Press CTR-C to copy XML [help]


Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

 Sponsor

Project: Testing

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
AForge.Imaging.dllpkg:generic/AForge.Imaging@2.2.5.0 017
AForge.Math.dllpkg:generic/AForge.Math@2.2.5.0 017
AForge.dllpkg:generic/AForge@2.2.5.0 017
AWSSDK.Core.dllcpe:2.3:a:web_project:web:3.7.102.0:*:*:*:*:*:*:*pkg:generic/AWSSDK.Core@3.7.102.0 0Low15
AWSSDK.Core:3.7.102pkg:nuget/AWSSDK.Core@3.7.102 06
AWSSDK.DynamoDBv2.dllcpe:2.3:a:web_project:web:3.7.101.0:*:*:*:*:*:*:*pkg:generic/AWSSDK.DynamoDBv2@3.7.101.0 0Low15
AWSSDK.DynamoDBv2:3.7.101pkg:nuget/AWSSDK.DynamoDBv2@3.7.101 06
AWSSDK.ElasticFileSystem.dllpkg:generic/AWSSDK.ElasticFileSystem@3.7.101.9 019
AWSSDK.Extensions.NETCore.Setup.dllpkg:generic/AWSSDK.Extensions.NETCore.Setup@3.7.1 013
AWSSDK.Extensions.NETCore.Setup:3.7.2pkg:nuget/AWSSDK.Extensions.NETCore.Setup@3.7.2 08
AWSSDK.Lambda.dllcpe:2.3:a:amazon:aws_lambda:3.7.102.0:*:*:*:*:*:*:*pkg:generic/AWSSDK.Lambda@3.7.102.0 0Low13
AWSSDK.Lambda:3.7.102pkg:nuget/AWSSDK.Lambda@3.7.102 06
AWSSDK.RDS:3.7.410.21pkg:nuget/AWSSDK.RDS@3.7.410.21 06
AWSSDK.S3.dllpkg:generic/AWSSDK.S3@3.7.101.30 021
AWSSDK.SimpleNotificationService.dllcpe:2.3:a:service_project:service:3.7.100.33:*:*:*:*:*:*:*pkg:generic/AWSSDK.SimpleNotificationService@3.7.100.33 0Low19
AWSSDK.SimpleSystemsManagement.dllpkg:generic/AWSSDK.SimpleSystemsManagement@3.7.102.13 019
Amazon.Lambda.APIGatewayEvents.dllcpe:2.3:a:web_project:web:1.2.0.0:*:*:*:*:*:*:*pkg:generic/Amazon.Lambda.APIGatewayEvents@1.2.0.0 0Low15
Amazon.Lambda.APIGatewayEvents:2.5.0pkg:nuget/Amazon.Lambda.APIGatewayEvents@2.5.0 08
Amazon.Lambda.ApplicationLoadBalancerEvents.dllpkg:generic/Amazon.Lambda.ApplicationLoadBalancerEvents@0.0.0.0 09
Amazon.Lambda.AspNetCoreServer.dllcpe:2.3:a:asp-project:asp-project:2.0.4:*:*:*:*:*:*:*pkg:generic/Amazon.Lambda.AspNetCoreServer@2.0.4 0Low15
Amazon.Lambda.AspNetCoreServer:7.3.0cpe:2.3:a:asp-project:asp-project:7.3.0:*:*:*:*:*:*:*pkg:nuget/Amazon.Lambda.AspNetCoreServer@7.3.0 0Low8
Amazon.Lambda.Core.dllcpe:2.3:a:web_project:web:1.0.0.0:*:*:*:*:*:*:*pkg:generic/Amazon.Lambda.Core@1.0.0.0 0Low15
Amazon.Lambda.Core:2.1.0pkg:nuget/Amazon.Lambda.Core@2.1.0 08
Amazon.Lambda.Logging.AspNetCore.dllcpe:2.3:a:asp-project:asp-project:2.0.0.0:*:*:*:*:*:*:*pkg:generic/Amazon.Lambda.Logging.AspNetCore@2.0.0.0 0Low15
Amazon.Lambda.SNSEvents:2.0.0pkg:nuget/Amazon.Lambda.SNSEvents@2.0.0 08
Amazon.Lambda.Serialization.Json:2.1.0pkg:nuget/Amazon.Lambda.Serialization.Json@2.1.0 08
Amazon.Lambda.Serialization.SystemTextJson.dllpkg:generic/Amazon.Lambda.Serialization.SystemTextJson@0.0.0.0 09
Amazon.Lambda.Serialization.SystemTextJson:2.3.0pkg:nuget/Amazon.Lambda.Serialization.SystemTextJson@2.3.0 08
Apitron.PDF.Rasterizer.dllpkg:generic/Apitron.PDF.Rasterizer@3.0.170.0 017
Apitron.PDF.Rasterizer:3.0.170pkg:nuget/Apitron.PDF.Rasterizer@3.0.170 08
AspectInjector:2.6.0pkg:nuget/AspectInjector@2.6.0 04
AuditLogHandler.csproj 02
AuditLogHandler.dllpkg:generic/AuditLogHandler@1.0.0 016
AuditLogSwagger.js 00
AutoMapper.Extensions.Microsoft.DependencyInjection.dllpkg:generic/AutoMapper.Extensions.Microsoft.DependencyInjection@12.0.0 021
AutoMapper.dllpkg:generic/AutoMapper@12.0.0 019
AwsParameterStore.Microsoft.Extensions.Configuration.dllpkg:generic/AwsParameterStore.Microsoft.Extensions.Configuration@0.7.0 026
BatchUploadSwagger.js 00
CommentSwagger.js 00
CrawlerSwagger.js 00
Docnet.Core.dllpkg:generic/Docnet.Core@2.4.0 015
Docnet.Core:2.4.0-alpha.6pkg:nuget/Docnet.Core@2.4.0-alpha.6 06
DocumentTypeSwagger.js 00
DynamicFlowSwagger.js 00
ESignSwagger.js 00
EncryptAccountNumberHandler.csproj 02
EntityEncryptionKeySwagger.js 00
FeatureSwagger.js 00
FluentValidation.AspNetCore.dllcpe:2.3:a:asp-project:asp-project:11.2.2:*:*:*:*:*:*:*pkg:generic/FluentValidation.AspNetCore@11.2.2 0Low21
FluentValidation.DependencyInjectionExtensions.dllpkg:generic/FluentValidation.DependencyInjectionExtensions@11.4.0 021
FluentValidation.dllpkg:generic/FluentValidation@11.4.0 015
FluentValidation:11.8.1pkg:nuget/FluentValidation@11.8.1 04
FormDataSwagger.js 00
FormSwagger.js 00
Hashids.net.dllpkg:generic/Hashids.net@1.6.1 020
HeadlessChromium.Puppeteer.Lambda.Dotnet:1.1.0.96cpe:2.3:a:chromium:chromium:1.1.0.96:*:*:*:*:*:*:*
cpe:2.3:a:chromium_project:chromium:1.1.0.96:*:*:*:*:*:*:*		pkg:nuget/HeadlessChromium.Puppeteer.Lambda.Dotnet@1.1.0.96HIGH4Low8
Humanizer.dllpkg:generic/Humanizer@2.8.26 015
KybReportDocumentSwagger.js 00
KybRiskSwagger.js 00
KycDetails.js 00
Lumigo.DotNET:1.0.51pkg:nuget/Lumigo.DotNET@1.0.51 06
MaskAadhaarHandler.csproj 02
MasterSwagger.js 00
MenuSwagger.js 00
MerchantFormSwagger.js 00
MerchantManagement.API.Tests.csproj 02
MerchantManagement.API.Tests.dllpkg:generic/MerchantManagement.API.Tests@1.0.0 016
MerchantManagement.API.csproj 02
MerchantManagement.API.dllpkg:generic/MerchantManagement.API@1.0.0 016
MerchantManagement.API.exe 02
MerchantManagement.Tests.csproj 02
MerchantManagement.Tests.dllpkg:generic/MerchantManagement.Tests@1.0.0 016
MerchantManagement.csproj 02
MerchantManagement.dllpkg:generic/MerchantManagement@1.0.0 016
MerchantRiskSwagger.js 00
MerchantSwagger.js 00
Microsoft.AspNetCore.Http:2.2.2cpe:2.3:a:asp-project:asp-project:2.2.2:*:*:*:*:*:*:*pkg:nuget/Microsoft.AspNetCore.Http@2.2.2MEDIUM1Low8
Microsoft.AspNetCore.JsonPatch.dllcpe:2.3:a:asp-project:asp-project:6.0.11:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_core:6.0.11:*:*:*:*:*:*:*		pkg:generic/Microsoft.AspNetCore.JsonPatch@6.0.11 0Low15
Microsoft.AspNetCore.Mvc.Versioning.dllcpe:2.3:a:asp-project:asp-project:5.0.7710.5690:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:.net_core:5.0.7710.5690:*:*:*:*:*:*:*		pkg:generic/Microsoft.AspNetCore.Mvc.Versioning@5.0.7710.5690 0Low19
Microsoft.AspNetCore.Mvc.Versioning:5.0.0cpe:2.3:a:asp-project:asp-project:5.0.0:*:*:*:*:*:*:*pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning@5.0.0 0Low8
Microsoft.DotNet.InternalAbstractions.dllpkg:generic/Microsoft.DotNet.InternalAbstractions@1.0.0 010
Microsoft.EntityFrameworkCore.Abstractions.dllpkg:generic/Microsoft.EntityFrameworkCore.Abstractions@6.0.11 016
Microsoft.EntityFrameworkCore.Design.dllpkg:generic/Microsoft.EntityFrameworkCore.Design@6.0.11 026
Microsoft.EntityFrameworkCore.Relational.dllpkg:generic/Microsoft.EntityFrameworkCore.Relational@6.0.11 024
Microsoft.EntityFrameworkCore.dllpkg:generic/Microsoft.EntityFrameworkCore@6.0.11 022
Microsoft.Extensions.Caching.Memory.dllpkg:generic/Microsoft.Extensions.Caching.Memory@6.0.2 015
Microsoft.Extensions.Configuration.Abstractions.dllpkg:generic/Microsoft.Extensions.Configuration.Abstractions@7.0.22.51805 015
Microsoft.Extensions.Configuration.Binder.dllpkg:generic/Microsoft.Extensions.Configuration.Binder@7.0.22.51805 015
Microsoft.Extensions.Configuration.EnvironmentVariables.dllpkg:generic/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.2 017
Microsoft.Extensions.Configuration.EnvironmentVariables:6.0.1pkg:nuget/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.1 08
Microsoft.Extensions.Configuration.Json:6.0.0pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0 08
Microsoft.Extensions.Configuration.Json:7.0.0pkg:nuget/Microsoft.Extensions.Configuration.Json@7.0.0 08
Microsoft.Extensions.Configuration.UserSecrets.dllcpe:2.3:a:user_project:user:6.0.2:*:*:*:*:*:*:*pkg:generic/Microsoft.Extensions.Configuration.UserSecrets@6.0.2 0Low17
Microsoft.Extensions.Configuration:7.0.0pkg:nuget/Microsoft.Extensions.Configuration@7.0.0 08
Microsoft.Extensions.DependencyInjection.Abstractions.dllpkg:generic/Microsoft.Extensions.DependencyInjection.Abstractions@7.0.22.51805 015
Microsoft.Extensions.DependencyInjection.dllpkg:generic/Microsoft.Extensions.DependencyInjection@7.0.22.51805 015
Microsoft.Extensions.DependencyInjection:7.0.0pkg:nuget/Microsoft.Extensions.DependencyInjection@7.0.0 08
Microsoft.Extensions.DependencyModel.dllpkg:generic/Microsoft.Extensions.DependencyModel@1.0.0 010
Microsoft.Extensions.Hosting.dllpkg:generic/Microsoft.Extensions.Hosting@6.0.2 015
Microsoft.Extensions.Hosting:6.0.1pkg:nuget/Microsoft.Extensions.Hosting@6.0.1 08
Microsoft.Extensions.Logging.Abstractions.dllpkg:generic/Microsoft.Extensions.Logging.Abstractions@7.0.22.51805 017
