "cvss": 7.5, + "status": "fixed in 1.5.2", + "cve": "CVE-2022-45693", + "cause": "", + "description": "Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - High": {}, + "Has fix": {}, + "High severity": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2022-45693", + "type": "image", + "packageName": "org.codehaus.jettison_jettison", + "packageVersion": "1.1", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1670945427, + "fixDate": 1672850791, + "applicableRules": [ + "<1.5.2" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "high", + "cvss": 7.5, + "status": "fixed in 1.5.2", + "cve": "CVE-2022-45685", + "cause": "", + "description": "A stack overflow in Jettison before v1.5.2 allows attackers to cause a Denial of Service (DoS) via crafted JSON data.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - High": {}, + "Has fix": {}, + "High severity": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2022-45685", + "type": "image", + "packageName": "org.codehaus.jettison_jettison", + "packageVersion": "1.1", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1670945426, + "fixDate": 1672850791, + "applicableRules": [ + "<1.5.2" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "high", + "cvss": 7.5, + "status": "fixed in 1.5.2", + "cve": "CVE-2022-40150", + "cause": "", + "description": "Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of service attack.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - High": {}, + "Has fix": {}, + "High severity": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2022-40150", + "type": "image", + "packageName": "org.codehaus.jettison_jettison", + "packageVersion": "1.1", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1663372841, + "fixDate": 1672707639, + "applicableRules": [ + "<1.5.2" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 6.5, + "status": "fixed in 1.5.1", + "cve": "CVE-2022-40149", + "cause": "", + "description": "Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - High": {}, + "Has fix": {}, + "Medium severity": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2022-40149", + "type": "image", + "packageName": "org.codehaus.jettison_jettison", + "packageVersion": "1.1", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1663372841, + "fixDate": 1663372841, + "applicableRules": [ + "<1.5.1" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 4.8, + "status": "fixed in 6.1.14", + "cve": "CVE-2024-38827", + "cause": "", + "description": "The usage of String.toLowerCase()u00a0and String.toUpperCase()u00a0has some Localeu00a0dependent exceptions that could potentially result in authorization rules not working properly.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827", + "type": "image", + "packageName": "spring-expression", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1733153501, + "fixDate": 1733176328, + "applicableRules": [ + "<6.1.14" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 5.3, + "status": "fixed in 6.1.14", + "cve": "CVE-2024-38820", + "cause": "", + "description": "The fix for CVE-2022-22968 made disallowedFieldsu00a0patterns in DataBinderu00a0case insensitive. However, String.toLowerCase()u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38820", + "type": "image", + "packageName": "org.springframework_spring-context", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1729232103, + "fixDate": 1729292064, + "applicableRules": [ + "<6.1.14" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 4.8, + "status": "fixed in 6.1.14", + "cve": "CVE-2024-38827", + "cause": "", + "description": "The usage of String.toLowerCase()u00a0and String.toUpperCase()u00a0has some Localeu00a0dependent exceptions that could potentially result in authorization rules not working properly.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827", + "type": "image", + "packageName": "org.springframework_spring-context", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1733153501, + "fixDate": 1733176328, + "applicableRules": [ + "<6.1.14" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 5.5, + "status": "fixed in 4.1.115", + "cve": "CVE-2024-47535", + "cause": "", + "description": "Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application, Netty attempts to load a file that does not exist. If an attacker creates such a large file, the Netty application crashes. This vulnerability is fixed in 4.1.115.", + "title": "", + "vecStr": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "DoS - High": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-47535", + "type": "image", + "packageName": "io.netty_netty-common", + "packageVersion": "4.1.109.Final", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1731441197, + "fixDate": 1731451813, + "applicableRules": [ + "<=4.1.114" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 5.3, + "status": "fixed in 6.1.12, 6.0.23, 5.3.38", + "cve": "CVE-2024-38809", + "cause": "", + "description": "Applications that parse ETags from \"If-Match\" or \"If-None-Match\" request headers are vulnerable to DoS attack. Users of affected versions should upgrade to the corresponding fixed version. Users of older, unsupported versions could enforce a size limit on \"If-Match\" and \"If-None-Match\" headers, e.g. through a Filter.