Microsoft.Extensions.Logging.Console:6.0.0pkg:nuget/Microsoft.Extensions.Logging.Console@6.0.0 08
Microsoft.Extensions.Logging.dllpkg:generic/Microsoft.Extensions.Logging@7.0.22.51805 015
Microsoft.Extensions.Logging:7.0.0pkg:nuget/Microsoft.Extensions.Logging@7.0.0 08
Microsoft.Extensions.Options.ConfigurationExtensions.dllpkg:generic/Microsoft.Extensions.Options.ConfigurationExtensions@7.0.22.51805 015
Microsoft.Extensions.Options.ConfigurationExtensions:7.0.0pkg:nuget/Microsoft.Extensions.Options.ConfigurationExtensions@7.0.0 08
Microsoft.Extensions.Options.dllpkg:generic/Microsoft.Extensions.Options@7.0.22.51805 015
Microsoft.Extensions.PlatformAbstractions.dllpkg:generic/Microsoft.Extensions.PlatformAbstractions@1.0.0 013
Microsoft.Extensions.Primitives.dllpkg:generic/Microsoft.Extensions.Primitives@7.0.22.51805 015
Microsoft.IdentityModel.JsonWebTokens.dllcpe:2.3:a:identitymodel_project:identitymodel:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:json_web_token_project:json_web_token:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:identity_model:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:identitymodel:6.25.1.31130:*:*:*:*:*:*:*		pkg:generic/Microsoft.IdentityModel.JsonWebTokens@6.25.1.31130MEDIUM1Low16
Microsoft.IdentityModel.Protocols.OpenIdConnect.dllcpe:2.3:a:identitymodel_project:identitymodel:6.10.0:20330:*:*:*:*:*:*
cpe:2.3:a:microsoft:identity_model:6.10.0:20330:*:*:*:*:*:*		pkg:generic/Microsoft.IdentityModel.Protocols.OpenIdConnect@6.10.0.20330MEDIUM1Low16
Microsoft.IdentityModel.Protocols.dllcpe:2.3:a:identitymodel_project:identitymodel:6.10.0:20330:*:*:*:*:*:*
cpe:2.3:a:microsoft:identity_model:6.10.0:20330:*:*:*:*:*:*
cpe:2.3:a:microsoft:identitymodel:6.10.0:20330:*:*:*:*:*:*		pkg:generic/Microsoft.IdentityModel.Protocols@6.10.0.20330MEDIUM1Low16
Microsoft.IdentityModel.Tokens.dllcpe:2.3:a:identitymodel_project:identitymodel:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:identity_model:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:identitymodel:6.25.1.31130:*:*:*:*:*:*:*		pkg:generic/Microsoft.IdentityModel.Tokens@6.25.1.31130MEDIUM1Low16
Microsoft.NET.Test.Sdk:16.11.0pkg:nuget/Microsoft.NET.Test.Sdk@16.11.0 08
Microsoft.TestPlatform.CrossPlatEngine.dllcpe:2.3:a:testplatform_project:testplatform:16.11.0:*:*:*:*:*:*:*pkg:generic/Microsoft.TestPlatform.CrossPlatEngine@16.11.0 0Low14
Microsoft.TestPlatform.CrossPlatEngine.resources.dllcpe:2.3:a:testplatform_project:testplatform:16.11.0:*:*:*:*:*:*:*pkg:generic/Microsoft.TestPlatform.CrossPlatEngine.resources@16.11.0 0Low13
Microsoft.VisualStudio.CodeCoverage.Shim.dllpkg:generic/Microsoft.VisualStudio.CodeCoverage.Shim@16.1000.21.27002 015
Microsoft.Win32.SystemEvents.dllpkg:generic/Microsoft.Win32.SystemEvents@6.0.21.52210 015
Newtonsoft.Json.Bson.dllcpe:2.3:a:newtonsoft:json.net:1.0.2:*:*:*:*:*:*:*pkg:generic/Newtonsoft.Json.Bson@1.0.2HIGH1Low15
Newtonsoft.Json.dllcpe:2.3:a:newtonsoft:json.net:13.0.2:*:*:*:*:*:*:*pkg:generic/Newtonsoft.Json@13.0.2 0Low15
Newtonsoft.Json.dllcpe:2.3:a:newtonsoft:json.net:9.0.1:*:*:*:*:*:*:*pkg:generic/Newtonsoft.Json@9.0.1HIGH1Low16
Newtonsoft.Json:13.0.3pkg:nuget/Newtonsoft.Json@13.0.3 07
Npgsql.EntityFrameworkCore.PostgreSQL.dllcpe:2.3:a:postgresql:postgresql:6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:www-sql_project:www-sql:6.0.7:*:*:*:*:*:*:*		pkg:generic/Npgsql.EntityFrameworkCore.PostgreSQL@6.0.7CRITICAL35Highest23
Npgsql.dllpkg:generic/Npgsql@6.0.7 015
NuGet.Frameworks.dllcpe:2.3:a:microsoft:nuget:5.0.0:*:*:*:*:*:*:*pkg:generic/NuGet.Frameworks@5.0.0MEDIUM1Low15
ReadWriteSwagger.js 00
RemainderMailHandler.csproj 02
RemainderMailHandler.dllpkg:generic/RemainderMailHandler@1.0.0 016
ReportDownloadHandler.csproj 02
ReportDownloadHandler.dllpkg:generic/ReportDownloadHandler@1.0.0 016
ReportSwagger.js 00
RulesEngine:5.0.3pkg:nuget/RulesEngine@5.0.3 04
Runnable2_eSign2.1_Single.jar (shaded: commons-codec:commons-codec:1.9)pkg:maven/commons-codec/commons-codec@1.9 076
Runnable2_eSign2.1_Single.jar (shaded: commons-io:commons-io:2.6)cpe:2.3:a:apache:commons_io:2.6:*:*:*:*:*:*:*pkg:maven/commons-io/commons-io@2.6MEDIUM2Highest92
Runnable2_eSign2.1_Single.jar (shaded: commons-logging:commons-logging:1.2)pkg:maven/commons-logging/commons-logging@1.2 094
Runnable2_eSign2.1_Single.jar (shaded: log4j:log4j:1.2.16)cpe:2.3:a:apache:log4j:1.2.16:*:*:*:*:*:*:*pkg:maven/log4j/log4j@1.2.16CRITICAL7Highest13
Runnable2_eSign2.1_Single.jar (shaded: org.apache.pdfbox:fontbox:2.0.8)pkg:maven/org.apache.pdfbox/fontbox@2.0.8MEDIUM111
Runnable2_eSign2.1_Single.jar (shaded: org.apache.pdfbox:pdfbox:2.0.8)cpe:2.3:a:apache:pdfbox:2.0.8:*:*:*:*:*:*:*pkg:maven/org.apache.pdfbox/pdfbox@2.0.8MEDIUM6Highest9
Runnable2_eSign2.1_Single.jarcpe:2.3:a:apache:log4j:2.1:*:*:*:*:*:*:*CRITICAL*6Low10
SixLabors.ImageSharp.dllcpe:2.3:a:sixlabors:imagesharp:3.0.1:*:*:*:*:*:*:*pkg:generic/SixLabors.ImageSharp@3.0.1MEDIUM2Low23
StatusEventHandler.csproj 02
StatusEventHandler.dllpkg:generic/StatusEventHandler@1.0.0 016
SwaggerController.js 00
Swashbuckle.AspNetCore.Examples.dllpkg:generic/Swashbuckle.AspNetCore.Examples@2.9.0 024
Swashbuckle.AspNetCore.Swagger.dllpkg:generic/Swashbuckle.AspNetCore.Swagger@2.4.0 022
Swashbuckle.AspNetCore.SwaggerGen.dllpkg:generic/Swashbuckle.AspNetCore.SwaggerGen@2.4.0 024
System.Drawing.Common.dllpkg:generic/System.Drawing.Common@6.0.21.52210 017
System.Drawing.Common:6.0.0pkg:nuget/System.Drawing.Common@6.0.0 08
System.IdentityModel.Tokens.Jwt.dllcpe:2.3:a:identitymodel_project:identitymodel:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:identity_model:6.25.1.31130:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:identitymodel:6.25.1.31130:*:*:*:*:*:*:*		pkg:generic/System.IdentityModel.Tokens.Jwt@6.25.1.31130MEDIUM1Low16
System.IdentityModel.Tokens.Jwt:6.25.1cpe:2.3:a:identitymodel_project:identitymodel:6.25.1:*:*:*:*:*:*:*pkg:nuget/System.IdentityModel.Tokens.Jwt@6.25.1MEDIUM1Low8
TermsAndConditionsSwagger.js 00
Tesseract.dllcpe:2.3:a:tesseract_project:tesseract:4.1.1:*:*:*:*:*:*:*pkg:generic/Tesseract@4.1.1 0Low16
US_export_policy.jar 04
US_export_policy.jar 04
VerificationSwagger.js 00
WebhookEventHandler.csproj 02
WebhookEventHandler.dllpkg:generic/WebhookEventHandler@1.0.0 016
WebhookSwagger.js 00
charsets.jar 09
cldrdata.jar 010
coverlet.collector:3.1.0pkg:nuget/coverlet.collector@3.1.0 06
deploy.jar 06
dnsns.jar 09
jaccess.jar 09
javaws.jar 06
jce.jar 019
jfr.jarcpe:2.3:a:oracle:jrockit:1.8.0.351:*:*:*:*:*:*:*HIGH16Low15
jfxrt.jar 05
jsse.jarcpe:2.3:a:oracle:platform_security_for_java:1.8.0.351:*:*:*:*:*:*:* 0High13
leptonica-1.80.0.dllcpe:2.3:a:leptonica:leptonica:1.80.0:*:*:*:*:*:*:* 0Low4
leptonica-1.80.0.dllcpe:2.3:a:leptonica:leptonica:1.80.0:*:*:*:*:*:*:* 0Low4
local_policy.jar 04
local_policy.jar 04
localedata.jar 08
management-agent.jar 02
nashorn.jar: base.js 00
nashorn.jar: bootstrap.js 00
nashorn.jar: controls.js 00
nashorn.jar: fxml.js 00
nashorn.jar: graphics.js 00
nashorn.jar: media.js 00
nashorn.jar: mozilla_compat.js 00
nashorn.jar: parser.js 00
nashorn.jar: swing.js 00
nashorn.jar: swt.js 00
nashorn.jar: web.js 00
nashorn.jar 011
package.json 00
package.json 00
pdfium.dll 02
pdfium.dll 02
plugin.jar 04
resources.jar 07
rt.jar 016
sunec.jarcpe:2.3:a:oracle:platform_security_for_java:1.8.0.271:*:*:*:*:*:*:* 0High18
sunjce_provider.jar 020
sunpkcs11.jarcpe:2.3:a:oracle:platform_security_for_java:1.8.0.361:*:*:*:*:*:*:* 0Low20
swagger.js 00
swaggerDefinition.js 00
tesseract41.dllcpe:2.3:a:tesseract_project:tesseract:41:*:*:*:*:*:*:* 0High4
tesseract41.dllcpe:2.3:a:tesseract_project:tesseract:41:*:*:*:*:*:*:* 0High4
testhost.dllpkg:generic/testhost@16.11.0 013
testhost.exe 02
xunit.abstractions.dllpkg:generic/xunit.abstractions@2.0.0.0 017
xunit.assert.dllpkg:generic/xunit.assert@2.4.1 017
xunit.core.dllpkg:generic/xunit.core@2.4.1 017
xunit.execution.dotnet.dllpkg:generic/xunit.execution.dotnet@2.4.1 017
xunit.runner.reporters.netcoreapp10.dllpkg:generic/xunit.runner.reporters.netcoreapp10@2.4.1 019
xunit.runner.utility.netcoreapp10.dllpkg:generic/xunit.runner.utility.netcoreapp10@2.4.1 017
xunit.runner.visualstudio.dotnetcore.testadapter.dllpkg:generic/xunit.runner.visualstudio.dotnetcore.testadapter@2.4.3 017
xunit.runner.visualstudio:2.4.3pkg:nuget/xunit.runner.visualstudio@2.4.3 08
xunit:2.4.1pkg:nuget/xunit@2.4.1 04
zipfs.jar 013

* indicates the dependency has a known exploited vulnerability

Dependencies (vulnerable)

AForge.Imaging.dll

Description:

AForge.Imaging

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AForge.Imaging.dll
MD5: 5392a22226e960d4ae7e408913c49d6c
SHA1: bd498279ef2e77e4b2c828d2f88f57e7941e562a
SHA256:107da9260b6d2796335b516f043b360250001feb0ae3b1c8422f90b5b9f6e282

Identifiers

AForge.Math.dll

Description:

AForge.Math

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AForge.Math.dll
MD5: c69973f674d9d113411d0fa2d1dbe222
SHA1: 144bfc8c0ee91956dd555940d77360f303db2a7b
SHA256:a4f24c9a46705c66ff7838c3a4c61759f5ba58ee8a5b061d05340c61d790c0b7

Identifiers

AForge.dll

Description:

AForge

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AForge.dll
MD5: 02c63f568e598aad85dd401d7b26e82a
SHA1: 2da9ec7612835e1f69d4a93aa2d49ec9bdff7f7c
SHA256:966a474060a8aca70c73ba09d0b6fe2353035961c7107b9003ef879c010ff8da

Identifiers

AWSSDK.Core.dll

Description:

AWSSDK.Core

The Amazon Web Services SDK for .NET (.NET Core 3.1) - Core Runtime

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.Core.dll
MD5: 00dc2967ad312264a7ff65eea14ae002
SHA1: f6908d716edcfb495fd503cfae1d72e65c64b552
SHA256:13f67e426986422b65a54e5b425425c049297f0b760723f2a61d0c502fc2a151

Identifiers

AWSSDK.Core:3.7.102

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj

Identifiers

AWSSDK.DynamoDBv2.dll

Description:

AWSSDK.DynamoDBv2

The Amazon Web Services SDK for .NET (.NET Core 3.1) - Amazon DynamoDB. Amazon DynamoDB is a fast and flexible NoSQL database service for all applications that need consistent, single-digit millisecond latency at any scale.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.DynamoDBv2.dll
MD5: 29997e9a4be2194e46832625e9e209b5
SHA1: a647a5ef869fa711097c48fb3c7cec1f87b4f09a
SHA256:2c3a44e1231991592c24109919581c2a6b9913d87eec2ad2efca2c6683c18cf4

Identifiers

AWSSDK.DynamoDBv2:3.7.101

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

AWSSDK.ElasticFileSystem.dll

Description:

AWSSDK.ElasticFileSystem

The Amazon Web Services SDK for .NET (.NET Core 3.1) - Amazon Elastic File System. Amazon Elastic File System (Amazon EFS) is a file storage service for Amazon Elastic Compute Cloud (Amazon EC2) instances.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.ElasticFileSystem.dll
MD5: e358d8b4ade111c5758f1a893267aa58
SHA1: d786d5c6284efec7334514fb4ffd5e468a1ec2d6
SHA256:14f9b76a7bf706e97abfbb6be77bae77952087d2ec6761d10928324109a19e28

Identifiers

AWSSDK.Extensions.NETCore.Setup.dll

Description:

AWSSDK.Extensions.NETCore.Setup

Amazon Web Services SDK for .NET extensions for .NET Core setup

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.Extensions.NETCore.Setup.dll
MD5: 16c4d2168143c1802bd5f0e22a6a6e77
SHA1: 4f2dd534473e60396793e3daf8e7d2c78c9749a7
SHA256:de842a88c3aef72b4b5c916dee93f367226d5587d8ea929ccfb083919395ba6b

Identifiers

AWSSDK.Extensions.NETCore.Setup:3.7.2

File Path: D:\Onboarding\MerchantManagement\src\ReportDownloadHandler\ReportDownloadHandler.csproj

Identifiers

AWSSDK.Lambda.dll

Description:

AWSSDK.Lambda

The Amazon Web Services SDK for .NET (.NET Core 3.1) - AWS Lambda. AWS Lambda is a compute service that runs your code in response to events and automatically manages the compute resources for you, making it easy to build applications that respond quickly to new information.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.Lambda.dll
MD5: 50936d0abb4041e73ab198a41a2effe9
SHA1: 96c6ff3f15266733a97843e90a935924edac0ab9
SHA256:fd646f6095085cc23761132df132a3ecfb4e4cddf9e485da4774f35a752eb60c

Identifiers

AWSSDK.Lambda:3.7.102

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

AWSSDK.RDS:3.7.410.21

File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj

Identifiers

AWSSDK.S3.dll

Description:

AWSSDK.S3

The Amazon Web Services SDK for .NET (.NET Core 3.1) - Amazon Simple Storage Service. Amazon Simple Storage Service (Amazon S3), provides developers and IT teams with secure, durable, highly-scalable object storage.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.S3.dll
MD5: 5a9a2f1894b19ad4053bb1f1c9944346
SHA1: f545262f2195b39c4eaf573835e20415917d6109
SHA256:ec14bb3bc57636812f2271a42d0ac43907e21e3ff462ed84c3b9f693652587e8

Identifiers

AWSSDK.SimpleNotificationService.dll

Description:

AWSSDK.SimpleNotificationService

The Amazon Web Services SDK for .NET (.NET Core 3.1) - Amazon Simple Notification Service. Amazon Simple Notification Service (Amazon SNS) is a fast, flexible, fully managed push messaging service. Amazon SNS makes it simple and cost-effective to push notifications to Apple, Google, Fire OS, and Windows devices, as well as Android devices in China with Baidu Cloud Push.  You can also use SNS to push notifications to internet connected smart devices, as well as other distributed services.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.SimpleNotificationService.dll
MD5: 36224fbf51e7f3e36c83102e42228bff
SHA1: 256abac1a7fd68fea2672b78b5f3c35612183610
SHA256:afdb16eb3575d50f2e0dc6fa059044a64606faeb8bc4d0b354f83d4407965447

Identifiers

AWSSDK.SimpleSystemsManagement.dll

Description:

AWSSDK.SimpleSystemsManagement

The Amazon Web Services SDK for .NET (.NET Core 3.1) - Amazon Simple Systems Manager (SSM). Amazon EC2 Simple Systems Manager (SSM) enables you to manage a number of administrative and configuration tasks on your instances.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AWSSDK.SimpleSystemsManagement.dll
MD5: b5b9ccdfc12e633a6218812d1c08b9a9
SHA1: 30ebe8eda97bab97939d5bbbca0e9ce93e1d5200
SHA256:7f0bcb1a29ef15e0f51f2f9e23f2522d3cb300f2f6043c377de5db56c2244676

Identifiers

Amazon.Lambda.APIGatewayEvents.dll

Description:

Amazon.Lambda.APIGatewayEvents

Lambda event interfaces for API Gateway event source.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Amazon.Lambda.APIGatewayEvents.dll
MD5: f8d722d4fed53b617ca27ede8b0fd007
SHA1: ffbad6f0caadfb7b523b15c4ee0a387f3838d1e7
SHA256:4c2b8a366f500679241b8b7621a51db521ab235a34dd3daaea6be1fb5beb6a01

Identifiers

Amazon.Lambda.APIGatewayEvents:2.5.0

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

Amazon.Lambda.ApplicationLoadBalancerEvents.dll

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Amazon.Lambda.ApplicationLoadBalancerEvents.dll
MD5: ae75d9f69d0372ed9f5670b7dda6d289
SHA1: 577796cab594dc7e43ce3f7a0c3002d9017cf789
SHA256:92d056aee57a68fb73e5d4844d6b8a31b5b357a348ec8410530efe0f8925621f

Identifiers

Amazon.Lambda.AspNetCoreServer.dll

Description:

Amazon.Lambda.AspNetCoreServer

Amazon.Lambda.AspNetCoreServer makes it easy to run ASP.NET Core Web API applications as AWS Lambda functions.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Amazon.Lambda.AspNetCoreServer.dll
MD5: b6e9fbf73d48d201535da0ef8ecf35c2
SHA1: 4e0e057749837317e3d8b1eada133652341e80d5
SHA256:8794296e91da57a7b7387722a6ecea43a77e4cde06fe153b490a3af63af225fa

Identifiers

Amazon.Lambda.AspNetCoreServer:7.3.0

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj

Identifiers

Amazon.Lambda.Core.dll

Description:

Amazon.Lambda.Core

Core interfaces for Lambda.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Amazon.Lambda.Core.dll
MD5: e3ff649709a36002a8caeba1c2b6a63c
SHA1: 8a0d532bd5dd292dd8b5572c81a0af48a30cd5ce
SHA256:d3fd1d761d03288299dfb5bc5fbb9650c360e815176828704ed683d056ffa249

Identifiers

Amazon.Lambda.Core:2.1.0

File Path: D:\Onboarding\MerchantManagement\src\StatusEventHandler\StatusEventHandler.csproj

Identifiers

Amazon.Lambda.Logging.AspNetCore.dll

Description:

Amazon.Lambda.Logging.AspNetCore

ASP.NET Core logging support for Lambda.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Amazon.Lambda.Logging.AspNetCore.dll
MD5: 9482935b3e88a8679c51b76bad324279
SHA1: 680ec56a97395d0c0f61bd550e0d2df20621e7c6
SHA256:770e5dfc23757a239061d5748dd0a2af820160cb84d793766cc2cabb6f4eeaf4

Identifiers

Amazon.Lambda.SNSEvents:2.0.0

File Path: D:\Onboarding\MerchantManagement\src\StatusEventHandler\StatusEventHandler.csproj

Identifiers

Amazon.Lambda.Serialization.Json:2.1.0

File Path: D:\Onboarding\MerchantManagement\src\StatusEventHandler\StatusEventHandler.csproj

Identifiers

Amazon.Lambda.Serialization.SystemTextJson.dll

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Amazon.Lambda.Serialization.SystemTextJson.dll
MD5: c1cd7fd3b07a4af7815bfe8015a2284e
SHA1: e2f3299ec806001aa2e171aa0d957e2a7d287903
SHA256:a0a68396c58029c206feeedc15f088307eba9b36185eee9707c127be84988a68

Identifiers

Amazon.Lambda.Serialization.SystemTextJson:2.3.0

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

Apitron.PDF.Rasterizer.dll

Description:

Apitron.PDF.Rasterizer

Render and save PDF pages into images of various formats

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Apitron.PDF.Rasterizer.dll
MD5: b8c1384361581e764f7bd600f61b3feb
SHA1: 08cea2861dab9f13518817b82a4ea0101289707b
SHA256:37f493427a1363581c3dadca97ea5ce43ac1969446b7b783465e41af12250257

Identifiers

Apitron.PDF.Rasterizer:3.0.170

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

AspectInjector:2.6.0

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj

Identifiers

AuditLogHandler.csproj

File Path: D:\Onboarding\MerchantManagement\src\AuditLogHandler\AuditLogHandler.csproj
MD5: c2f6cc7c43adcf7582f77408078c39ef
SHA1: ea875fee6ab10af16d4ede0e3574c70a0017e004
SHA256:27dbb084a19cb12ca53ba4ab78d0936b234b58b2ca844ead672c1118739de191

Identifiers

  • None

AuditLogHandler.dll

Description:

AuditLogHandler

File Path: D:\Onboarding\MerchantManagement\src\AuditLogHandler\bin\Debug\net6.0\AuditLogHandler.dll
MD5: 4201b311eae4e62257adbcd4d0a8fbd8
SHA1: 944a8d53beaf4314b896ee9c8b04ff1ed96e7264
SHA256:a8b98eb971d5f87bc0dc3813fc239f08f7330fb60d0992dd2742915aa98efa4f

Identifiers

AuditLogSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\AuditLogSwagger.js
MD5: 063fa0c8fde3db026a0aefc498c00ccf
SHA1: 6591dfac7441e6873717f8d5f6f2c99cff195aa1
SHA256:5f6f6f6286243ff7ecded0972396ab7dc768124f1cdf001192c989fab250261f

Identifiers

  • None

AutoMapper.Extensions.Microsoft.DependencyInjection.dll

Description:

AutoMapper.Extensions.Microsoft.DependencyInjection

AutoMapper extensions for ASP.NET Core

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AutoMapper.Extensions.Microsoft.DependencyInjection.dll
MD5: 40eb6d80e26942da883a8ef16d87a173
SHA1: d037ce1ffb0ca9ada212215ad6ae4af6d68fc199
SHA256:120c4d32a9120eebd6d2a7c9e75070cf31cdc85833eba050b031cad579e16547

Identifiers

AutoMapper.dll

Description:

AutoMapper

A convention-based object-object mapper.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AutoMapper.dll
MD5: 0a62f2c108330913cadaa41819f8920f
SHA1: bbb059b1604d7c07ed21c054846fed3f5395ef74
SHA256:2d35a628d53d8ba7c11d55be303d18e2c685f57cfbb2e9d75d8ebd90c9475cdb