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "DoS - Low": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38809", + "type": "image", + "packageName": "spring-web", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1727202883, + "fixDate": 1727215870, + "applicableRules": [ + "<6.1.12", + ">=6.1.0" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 5.3, + "status": "fixed in 6.1.14, 6.0.25, 5.3.41", + "cve": "CVE-2024-38820", + "cause": "", + "description": "The fix for CVE-2022-22968 made disallowedFieldsu00a0patterns in DataBinderu00a0case insensitive. However, String.toLowerCase()u00a0has some Locale dependent exceptions that could potentially result in fields not protected as expected.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38820", + "type": "image", + "packageName": "spring-web", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1729232103, + "fixDate": 1732450888, + "applicableRules": [ + "<6.1.14", + ">=6.1.0" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + }, + { + "text": "", + "id": 47, + "severity": "medium", + "cvss": 4.8, + "status": "fixed in 6.1.14", + "cve": "CVE-2024-38827", + "cause": "", + "description": "The usage of String.toLowerCase()u00a0and String.toUpperCase()u00a0has some Localeu00a0dependent exceptions that could potentially result in authorization rules not working properly.", + "title": "", + "vecStr": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", + "exploit": "", + "riskFactors": { + "Attack vector: network": {}, + "Has fix": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "link": "https://nvd.nist.gov/vuln/detail/CVE-2024-38827", + "type": "image", + "packageName": "org.springframework_spring-beans", + "packageVersion": "6.1.6", + "packageType": "jar", + "layerTime": 1734619572, + "templates": null, + "twistlock": false, + "cri": false, + "published": 1733153501, + "fixDate": 1733176328, + "applicableRules": [ + "<6.1.14" + ], + "discovered": "2024-12-19T14:47:27Z", + "functionLayer": "", + "wildfireMalware": {}, + "secret": {} + } + ], + "repoTag": { + "registry": "", + "repo": "jav", + "tag": "1" + }, + "tags": [ + { + "registry": "", + "repo": "jav", + "tag": "1" + } + ], + "repoDigests": [], + "creationTime": "2024-12-19T14:46:16.737Z", + "pushTime": "0001-01-01T00:00:00Z", + "vulnerabilitiesCount": 18, + "complianceIssuesCount": 1, + "vulnerabilityDistribution": { + "critical": 1, + "high": 6, + "medium": 11, + "low": 0, + "total": 18 + }, + "complianceDistribution": { + "critical": 0, + "high": 0, + "medium": 1, + "low": 0, + "total": 1 + }, + "vulnerabilityRiskScore": 1061100, + "complianceRiskScore": 100, + "layers": [ + "sha256:75654b8eeebd3beae97271a102f57cdeb794cc91e442648544963a7e951e9558", + "sha256:dfc91b7f762052922f04900a2b805064ec8b26e510eef76c70b5060f6be37425", + "sha256:a5729e07101c9cae69e96ba1f98410f396ebf0b8525d79e45564ddce1739a270", + "sha256:21cf7d294a3a49b79fd3d8e0a83b51c7c381500075e0a34a4e91d46dd26891f9", + "sha256:8fba85eb2e696a153cba1395023f60b990f4d90d24fc50bdc5f380e1733fd858", + "sha256:13c8336d3bc00f956887292c0a3964c887092037ffe825346cdd7c0101304fb9", + "sha256:5f6726791b9096b709e6475a39acb66d6f1355b5363467d7b6155742b4dbc4f5", + "sha256:24af25d30efd0a719bbb16cd2d7dbef2096206a7d42918749300b4bfd62943e5", + "sha256:904f56ac884e542100db061c7353fe9ab91e834eb29cac71c086c356f82bcf2e", + "sha256:de8d95367ac2a8dd460670fad86765cbacfd8cfad20a01bcfa9cab42882d9653", + "sha256:5f30d8fae39fafa23b73399f58929e1b4f7455d7f1a440da45473c16acd4f09f", + "sha256:42ca575cb1eb953bea4e11652396a0c8431560d8993e05326fe1183c1d9395c1", + "sha256:b375734c7e9016762d9806d455ee4df9aa5956379338f26fed1ce6836dfb741f", + "sha256:c1b0a5a1ccf3049e8717d1996bc7cec8779723e4918f9ed17155aa622d74e5b0", + "sha256:b0851681968708258d7fab4fc4c60b551b68072a089db3c4f38ca048a0760f1a", + "sha256:af8d13df9335ac60f29b1abf429daa05b5229f21bfbad50343c96220ca3c60ba", + "sha256:241589bb0201cb91cdb6e47b09ddff52284873851a863df47055f27dd41ea508" + ], + "topLayer": "sha256:241589bb0201cb91cdb6e47b09ddff52284873851a863df47055f27dd41ea508", + "riskFactors": { + "Attack complexity: low": {}, + "Attack vector: network": {}, + "Critical severity": {}, + "DoS - High": {}, + "DoS - Low": {}, + "Has fix": {}, + "High severity": {}, + "Medium severity": {}, + "Recent vulnerability": {} + }, + "labels": [ + "x86.baseline.date:20241217", + "x86.image.name:artifactory.apps.bancolombia.com/evc/stable/eclipse-temurin:17.0.13_11-jre-alpine_20241217", + "x86.source.image:eclipse-temurin:17.0.13_11-jre-alpine", + "description:Microservicio para descarga y carga de reportes de prisma cloud", + "maintainer:Proyecto Backend DevSecOps Engine", + "repository:evc/stable", + "source_images:eclipse-temurin:17.0.13_11-jre-alpine_20241217", + "version:2024.12.19" + ], + "installedProducts": { + "docker": "27.2.1", + "osDistro": "Alpine Linux v3.20", + "hasPackageManager": true + }, + "scanVersion": "33.02.134", + "scanBuildDate": "20241127", + "firstScanTime": "2024-12-19T14:47:27.295Z", + "cloudMetadata": {}, + "instances": [ + { + "image": "jav:1", + "host": "pb0b0911817", + "modified": "2024-12-19T14:47:29.14Z", + "tag": "1", + "repo": "jav", + "registry": "" + } + ], + "hosts": {}, + "err": "", + "collections": [ + "All", + "RL Para Mauricio - Access Group (RBAC)" + ], + "scanID": 0, + "trustStatus": "", + "firewallProtection": { + "enabled": false, + "supported": false, + "outOfBandMode": "" + }, + "appEmbedded": false, + "wildFireUsage": null, + "agentless": false, + "csaWindows": false, + "malwareAnalyzedTime": "0001-01-01T00:00:00Z" + }, + "time": "2024-12-19T14:47:31.39Z", + "pass": true, + "version": "33.02.134" +} \ No newline at end of file