Identifiers

AwsParameterStore.Microsoft.Extensions.Configuration.dll

Description:

AwsParameterStore.Microsoft.Extensions.Configuration

AWS Systems Manager Parameter Store configuration provider implementation for Microsoft.Extensions.Configuration.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\AwsParameterStore.Microsoft.Extensions.Configuration.dll
MD5: 6cff4cd5f4718297b37aa5e5bdc12d3b
SHA1: c45342ce39b8ea74491f13ab6382a1b479a7ad60
SHA256:903a0610bba31e40d1031e08d2a51354754f06c542678e587fbedab222def010

Identifiers

BatchUploadSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\BatchUploadSwagger.js
MD5: 0ba802c5e9a2c3a18dfbd4e96f3fb4c3
SHA1: cc7877f37a32c01adc028a31591b0f7b332d5ffe
SHA256:370205041a1fd62f2ec14a29c6337d8bdad41afa37ff15c6dd1ff61e218b0116

Identifiers

  • None

CommentSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\CommentSwagger.js
MD5: ddd138dcbfc44a91b374e56c5c66dbfa
SHA1: 412f68a3a8e05a96acece5a7dc16e952a5c74467
SHA256:fae9fa9c4615e702bd51a67dbf21e29da5541acf464fdb53d669341ae3f6149c

Identifiers

  • None

CrawlerSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\CrawlerSwagger.js
MD5: 37e6b9d585086a26c4de326ae7366642
SHA1: 415409c0c7237557dd88d474dcfe6deb0ad6dde7
SHA256:32bd15b2abaf66bfc6b47d238444af8095cb846160288e81a8d15acdb49fd145

Identifiers

  • None

Docnet.Core.dll

Description:

Docnet.Core

DocNET is a fast PDF editing and reading library for modern .NET applications.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Docnet.Core.dll
MD5: db4497e39a2dc9dafcbdca0ba7a991b7
SHA1: 07e764bfb2fdfc8d9c3dc7e20a4abe4a39ce97e6
SHA256:220bd97b553816dab1e6e662410d357aaf0f9758f2554300196371ea1564ae45

Identifiers

Docnet.Core:2.4.0-alpha.6

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

DocumentTypeSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\DocumentTypeSwagger.js
MD5: 0b6f5e6873cdcff5ef99648073a72598
SHA1: b032b37029526d94f0c4a125d1c1adc24848831a
SHA256:95ff71a8f88d4841e1bc3eaf305976bfa20e76438b94f95ffb00c3198e22aa70

Identifiers

  • None

DynamicFlowSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\DynamicFlowSwagger.js
MD5: 5e0124528e9f3f05387a16295725ef0e
SHA1: d02f8398fd48c56e39a918af48923768ec942973
SHA256:109119ca97df0b5d3aaab4a6d26468772f9961236081edb55fb2398f4b16ae6d

Identifiers

  • None

ESignSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\ESignSwagger.js
MD5: 6b99e5f9f5176dd20da30b0b36aad9fb
SHA1: dfa2ebe6b0c73e706430413efd91ffbbfdbc5154
SHA256:ac725eddd3e9271debfd10942234a61dc68bd1c9fb2f7094673d26d9f49b9757

Identifiers

  • None

EncryptAccountNumberHandler.csproj

File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj
MD5: 6db9ded26504e62cc145c1f17e235918
SHA1: a09f223786334d04e2197025b286d00849d34edf
SHA256:b62a6e422c643176685eabb715b07206c5ac845c5983b4f17043844a537415ea

Identifiers

  • None

EntityEncryptionKeySwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\EntityEncryptionKeySwagger.js
MD5: c31ae3a93ce71cfb99cc3ffa2b6b46d5
SHA1: c3b645b0837eb22819a4dbdaceea189b7b8981b0
SHA256:d3b1c510bb19862997cb25bd67b18c5dbedc6e077888b8d01abbe5b7bceeb80f

Identifiers

  • None

FeatureSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\FeatureSwagger.js
MD5: 18d2ff4e4b1f71c897895ce5d90bc9bc
SHA1: 52c8bf27fa489cb0265060142cd9958b54cbce5e
SHA256:40cfc7db2dfba44abea27ad39eac70df90d3bf66add86d119fbcdaf21d4abe1c

Identifiers

  • None

FluentValidation.AspNetCore.dll

Description:

FluentValidation.AspNetCore

AspNetCore integration for FluentValidation

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\FluentValidation.AspNetCore.dll
MD5: 96d46b48b71daf9b244c9befb9c7c9d6
SHA1: ab4017564c320bd6c3857c5b02ce40451b98f3fa
SHA256:622cc69a0552ecd0b7a5803d214a97ea08239d223876d1cebdb6299e9593ba37

Identifiers

FluentValidation.DependencyInjectionExtensions.dll

Description:

FluentValidation.DependencyInjectionExtensions

Dependency injection extensions for FluentValidation

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\FluentValidation.DependencyInjectionExtensions.dll
MD5: 18d114b8af98663d7f0a68af2d0e32ff
SHA1: 78b5b600ff1807b03dea83b69996b785d112fbe6
SHA256:05171796692031bfdb1e0b0e3b206fad95d4eede2f9b5f2371ca826ed813b3f9

Identifiers

FluentValidation.dll

Description:

FluentValidation

A validation library for .NET that uses a fluent interface to construct strongly-typed validation rules.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\FluentValidation.dll
MD5: 262044fd88a7410be4496a910b3312b2
SHA1: 90a6ac423f1d7c4d1bbf7ffd8de0f4dec3bb54df
SHA256:2715554650a612d7cfacaa7ca72a74632be6e11025f23aeff53f4549e7ce6c46

Identifiers

FluentValidation:11.8.1

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

Identifiers

FormDataSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\FormDataSwagger.js
MD5: 456245c6ffcfdf8fd22f7e8e5bc18997
SHA1: 7b177c1ac437e0ec293e47043d3707cc35a9a6bd
SHA256:54a6afad050e6acaa60463fcda00f6fafb3ee91d422b151f8dbbd4dd4e320e8e

Identifiers

  • None

FormSwagger.js

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\FormSwagger.js
MD5: 9979cd823a7ff58c4fdf1ccf9506a3f3
SHA1: ad321939e57ded66ab9086df2ae0b87634e8b0d2
SHA256:13c99896e7dfedde67b5e2e10c54243eba1be6de4774186b2ecef0096d4184be

Identifiers

  • None

Hashids.net.dll

Description:

Hashids.net

Generate YouTube-like hashes from one or many numbers. Use hashids when you do not want to expose your database ids to the user.

File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Hashids.net.dll
MD5: 5d1689f2e4d893290b8a90b464e95bea
SHA1: d4bcf419c9ba3256243f904d489be5c4fb1bdc72
SHA256:ac19cd5e5239dd7c1b21fefad505b965eac63a105306ce2a43a98f8df2d742c4

Identifiers

HeadlessChromium.Puppeteer.Lambda.Dotnet:1.1.0.96

File Path: D:\Onboarding\MerchantManagement\src\ReportDownloadHandler\ReportDownloadHandler.csproj

Identifiers

CVE-2011-1797  

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

CVSSv2:
  • Base Score: HIGH (9.3)
  • Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C

References:

    Vulnerable Software & Versions: (show all)

    CVE-2017-7000  

    An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site.
    CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

    CVSSv3:
    • Base Score: HIGH (8.8)
    • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
    CVSSv2:
    • Base Score: MEDIUM (6.8)
    • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

    References:

    Vulnerable Software & Versions:

    CVE-2015-1205  

    Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.91 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
    NVD-CWE-noinfo

    CVSSv2:
    • Base Score: HIGH (7.5)
    • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

    References:

      Vulnerable Software & Versions: (show all)

      CVE-2015-1346  

      Multiple unspecified vulnerabilities in Google V8 before 3.30.33.15, as used in Google Chrome before 40.0.2214.91, allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
      NVD-CWE-noinfo

      CVSSv2:
      • Base Score: HIGH (7.5)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      Humanizer.dll

      Description:

      Humanizer

A micro-framework that turns your normal strings, type names, enum fields, date fields ETC into a human friendly format

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Humanizer.dll
      MD5: b23ec3bf471a12c288f2a46b428bd013
      SHA1: 766c5bf33247f5d399f410873f4640c35fbc885e
      SHA256:15e988ab3e8d84900ae90549eb399aac452d55edf0109e06fa1a9b227ddfd4c4

      Identifiers

      KybReportDocumentSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\KybReportDocumentSwagger.js
      MD5: e1f305c3f59692b8c7a297cf97318b78
      SHA1: 1c63940faa0da33f8d1b8517650b8b84c6fef989
      SHA256:383b6e0029a732be0a1dafa9c66495572a7bb6523a9bdf7d07a58bdbd3a25dd0

      Identifiers

      • None

      KybRiskSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\KybRiskSwagger.js
      MD5: b5df0d9b8a45bd27ff64e1bc299d9b53
      SHA1: 904a2fc5ce3045608eef77ac87f1c9b3ca86a589
      SHA256:3a13684fb623b2aa0fbadb4c44291ee8c43a089c0d9bda9edd70c135b075f95f

      Identifiers

      • None

      KycDetails.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\KycDetails.js
      MD5: 135b1bd087541b878c732c2eac1c4af2
      SHA1: 9630fa8958fcbcc919a521c35fc058307a4b76a0
      SHA256:90fc2db17906346a3bc28689256eb956d7b0a3d729f13532b44f2d7675743e2e

      Identifiers

      • None

      Lumigo.DotNET:1.0.51

      File Path: D:\Onboarding\MerchantManagement\src\MaskAadhaarHandler\MaskAadhaarHandler.csproj

      Identifiers

      MaskAadhaarHandler.csproj

      File Path: D:\Onboarding\MerchantManagement\src\MaskAadhaarHandler\MaskAadhaarHandler.csproj
      MD5: d9d2aa286978072835f4fe2711370094
      SHA1: 0fa20fb08396cf1f7e422a2b87fc88abd04e8e63
      SHA256:732943662e16de6cdb249c592e43056e04f39279721f70cfebbf0557384b9938

      Identifiers

      • None

      MasterSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\MasterSwagger.js
      MD5: 1f63daeaed5ef4a02f4bed0e9cdc5ce1
      SHA1: 0376b04f45fc78ab76328aed620abab3ea4df783
      SHA256:ed32316f2779fb78d15ecd7ba6b0dc9f9429c97e09837eaea132ece03edd1b20

      Identifiers

      • None

      MenuSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\MenuSwagger.js
      MD5: 423b532f63e820019889cce77c43d07b
      SHA1: 8fe7ad36ad494269d7083a2ad47de207272690fa
      SHA256:5a76971b6e4286ea79f574de3a1f07dbfef9a6cecdb999c70425e31d03e425bb

      Identifiers

      • None

      MerchantFormSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\MerchantFormSwagger.js
      MD5: 8cc806bb2e9aecee282c43161f3092a1
      SHA1: aeee9f51610c77d7c7ea295250ebba975abb4f18
      SHA256:2e203f8316cc12ebd87605169ebda27a0c5af5c42fbeb8d69d19345e364d0101

      Identifiers

      • None

      MerchantManagement.API.Tests.csproj

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\MerchantManagement.API.Tests.csproj
      MD5: 0128b18af34d9b65eeb74921152b35ac
      SHA1: e99f70319a3a68d2e747f1ad946e80e83b66c8dc
      SHA256:43c090d01b805e726d69b9e1f8ddaa6f62272ce69424fa1eb4be730631ccb061

      Identifiers

      • None

      MerchantManagement.API.Tests.dll

      Description:

      MerchantManagement.API.Tests

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\MerchantManagement.API.Tests.dll
      MD5: a30e415fa9bd03dab0b9b7804943acc7
      SHA1: 21fb7840c88f4cd27a2426b4f76bd82342480f4a
      SHA256:7e570c724eb5643b70d36e7f99650d0cdaccdc1fbaf2d1eb8290979fbfcc84e3

      Identifiers

      MerchantManagement.API.csproj

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj
      MD5: d33cad2e5b370c655a416a82c5814782
      SHA1: 538375e0f2a4360dd7c32c648208f5eb18128800
      SHA256:ec8353cf104bfa9bb173e96c484be607d2cd965de3692fbe388d1ccfddd7227d

      Identifiers

      • None

      MerchantManagement.API.dll

      Description:

      MerchantManagement.API

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\MerchantManagement.API.dll
      MD5: d130c0eb9dfe9f6cf1f3e972281aba90
      SHA1: 9b930cf264ada6221bdcbc13873529bf296e675e
      SHA256:1f9338ce2d27678996fdbc5c6050cc4dccfb75a912153f798ceefc24d462eb85

      Identifiers

      MerchantManagement.API.exe

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\MerchantManagement.API.exe
      MD5: daa7db51a5413cb5a35f8780759b7afb
      SHA1: 5393f131f0321dec4a516d634b802f7922f2cb89
      SHA256:5100cc5e0954b7163a8f83c66837a28f5515c6ebb87077a7803f43865b5b54cf

      Identifiers

      • None

      MerchantManagement.Tests.csproj

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.Tests\MerchantManagement.Tests.csproj
      MD5: acec50919e37a44f9060d8417b80f85f
      SHA1: d32f75466caf1efb63d6578227cae804a528e54b
      SHA256:a34749c1b2ca0d04074eecb6be5c28576474db39101a47f9bb77dbe1d7fc74e3

      Identifiers

      • None

      MerchantManagement.Tests.dll

      Description:

      MerchantManagement.Tests

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.Tests\bin\Debug\net6.0\MerchantManagement.Tests.dll
      MD5: 82b7042e376c78e3bb7e61625303662f
      SHA1: c14185b92a776f3df190182c60a42a015e904ad2
      SHA256:5e432fc7e58c1c97e765bd0db25961ecdb56662347cc058f890a10f74e058159

      Identifiers

      MerchantManagement.csproj

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj
      MD5: 73ec0897f2b988e29c0a03e9086677f7
      SHA1: 9181fe01cd45fd6b104d49e4a173f08c2567584b
      SHA256:9284df64f6a149d7687a28a37380fda3f5795210e5463dd9f12b388a10dedfb7

      Identifiers

      • None

      MerchantManagement.dll

      Description:

      MerchantManagement

      File Path: D:\Onboarding\MerchantManagement\src\AuditLogHandler\bin\Debug\net6.0\MerchantManagement.dll
      MD5: 36fcdc8f3f2bbb671015436f9f119aa5
      SHA1: 105b771dbd07d91f59c358213b01f443d082f625
      SHA256:16d26c9125ea86def3b488bcd2a7d2b57775cd93d9b7689387fb73eab78c6fea

      Identifiers

      MerchantRiskSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\MerchantRiskSwagger.js
      MD5: 2e32c6895336adbcf2cf727a13f02b88
      SHA1: d8ce9615c697e42ee20283de2e52d2f726bd0c88
      SHA256:057997e57438f07f477223c434b1a5721dddab82f6e071b22f897a4c12a7193e

      Identifiers

      • None

      MerchantSwagger.js

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\MerchantSwagger.js
      MD5: 8eaf4ebbee12920da451a252ead3283e
      SHA1: 8b785125ccc1014a3956954cdcabe64d6c67ab9d
      SHA256:9879b55e5e94680e44b73fc5ace0445a9ffd82df03670d60d57c513b958e71e8

      Identifiers

      • None

      Microsoft.AspNetCore.Http:2.2.2

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

      Identifiers

      CVE-2020-1045 (OSSINDEX)  

      <p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p>
<p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with the name being percent encoded.</p>
<p>The security update addresses the vulnerability by fixing the way the ASP.NET Core cookie parser handles encoded names.</p>


Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2020-1045 for details
      CWE-noinfo

      CVSSv2:
      • Base Score: MEDIUM (5.0)
      • Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

      References:

      Vulnerable Software & Versions (OSSINDEX):

      • cpe:2.3:a:*:Microsoft.AspNetCore.Http:2.2.2:*:*:*:*:*:*:*

      Microsoft.AspNetCore.JsonPatch.dll

      Description:

      Microsoft.AspNetCore.JsonPatch

ASP.NET Core support for JSON PATCH.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.AspNetCore.JsonPatch.dll
      MD5: 73a35e9f29f35b38a6752073eeae3315
      SHA1: d0a539a0e36cc7cf47875eb93d2d8b23c194b193
      SHA256:d75f74d9a540b2b947b3604ec6faa611313dc2e127bedb58607f8feef2d4d525

      Identifiers

      Microsoft.AspNetCore.Mvc.Versioning.dll

      Description:

      Microsoft ASP.NET Core API Versioning

A service API versioning library for Microsoft ASP.NET Core.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.AspNetCore.Mvc.Versioning.dll
      MD5: 0e90a8bbe8b215e93239c9ed8e32758e
      SHA1: 5ce23dfc4666461757fc6bc05fe5c1c59701f3db
      SHA256:81e1ef6edfd0b2058054817ec92a1234856ccb65c639b428a25c21cab0124153

      Identifiers

      Microsoft.AspNetCore.Mvc.Versioning:5.0.0

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj

      Identifiers

      Microsoft.DotNet.InternalAbstractions.dll

      Description:

      Abstractions for making code that uses file system and environment testable.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.DotNet.InternalAbstractions.dll
      MD5: eafc60cf6f13766c9ab96f5b23457252
      SHA1: 8f8d4c9a0b1f700bc2ad8134b3200ce0683e95b9
      SHA256:afd22ba2a118645e049e27d65164c97125e416934d1cbd16fa0f231d0fe68f5b

      Identifiers

      Microsoft.EntityFrameworkCore.Abstractions.dll

      Description:

      Microsoft.EntityFrameworkCore.Abstractions

Provides abstractions and attributes that are used to configure Entity Framework Core

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.EntityFrameworkCore.Abstractions.dll
      MD5: 86b1d7511868631ac5a699abfad28641
      SHA1: b7705d526a2d2297231b463509727590fcef3dd8
      SHA256:5fa213113051002988514ca4a25df91d4a8166d7b8ae6b49de419895d7acc1e1

      Identifiers

      Microsoft.EntityFrameworkCore.Design.dll

      Description:

      Microsoft.EntityFrameworkCore.Design

Shared design-time components for Entity Framework Core tools.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.EntityFrameworkCore.Design.dll
      MD5: 51a38607025ad2914325af5a10300b82
      SHA1: 777820dffc3fe6cbc517986c2ab85657ee90f8ab
      SHA256:da325c2ad641b9b4c7d1dca0bb8653edd7d40e5bf48892578aae372ecf140f94

      Identifiers

      Microsoft.EntityFrameworkCore.Relational.dll

      Description:

      Microsoft.EntityFrameworkCore.Relational

Shared Entity Framework Core components for relational database providers.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.EntityFrameworkCore.Relational.dll
      MD5: 7fc88f8521204fb8dd3d88fccfc95019
      SHA1: 0355e8588fe03caf93c7b8c62e2d00f1c6466b6c
      SHA256:9fdf3e18c8652204ad369c4fd3ebf6daa789c2f3c2cdac6583030007c32a95d2

      Identifiers

      Microsoft.EntityFrameworkCore.dll

      Description:

      Microsoft.EntityFrameworkCore

Entity Framework Core is a modern object-database mapper for .NET. It supports LINQ queries, change tracking, updates, and schema migrations. EF Core works with SQL Server, Azure SQL Database, SQLite, Azure Cosmos DB, MySQL, PostgreSQL, and other databases through a provider plugin API.

Commonly Used Types:
Microsoft.EntityFrameworkCore.DbContext
Microsoft.EntityFrameworkCore.DbSet

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.EntityFrameworkCore.dll
      MD5: 73146811272dc2b5353b3cb9b3e26caa
      SHA1: 42708abdcb5d9b477ecebfc4be5f29776b860c5b
      SHA256:da96237f5b353adb2fe4162101668df82453e96d0d82ffecf61bc24c19b18738

      Identifiers

      Microsoft.Extensions.Caching.Memory.dll

      Description:

      Microsoft.Extensions.Caching.Memory

In-memory cache implementation of Microsoft.Extensions.Caching.Memory.IMemoryCache.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Caching.Memory.dll
      MD5: 4b05e228ce48e5aa53361feb8d30398a
      SHA1: d71b874fee66d6f8bf003b97869050f466c28db7
      SHA256:68e25eb71dab3eea401ac5e0d8d0912f9a7eff17733325126e69f6e2dc567d0c

      Identifiers

      Microsoft.Extensions.Configuration.Abstractions.dll

      Description:

      Microsoft.Extensions.Configuration.Abstractions

Abstractions of key-value pair based configuration.

Commonly Used Types:
Microsoft.Extensions.Configuration.IConfiguration
Microsoft.Extensions.Configuration.IConfigurationBuilder
Microsoft.Extensions.Configuration.IConfigurationProvider
Microsoft.Extensions.Configuration.IConfigurationRoot
Microsoft.Extensions.Configuration.IConfigurationSection

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Configuration.Abstractions.dll
      MD5: 5edcf3dccef856711d35e0afdbdf6d0c
      SHA1: fefe0a4870d36814a45f8e9c63530f1963cd6c0c
      SHA256:893f042b8bea61e3e56091ee6167af61bc38a39d35cb1d0f9b222aae4493146a

      Identifiers

      Microsoft.Extensions.Configuration.Binder.dll

      Description:

      Microsoft.Extensions.Configuration.Binder

Functionality to bind an object to data in configuration providers for Microsoft.Extensions.Configuration.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Configuration.Binder.dll
      MD5: db18ebb0ad92f4d11f37dced9e4157f1
      SHA1: 16236c199d1d88cd3048c723d13d821acef918f5
      SHA256:59d14c4b98f6ed5b44512667ebaa71afe60f950483b5815d8c7604086445b03a

      Identifiers

      Microsoft.Extensions.Configuration.EnvironmentVariables.dll

      Description:

      Microsoft.Extensions.Configuration.EnvironmentVariables

Environment variables configuration provider implementation for Microsoft.Extensions.Configuration.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Configuration.EnvironmentVariables.dll
      MD5: 08f52a0ff6e9a3602259930674f95c5e
      SHA1: 4fd2e59545e6c845f8f9de6ce8fc4540acf1aa25
      SHA256:94fb00fe869f78b572e8564d2700b143f392a5ab7c110e8c81981d5edbf632f7

      Identifiers

      Microsoft.Extensions.Configuration.EnvironmentVariables:6.0.1

      File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj

      Identifiers

      Microsoft.Extensions.Configuration.Json:6.0.0

      File Path: D:\Onboarding\MerchantManagement\src\ReportDownloadHandler\ReportDownloadHandler.csproj

      Identifiers

      Microsoft.Extensions.Configuration.Json:7.0.0

      File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj

      Identifiers

      Microsoft.Extensions.Configuration.UserSecrets.dll

      Description:

      Microsoft.Extensions.Configuration.UserSecrets

User secrets configuration provider implementation for Microsoft.Extensions.Configuration.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Configuration.UserSecrets.dll
      MD5: f9255c8f30ac81d4693d1ddce2f59a07
      SHA1: b1be780e5f10dadd9bb1965739722e15a67a7171
      SHA256:cdb02893f9a9e822f8646836ec9e25c3c538a56872225f98a6b495103938eba8

      Identifiers

      Microsoft.Extensions.Configuration:7.0.0

      File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj

      Identifiers

      Microsoft.Extensions.DependencyInjection.Abstractions.dll

      Description:

      Microsoft.Extensions.DependencyInjection.Abstractions

Abstractions for dependency injection.

Commonly Used Types:
Microsoft.Extensions.DependencyInjection.IServiceCollection

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.DependencyInjection.Abstractions.dll
      MD5: 6c8655836651933ffa4c253b5fa72939
      SHA1: b75730d6c1ef5e0ca6d7f7a1a5ee540aee940836
      SHA256:087813b2f9350b8c2d31e5bc9a5410fab198fadac87bb1269f41de6e6ad7ee62

      Identifiers

      Microsoft.Extensions.DependencyInjection.dll

      Description:

      Microsoft.Extensions.DependencyInjection

Default implementation of dependency injection for Microsoft.Extensions.DependencyInjection.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.DependencyInjection.dll
      MD5: d73fb559b01aca341a7750ddf3f6d6eb
      SHA1: 5f62514899132aed440854e599b742683bcea1d5
      SHA256:f8fe8bedbedefe0fab7e68c48f508d486b42258e16c09572886d7293507bdad6

      Identifiers

      Microsoft.Extensions.DependencyInjection:7.0.0

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

      Identifiers

      Microsoft.Extensions.DependencyModel.dll

      Description:

      Abstractions for reading `.deps` files.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.DependencyModel.dll
      MD5: c99274e8d8276563d8cefa3870b54b75
      SHA1: 90a1325a25bad7ca88b80305599f9027981c900b
      SHA256:c9eb87d14a9d170badcbce407888c2a565f1f216deaa6d615d1e741c4b62c10b

      Identifiers

      Microsoft.Extensions.Hosting.dll

      Description:

      Microsoft.Extensions.Hosting

Hosting and startup infrastructures for applications.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Hosting.dll
      MD5: d57f28ca156b8bc37e4547751443bfb1
      SHA1: a1132e597ba1f2796de1e4ed2d6a0d929af195d5
      SHA256:327b4c2e65a9f1d546d2d70443bb654eb25675a8d3ea2e098c81e7b53f7a4bbd

      Identifiers

      Microsoft.Extensions.Hosting:6.0.1

      File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj

      Identifiers

      Microsoft.Extensions.Logging.Abstractions.dll

      Description:

      Microsoft.Extensions.Logging.Abstractions

Logging abstractions for Microsoft.Extensions.Logging.

Commonly Used Types:
Microsoft.Extensions.Logging.ILogger
Microsoft.Extensions.Logging.ILoggerFactory
Microsoft.Extensions.Logging.ILogger<TCategoryName>
Microsoft.Extensions.Logging.LogLevel
Microsoft.Extensions.Logging.Logger<T>
Microsoft.Extensions.Logging.LoggerMessage
Microsoft.Extensions.Logging.Abstractions.NullLogger

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Logging.Abstractions.dll
      MD5: 5127ddc4377a4fec97eac8e991477d00
      SHA1: eb1c84da67d382390397e30fe801a38944bcf48c
      SHA256:b4bf70c7e2aa5ea0090e13817b895339259cc435dd16d8bd32ce4ebd85de4a3c

      Identifiers

      Microsoft.Extensions.Logging.Console:6.0.0

      File Path: D:\Onboarding\MerchantManagement\src\EncryptAccountNumberHandler\EncryptAccountNumberHandler.csproj

      Identifiers

      Microsoft.Extensions.Logging.dll

      Description:

      Microsoft.Extensions.Logging

Logging infrastructure default implementation for Microsoft.Extensions.Logging.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Logging.dll
      MD5: 3f6480b7c509fc21aaf73c32b9ff7aa8
      SHA1: c623ba7aaf28dfe6b54fc0ad43c6eba912c6b336
      SHA256:6833a9076b9a4bb4195c87cdac7ccf4b99b86d1fc848a08e074d668d1e03530e

      Identifiers

      Microsoft.Extensions.Logging:7.0.0

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

      Identifiers

      Microsoft.Extensions.Options.ConfigurationExtensions.dll

      Description:

      Microsoft.Extensions.Options.ConfigurationExtensions

Provides additional configuration specific functionality related to Options.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Options.ConfigurationExtensions.dll
      MD5: cfe09d5db428f456541ba4caa6888b66
      SHA1: d52da1aa9b011f1206ee6440e2a2a245c8b76118
      SHA256:3c227ac499857cc556a02feaa843f2a711521cb324290a6a2b230227e42db48c

      Identifiers

      Microsoft.Extensions.Options.ConfigurationExtensions:7.0.0

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

      Identifiers

      Microsoft.Extensions.Options.dll

      Description:

      Microsoft.Extensions.Options

Provides a strongly typed way of specifying and accessing settings using dependency injection.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Options.dll
      MD5: 2cde060200f09d54a11200f693d84bc9
      SHA1: f65c6baa8a36cbb5b28249177fd74fa1279cfd1c
      SHA256:792765a31e12260bf7aa7630d10e40dd9f2e140ffb5678237a2055266b478112

      Identifiers

      Microsoft.Extensions.PlatformAbstractions.dll

      Description:

      Abstractions that unify behavior and API across .NET Framework, .NET Core and Mono

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.PlatformAbstractions.dll
      MD5: 3c36c3780dcf26fb7ab7d3504f0d5d3f
      SHA1: 685de73dd75d717f47d035f017c4e81a44c4c884
      SHA256:dd9a5cf0a9baf3bb42dfca15a0f62c25ba3563abd2acf3d36eaab0730853c503

      Identifiers

      Microsoft.Extensions.Primitives.dll

      Description:

      Microsoft.Extensions.Primitives

Primitives shared by framework extensions. Commonly used types include:

Commonly Used Types:
Microsoft.Extensions.Primitives.IChangeToken
Microsoft.Extensions.Primitives.StringValues
Microsoft.Extensions.Primitives.StringSegment

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Extensions.Primitives.dll
      MD5: 3ba07a6760be077504734e9c0be0cce3
      SHA1: a51acea6a9183d6c73dcedb5b0536f2a5efd5f43
      SHA256:8578454489a439d5debd8a8ca9844b3b38076563eaf195cc5ed4bd27a8c54ea3

      Identifiers

      Microsoft.IdentityModel.JsonWebTokens.dll

      Description:

      Microsoft.IdentityModel.JsonWebTokens

Includes types that provide support for creating, serializing and validating JSON Web Tokens.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.IdentityModel.JsonWebTokens.dll
      MD5: 0187f56b73780b36b83c3787cac39953
      SHA1: 67d1738858e0c7fb8e6d8cdae698dcf9e34230da
      SHA256:4d4f7892ed7eb6198aaed5ca324fc0d4c9ff223df3058aace759ea19b42263bc

      Identifiers

      • pkg:generic/Microsoft.IdentityModel.JsonWebTokens@6.25.1.31130  (Confidence:Medium)
      • cpe:2.3:a:identitymodel_project:identitymodel:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:json_web_token_project:json_web_token:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:microsoft:identity_model:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:microsoft:identitymodel:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  

      CVE-2024-21319  

      Microsoft Identity Denial of service vulnerability
      CWE-20 Improper Input Validation, NVD-CWE-noinfo

      CVSSv3:
      • Base Score: MEDIUM (6.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:2.3/RC:R/MAV:A

      References:

      Vulnerable Software & Versions: (show all)

      Microsoft.IdentityModel.Protocols.OpenIdConnect.dll

      Description:

      Microsoft.IdentityModel.Protocols.OpenIdConnect

Includes types that provide support for OpenIdConnect protocol.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.IdentityModel.Protocols.OpenIdConnect.dll
      MD5: ab12a0ce21d3730ec7ea182768bb2409
      SHA1: ee9583a42b18271a689db29ceeb490a320bd1f25
      SHA256:b2df04680ace444416b01964474905373d941b7ef5d3e760ac9b736c57cd46aa

      Identifiers

      CVE-2024-21319  

      Microsoft Identity Denial of service vulnerability
      CWE-20 Improper Input Validation, NVD-CWE-noinfo

      CVSSv3:
      • Base Score: MEDIUM (6.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:2.3/RC:R/MAV:A

      References:

      Vulnerable Software & Versions: (show all)

      Microsoft.IdentityModel.Protocols.dll

      Description:

      Microsoft.IdentityModel.Protocols

Provides base protocol support for OpenIdConnect and WsFederation.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.IdentityModel.Protocols.dll
      MD5: c62f64528e559335cee713043e7f02e8
      SHA1: 25c730accdd56220ca490f44d56589fd33c9d935
      SHA256:a8cc77e6c4cad2813d43b51f5316f09548fb2ee488ea72d3f4240e12bb117cf9

      Identifiers

      • pkg:generic/Microsoft.IdentityModel.Protocols@6.10.0.20330  (Confidence:Medium)
      • cpe:2.3:a:identitymodel_project:identitymodel:6.10.0:20330:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:microsoft:identity_model:6.10.0:20330:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:microsoft:identitymodel:6.10.0:20330:*:*:*:*:*:*  (Confidence:Low)  

      CVE-2024-21319  

      Microsoft Identity Denial of service vulnerability
      CWE-20 Improper Input Validation, NVD-CWE-noinfo

      CVSSv3:
      • Base Score: MEDIUM (6.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:2.3/RC:R/MAV:A

      References:

      Vulnerable Software & Versions: (show all)

      Microsoft.IdentityModel.Tokens.dll

      Description:

      Microsoft.IdentityModel.Tokens

Includes types that provide support for SecurityTokens, Cryptographic operations: Signing, Verifying Signatures, Encryption.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.IdentityModel.Tokens.dll
      MD5: 33f6c18917dac746452a4313f3944a5c
      SHA1: e992402bf99012501cb7a129a0a52db0a28a3dce
      SHA256:09e3f0990e0710dbdf3d09bf8f3e29fcd3d15d1a6145662e4ebfb20d93bb59b8

      Identifiers

      • pkg:generic/Microsoft.IdentityModel.Tokens@6.25.1.31130  (Confidence:Medium)
      • cpe:2.3:a:identitymodel_project:identitymodel:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:microsoft:identity_model:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
      • cpe:2.3:a:microsoft:identitymodel:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  

      CVE-2024-21319  

      Microsoft Identity Denial of service vulnerability
      CWE-20 Improper Input Validation, NVD-CWE-noinfo

      CVSSv3:
      • Base Score: MEDIUM (6.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:2.3/RC:R/MAV:A

      References:

      Vulnerable Software & Versions: (show all)

      Microsoft.NET.Test.Sdk:16.11.0

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.Tests\MerchantManagement.Tests.csproj

      Identifiers

      Microsoft.TestPlatform.CrossPlatEngine.dll

      Description:

      Microsoft.TestPlatform.CrossPlatEngine

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\Microsoft.TestPlatform.CrossPlatEngine.dll
      MD5: 81c806d391cbbb115bd7c3057ad072e7
      SHA1: 602b423ee14a267625e4d36063b86acfad08b12c
      SHA256:c3f39f643bec30b8af31337cb357999c82cd980ceb5a2ec25b6d49936006805e

      Identifiers

      Microsoft.TestPlatform.CrossPlatEngine.resources.dll

      Description:

      Microsoft.TestPlatform.CrossPlatEngine

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\cs\Microsoft.TestPlatform.CrossPlatEngine.resources.dll
      MD5: 427e7a10eb9c5093d713554496368598
      SHA1: f2c050706126a51b137b55214b49b165a8298c04
      SHA256:ca634ddefd75f34228652f869df8731fc8d9c8b56843fdbb9d577343fbbe9c65

      Identifiers

      Microsoft.VisualStudio.CodeCoverage.Shim.dll

      Description:

      Microsoft.VisualStudio.CodeCoverage.Shim

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\Microsoft.VisualStudio.CodeCoverage.Shim.dll
      MD5: d8b73579c30e309106f311f48fdc7c1b
      SHA1: e3fb3fb9716f53ab1238145555f34da98ff73f74
      SHA256:e943b0c764db6031031026c97a0d89057fa2602a7110e90183429048b6eb6fc7

      Identifiers

      Microsoft.Win32.SystemEvents.dll

      Description:

      Microsoft.Win32.SystemEvents

Provides access to Windows system event notifications.

Commonly Used Types:
Microsoft.Win32.SystemEvents

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Microsoft.Win32.SystemEvents.dll
      MD5: 52c8b8b9b9042e81ac37425279af8080
      SHA1: 0ddb5d6aeb03a702bc31a652e77943f114b82b4d
      SHA256:ca495bf6c86b7f092d624928101985a941532d149dcd8acfea170f8a53be8850

      Identifiers

      Newtonsoft.Json.Bson.dll

      Description:

      Json.NET BSON .NET Standard 2.0

Json.NET BSON adds support for reading and writing BSON

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Newtonsoft.Json.Bson.dll
      MD5: 46944e52dbb2982ea49a297902b91ea8
      SHA1: 0ed43a73f49e0df7b2fa681a627cad7e25074165
      SHA256:f3c56166d7f90296bbe6b03f64335623c3165ed25948288f1f316fa74dd8327f

      Identifiers

      CVE-2024-21907  

      Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.
      CWE-755 Improper Handling of Exceptional Conditions

      CVSSv3:
      • Base Score: HIGH (7.5)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A

      References:

      Vulnerable Software & Versions:

      Newtonsoft.Json.dll

      Description:

      Json.NET .NET 6.0

Json.NET is a popular high-performance JSON framework for .NET

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Newtonsoft.Json.dll
      MD5: 86a83a63f12b55fd3718cfbfb577d7dc
      SHA1: 3df82ebba50086de83aee27c63255e80f2d73f3b
      SHA256:4816c4276f575e4d85b80633a0df2eadf29496fe00bdc33cd7843e61373bde0e

      Identifiers

      Newtonsoft.Json.dll

      Description:

      Json.NET .NET Standard 1.0

Json.NET is a popular high-performance JSON framework for .NET

      File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\Newtonsoft.Json.dll
      MD5: 04d49720df76d62bce434f19a0da62d2
      SHA1: 53d0a3b91036092132f4d0887500b5dc77891d78
      SHA256:5d96ee51b2aff592039eebc2ed203d9f55fddf9c0882fb34d3f0e078374954a5

      Identifiers

      CVE-2024-21907  

      Newtonsoft.Json before version 13.0.1 is affected by a mishandling of exceptional conditions vulnerability. Crafted data that is passed to the JsonConvert.DeserializeObject method may trigger a StackOverflow exception resulting in denial of service. Depending on the usage of the library, an unauthenticated and remote attacker may be able to cause the denial of service condition.
      CWE-755 Improper Handling of Exceptional Conditions

      CVSSv3:
      • Base Score: HIGH (7.5)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A

      References:

      Vulnerable Software & Versions:

      Newtonsoft.Json:13.0.3

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

      Identifiers

      Npgsql.EntityFrameworkCore.PostgreSQL.dll

      Description:

      Npgsql.EntityFrameworkCore.PostgreSQL

PostgreSQL/Npgsql provider for Entity Framework Core.

      File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Npgsql.EntityFrameworkCore.PostgreSQL.dll
      MD5: bf2135dd0b4a7a8ec6d2ead16c7eb57a
      SHA1: bfede384b4e8b213d0d558180422917562e84df4
      SHA256:4024339ffb23c801a13a281acf8b54f2a0c13184bfd0f583f88c6953662d65ad

      Identifiers

      CVE-2015-0244  

      PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation.
      CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

      CVSSv3:
      • Base Score: CRITICAL (9.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: HIGH (7.5)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2015-3166  

      The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, as demonstrated by an out-of-memory error.
      CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

      CVSSv3:
      • Base Score: CRITICAL (9.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: HIGH (7.5)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2019-10211  

      Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via bundled OpenSSL executing code from unprotected directory.
      CWE-94 Improper Control of Generation of Code ('Code Injection'), NVD-CWE-noinfo

      CVSSv3:
      • Base Score: CRITICAL (9.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: HIGH (7.5)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2018-1115  

      postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.
      CWE-732 Incorrect Permission Assignment for Critical Resource

      CVSSv3:
      • Base Score: CRITICAL (9.1)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.4)
      • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2015-0241  

      The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.
      CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

      CVSSv3:
      • Base Score: HIGH (8.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.5)
      • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2015-0242  

      Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function.
      CWE-787 Out-of-bounds Write

      CVSSv3:
      • Base Score: HIGH (8.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.5)
      • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2015-0243  

      Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
      CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

      CVSSv3:
      • Base Score: HIGH (8.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.5)
      • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2019-10127  

      A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for BigSQL-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code. An attacker having only the unprivileged Windows account can read arbitrary data directory files, essentially bypassing database-imposed read access limitations. An attacker having only the unprivileged Windows account can also delete certain data directory files.
      CWE-284 Improper Access Control

      CVSSv3:
      • Base Score: HIGH (8.8)
      • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:2.0/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (4.3)
      • Vector: /AV:L/AC:L/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2020-25695  

      A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity of a superuser. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
      CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

      CVSSv3:
      • Base Score: HIGH (8.8)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.5)
      • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2016-5423  

      PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.
      CWE-476 NULL Pointer Dereference

      CVSSv3:
      • Base Score: HIGH (8.3)
      • Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H/E:2.8/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.5)
      • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2016-7048  

      The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software.
      CWE-284 Improper Access Control

      CVSSv3:
      • Base Score: HIGH (8.1)
      • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:2.2/RC:R/MAV:A
      CVSSv2:
      • Base Score: HIGH (9.3)
      • Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2020-25694  

      A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections only reuses the basic connection parameters while dropping security-relevant parameters, an opportunity for a man-in-the-middle attack, or the ability to observe clear-text transmissions, could exist. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
      CWE-327 Use of a Broken or Risky Cryptographic Algorithm

      CVSSv3:
      • Base Score: HIGH (8.1)
      • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:2.2/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.8)
      • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2021-23214  

      When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a man-in-the-middle attacker can inject arbitrary SQL queries when a connection is first established, despite the use of SSL certificate verification and encryption.
      CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

      CVSSv3:
      • Base Score: HIGH (8.1)
      • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:2.2/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (5.1)
      • Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2019-10128  

      A vulnerability was found in postgresql versions 11.x prior to 11.3. The Windows installer for EnterpriseDB-supplied PostgreSQL does not lock down the ACL of the binary installation directory or the ACL of the data directory; it keeps the inherited ACL. In the default configuration, this allows a local attacker to read arbitrary data directory files, essentially bypassing database-imposed read access limitations. In plausible non-default configurations, an attacker having both an unprivileged Windows account and an unprivileged PostgreSQL account can cause the PostgreSQL service account to execute arbitrary code.
      CWE-284 Improper Access Control

      CVSSv3:
      • Base Score: HIGH (7.8)
      • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:1.8/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (4.1)
      • Vector: /AV:L/AC:M/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2015-3167  

      contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which makes it easier for attackers to obtain the key via a brute force attack.
      CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

      CVSSv3:
      • Base Score: HIGH (7.5)
      • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (5.0)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2016-0768  

      PostgreSQL PL/Java after 9.0 does not honor access controls on large objects.
      CWE-284 Improper Access Control

      CVSSv3:
      • Base Score: HIGH (7.5)
      • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (5.0)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N

      References:

      Vulnerable Software & Versions:

      CVE-2016-0773  

      PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.
      CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

      CVSSv3:
      • Base Score: HIGH (7.5)
      • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (5.0)
      • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2017-7484  

      It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before 9.3.17, 9.4.x before 9.4.12, 9.5.x before 9.5.7, and 9.6.x before 9.6.3 did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileged attacker could use this flaw to steal some information from tables they are otherwise not allowed to access.
      CWE-285 Improper Authorization, CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

      CVSSv3:
      • Base Score: HIGH (7.5)
      • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:3.9/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (5.0)
      • Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:N

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2016-5424  

      PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 might allow remote authenticated users with the CREATEDB or CREATEROLE role to gain superuser privileges via a (1) " (double quote), (2) \ (backslash), (3) carriage return, or (4) newline character in a (a) database or (b) role name that is mishandled during an administrative operation.
      CWE-94 Improper Control of Generation of Code ('Code Injection')

      CVSSv3:
      • Base Score: HIGH (7.1)
      • Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H/E:1.2/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (4.6)
      • Vector: /AV:N/AC:H/Au:S/C:P/I:P/A:P

      References:

      Vulnerable Software & Versions: (show all)

      CVE-2017-14798  

      A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.
      CWE-61 UNIX Symbolic Link (Symlink) Following, CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

      CVSSv3:
      • Base Score: HIGH (7.0)
      • Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:1.0/RC:R/MAV:A
      CVSSv2:
      • Base Score: MEDIUM (6.9)
      • Vector: /AV:L/AC:M/Au:N/C:C/I:C/A:C

      References:

        Vulnerable Software & Versions:

        CVE-2019-10210  

        Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5.19, 9.4.24 is vulnerable via superuser writing password to unprotected temporary file.
        CWE-522 Insufficiently Protected Credentials

        CVSSv3:
        • Base Score: HIGH (7.0)
        • Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:1.0/RC:R/MAV:A
        CVSSv2:
        • Base Score: LOW (1.9)
        • Vector: /AV:L/AC:M/Au:N/C:P/I:N/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0061  

        The validator functions for the procedural languages (PLs) in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to gain privileges via a function that is (1) defined in another language or (2) not allowed to be directly called by the user due to permissions.
        CWE-264 Permissions, Privileges, and Access Controls

        CVSSv2:
        • Base Score: MEDIUM (6.5)
        • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0063  

        Multiple stack-based buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via vectors related to an incorrect MAXDATELEN constant and datetime values involving (1) intervals, (2) timestamps, or (3) timezones, a different vulnerability than CVE-2014-0065.
        CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

        CVSSv2:
        • Base Score: MEDIUM (6.5)
        • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0064  

        Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow.  NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
        CWE-189 Numeric Errors

        CVSSv2:
        • Base Score: MEDIUM (6.5)
        • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0065  

        Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.
        CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

        CVSSv2:
        • Base Score: MEDIUM (6.5)
        • Vector: /AV:N/AC:L/Au:S/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2015-5288  

        The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service (server crash) or read arbitrary server memory via a "too-short" salt.
        CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

        CVSSv2:
        • Base Score: MEDIUM (6.4)
        • Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2007-2138  

        Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to "search_path settings."
        CWE-264 Permissions, Privileges, and Access Controls

        CVSSv2:
        • Base Score: MEDIUM (6.0)
        • Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0062  

        Race condition in the (1) CREATE INDEX and (2) unspecified ALTER TABLE commands in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allows remote authenticated users to create an unauthorized index or read portions of unauthorized tables by creating or deleting a table with the same name during the timing window.
        CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

        CVSSv2:
        • Base Score: MEDIUM (4.9)
        • Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0067  

        The "make check" command for the test suites in PostgreSQL 9.3.3 and earlier does not properly invoke initdb to specify the authentication requirements for a database cluster to be used for the tests, which allows local users to gain privileges by leveraging access to this cluster.
        CWE-264 Permissions, Privileges, and Access Controls

        CVSSv2:
        • Base Score: MEDIUM (4.6)
        • Vector: /AV:L/AC:L/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-8161  

        PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
        CWE-209 Generation of Error Message Containing Sensitive Information

        CVSSv3:
        • Base Score: MEDIUM (4.3)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.0)
        • Vector: /AV:N/AC:L/Au:S/C:P/I:N/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2015-3165  

        Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.
        NVD-CWE-Other

        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-3393  

        An information leak was discovered in postgresql in versions before 13.2, before 12.6 and before 11.11. A user having UPDATE permission but not SELECT permission to a particular column could craft queries which, under some circumstances, might disclose values from that column in error messages. An attacker could use this flaw to obtain information stored in a column they are allowed to write but not read.
        CWE-209 Generation of Error Message Containing Sensitive Information

        CVSSv3:
        • Base Score: MEDIUM (4.3)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:2.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: LOW (3.5)
        • Vector: /AV:N/AC:M/Au:S/C:P/I:N/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0060  

        PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly enforce the ADMIN OPTION restriction, which allows remote authenticated members of a role to add or remove arbitrary users to that role by calling the SET ROLE command before the associated GRANT command.
        CWE-264 Permissions, Privileges, and Access Controls

        CVSSv2:
        • Base Score: MEDIUM (4.0)
        • Vector: /AV:N/AC:L/Au:S/C:N/I:P/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2014-0066  

        The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via unspecified vectors.
        CWE-20 Improper Input Validation

        CVSSv2:
        • Base Score: MEDIUM (4.0)
        • Vector: /AV:N/AC:L/Au:S/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2010-0733  

        Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
        CWE-189 Numeric Errors

        CVSSv2:
        • Base Score: LOW (3.5)
        • Vector: /AV:N/AC:M/Au:S/C:N/I:N/A:P

        References:
        • af854a3a-2127-422b-91ae-364da2661108 - PATCH
        • secalert@redhat.com - PATCH

        Vulnerable Software & Versions: (show all)

        Npgsql.dll

        Description:

        Npgsql

Npgsql is the open source .NET data provider for PostgreSQL.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Npgsql.dll
        MD5: 9bbbe5b13b4af4811f75f092fac09458
        SHA1: 0d52c3d42f3cd30ef076c746fe43596e28e00853
        SHA256:7a2c0f05fc717b039e2ae37ca2c831683b8c5a7cd4fdf90f088d399b4de18e3e

        Identifiers

        NuGet.Frameworks.dll

        Description:

        NuGet.Frameworks

The understanding of target frameworks for NuGet.Packaging.

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\NuGet.Frameworks.dll
        MD5: a943ff4524e20e7c456efb37cdbf6952
        SHA1: c1e695466b22abad8c2908c64fa8bcc8e3d9b383
        SHA256:bdef879f0a4ab2ad97fe934f54e30aee0d06ad06a3ef292933308fca34906ef8

        Identifiers

        ReadWriteSwagger.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\ReadWriteSwagger.js
        MD5: 2fb28455e421d836a06b87bdb3711b8a
        SHA1: 78255407ae919443f1295b7fbe80ea5ccff9a3d4
        SHA256:67dff2c37270f33068846632f51127ca1f8059d10d2b865dccbb6b70d4fffb76

        Identifiers

        • None

        RemainderMailHandler.csproj

        File Path: D:\Onboarding\MerchantManagement\src\RemainderMailHandler\RemainderMailHandler.csproj
        MD5: 90b22bd1f338865525aacd8f27ccee24
        SHA1: 64d687d18d24214aad7cccaea7564f088a7a944b
        SHA256:3a999d1189a919377a88c93bea923f0acf47c65ad350b0dce8517c77bc89c2e0

        Identifiers

        • None

        RemainderMailHandler.dll

        Description:

        RemainderMailHandler

        File Path: D:\Onboarding\MerchantManagement\src\RemainderMailHandler\bin\Debug\net6.0\RemainderMailHandler.dll
        MD5: 5f15398cc0c4e9666bbb2183148a19da
        SHA1: 0766227d3a768a233cced8839a7c37ccc88644f3
        SHA256:1506e48b132955afa5735ca5fb7256b222a995ae7684533db2c23e1f2e6442fd

        Identifiers

        ReportDownloadHandler.csproj

        File Path: D:\Onboarding\MerchantManagement\src\ReportDownloadHandler\ReportDownloadHandler.csproj
        MD5: 94c4019ea0e551e15f5b55ece9e3bcc0
        SHA1: a8766b9c2b349c275e6eb32612ef692567571d93
        SHA256:7a24ed8a4023cb0c57e29b4820292c71957201a5552cab73c76e3a69e2ec8f7a

        Identifiers

        • None

        ReportDownloadHandler.dll

        Description:

        ReportDownloadHandler

        File Path: D:\Onboarding\MerchantManagement\src\ReportDownloadHandler\bin\Debug\net6.0\ReportDownloadHandler.dll
        MD5: 9172923a40b8eabd51a0314664d8d557
        SHA1: 8f4a47e35d4b1851e74122a30816baba15812b6a
        SHA256:a598b2ed9dcd899160cfab1baa40b2a4ac0c37a8e787424953a417dbe639c111

        Identifiers

        ReportSwagger.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\ReportSwagger.js
        MD5: d8abcda055f5c44ff287003ced174772
        SHA1: c7e1d0a584a1f780d2c7eb4fc8276371776f9c54
        SHA256:3311a59dd46c70bc5883ec7fbac0f819fc97aacb3c591bd0a9b9418f14fe158e

        Identifiers

        • None

        RulesEngine:5.0.3

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj

        Identifiers

        Runnable2_eSign2.1_Single.jar (shaded: commons-codec:commons-codec:1.9)

        Description:

             The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar\META-INF/maven/commons-codec/commons-codec/pom.xml
        MD5: 921b8b50ce6dc0c5a8605d7c7011bd37
        SHA1: f5357ff0f308600af3660bf00a8be3415a335723
        SHA256:e5efcf039cd909688c201dc5479b144fd6f01f0e40252b7fc5e7d2e1b5c07990

        Identifiers

        Runnable2_eSign2.1_Single.jar (shaded: commons-io:commons-io:2.6)

        Description:

        The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar\META-INF/maven/commons-io/commons-io/pom.xml
        MD5: 142e515fa628cd8379aaac94ab237a8c
        SHA1: 5060835593e5b6ed18c82fc2e782f0a3c30a00b1
        SHA256:0c23863893a2291f5a7afdbd8d15923b3948afd87e563fa341cdcf6eae338a60

        Identifiers

        CVE-2024-47554 (OSSINDEX)  

        Uncontrolled Resource Consumption vulnerability in Apache Commons IO.

The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.


This issue affects Apache Commons IO: from 2.0 before 2.14.0.

Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.
        CWE-400 Uncontrolled Resource Consumption

        CVSSv2:
        • Base Score: MEDIUM (5.300000190734863)
        • Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

        References:

        Vulnerable Software & Versions (OSSINDEX):

        • cpe:2.3:a:commons-io:commons-io:2.6:*:*:*:*:*:*:*

        CVE-2021-29425  

        In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.
        CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), CWE-20 Improper Input Validation

        CVSSv3:
        • Base Score: MEDIUM (4.8)
        • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:2.2/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (5.8)
        • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N

        References:

        Vulnerable Software & Versions: (show all)

        Runnable2_eSign2.1_Single.jar (shaded: commons-logging:commons-logging:1.2)

        Description:

        Apache Commons Logging is a thin adapter allowing configurable bridging to other,
    well known logging systems.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar\META-INF/maven/commons-logging/commons-logging/pom.xml
        MD5: 51509fc18ecc54daf0a030f8a830deb0
        SHA1: 075c03ba4b01932842a996ef8d3fc1ab61ddeac2
        SHA256:c91ab5aa570d86f6fd07cc158ec6bc2c50080402972ee9179fe24100739fbb20

        Identifiers

        Runnable2_eSign2.1_Single.jar (shaded: log4j:log4j:1.2.16)

        Description:

        Apache Log4j 1.2

        License:

        The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar\META-INF/maven/log4j/log4j/pom.xml
        MD5: e15d65d6c97d87704176c1e9338a2adb
        SHA1: 88efb1b8d3d993fe339e9e2b201c75eed57d4c65
        SHA256:2b1e9f1055cf0b4a4659aaf474b65e842d5c1dc580b5c4e0238ef63470d110fd

        Identifiers

        CVE-2019-17571  

        Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: CRITICAL (9.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
        CVSSv2:
        • Base Score: HIGH (7.5)
        • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2020-9493  

        A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: CRITICAL (9.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (6.8)
        • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2022-23305  

        By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or headers of an application that are logged allowing unintended SQL queries to be executed. Note this issue only affects Log4j 1.x when specifically configured to use the JDBCAppender, which is not the default. Beginning in version 2.0-beta8, the JDBCAppender was re-introduced with proper support for parameterized SQL queries and further customization over the columns written to in logs. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
        CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

        CVSSv3:
        • Base Score: CRITICAL (9.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (6.8)
        • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2022-23302  

        JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. The attacker can provide a TopicConnectionFactoryBindingName configuration causing JMSSink to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-4104. Note this issue only affects Log4j 1.x when specifically configured to use JMSSink, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: HIGH (8.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (6.0)
        • Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2022-23307  

        CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the same issue exists.
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: HIGH (8.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: HIGH (9.0)
        • Vector: /AV:N/AC:L/Au:S/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-4104 (OSSINDEX)  

        JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remote code execution in a similar fashion to CVE-2021-44228. Note this issue only affects Log4j 1.2 when specifically configured to use JMSAppender, which is not the default. Apache Log4j 1.2 reached end of life in August 2015. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2021-4104 for details
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: HIGH (7.5)
        • Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

        References:

        Vulnerable Software & Versions (OSSINDEX):

        • cpe:2.3:a:log4j:log4j:1.2.16:*:*:*:*:*:*:*

        CVE-2023-26464  

        ** UNSUPPORTED WHEN ASSIGNED **

When using the Chainsaw or SocketAppender components with Log4j 1.x on JRE less than 1.7, an attacker that manages to cause a logging entry involving a specially-crafted (ie, deeply nested) 
hashmap or hashtable (depending on which logging component is in use) to be processed could exhaust the available memory in the virtual machine and achieve Denial of Service when the object is deserialized.

This issue affects Apache Log4j before 2. Affected users are recommended to update to Log4j 2.x.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: HIGH (7.5)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:3.9/RC:R/MAV:A

        References:

        Vulnerable Software & Versions:

        Runnable2_eSign2.1_Single.jar (shaded: org.apache.pdfbox:fontbox:2.0.8)

        Description:

            The Apache FontBox library is an open source Java tool to obtain low level information
    from font files. FontBox is a subproject of Apache PDFBox.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar\META-INF/maven/org.apache.pdfbox/fontbox/pom.xml
        MD5: c2c9b539ef6acfb4153d1799642b2589
        SHA1: 6daaf6eec25aeb9adac1a023f3edb53fe4c45b55
        SHA256:1f5d07c587feefd1bbaa73c45c432cf999dd3c0fcc8b81d274cd5906b43d8803

        Identifiers

        CVE-2018-8036 (OSSINDEX)  

        In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.

Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2018-8036 for details
        CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

        CVSSv3:
        • Base Score: MEDIUM (6.5)
        • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

        References:

        Vulnerable Software & Versions (OSSINDEX):

        • cpe:2.3:a:org.apache.pdfbox:fontbox:2.0.8:*:*:*:*:*:*:*

        Runnable2_eSign2.1_Single.jar (shaded: org.apache.pdfbox:pdfbox:2.0.8)

        Description:

                The Apache PDFBox library is an open source Java tool for working with PDF documents.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar\META-INF/maven/org.apache.pdfbox/pdfbox/pom.xml
        MD5: 1d4ccea88c8090584ab46aaaf631c937
        SHA1: add23697d741b786a2cae25a79cfe3abcac431bd
        SHA256:acefad4963635a4222d924a508e06beda354c392d936916bfb15009d0fb522b5

        Identifiers

        CVE-2018-8036  

        In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.
        CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

        CVSSv3:
        • Base Score: MEDIUM (6.5)
        • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2018-11797  

        In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
        NVD-CWE-noinfo

        CVSSv3:
        • Base Score: MEDIUM (5.5)
        • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-27807  

        A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
        CWE-834 Excessive Iteration

        CVSSv3:
        • Base Score: MEDIUM (5.5)
        • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-27906  

        A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
        CWE-789 Memory Allocation with Excessive Size Value, NVD-CWE-Other

        CVSSv3:
        • Base Score: MEDIUM (5.5)
        • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-31811  

        In Apache PDFBox, a carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
        CWE-789 Memory Allocation with Excessive Size Value, CWE-770 Allocation of Resources Without Limits or Throttling

        CVSSv3:
        • Base Score: MEDIUM (5.5)
        • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-31812  

        In Apache PDFBox, a carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.23 and prior 2.0.x versions.
        CWE-834 Excessive Iteration, CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')

        CVSSv3:
        • Base Score: MEDIUM (5.5)
        • Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        Runnable2_eSign2.1_Single.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\eSign_2.1_Utility\Runnable2_eSign2.1_Single.jar
        MD5: 663df0c72ffea2cf6367dadddcf07468
        SHA1: 8a55aff1990f7267453bc1439939fbecd86908e1
        SHA256:225e08266a3bd4d2bdf7f4962a07a2fc77d26ae21f64d183dd2818d801f67558

        Identifiers

        • cpe:2.3:a:apache:log4j:2.1:*:*:*:*:*:*:*  (Confidence:Low)  

        CVE-2021-44228  

        CISA Known Exploited Vulnerability:
        • Product: Apache Log4j2
        • Name: Apache Log4j2 Remote Code Execution Vulnerability
        • Date Added: 2021-12-10
        • Description: Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution.
        • Required Action: For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available.
        • Due Date: 2021-12-24
        • Notes: https://nvd.nist.gov/vuln/detail/CVE-2021-44228

        Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
        CWE-400 Uncontrolled Resource Consumption, CWE-502 Deserialization of Untrusted Data, CWE-20 Improper Input Validation, CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

        CVSSv3:
        • Base Score: CRITICAL (10.0)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
        CVSSv2:
        • Base Score: HIGH (9.3)
        • Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2017-5645  

        In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
        CWE-502 Deserialization of Untrusted Data

        CVSSv3:
        • Base Score: CRITICAL (9.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A
        CVSSv2:
        • Base Score: HIGH (7.5)
        • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-45046  

        CISA Known Exploited Vulnerability:
        • Product: Apache Log4j2
        • Name: Apache Log4j2 Deserialization of Untrusted Data Vulnerability
        • Date Added: 2023-05-01
        • Description: Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.
        • Required Action: Apply updates per vendor instructions.
        • Due Date: 2023-05-22
        • Notes: https://logging.apache.org/log4j/2.x/security.html; https://nvd.nist.gov/vuln/detail/CVE-2021-45046

        It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.
        CWE-917 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')

        CVSSv3:
        • Base Score: CRITICAL (9.0)
        • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:2.2/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (5.1)
        • Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-44832  

        Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when a configuration uses a JDBC Appender with a JNDI LDAP data source URI when an attacker has control of the target LDAP server. This issue is fixed by limiting JNDI data source names to the java protocol in Log4j2 versions 2.17.1, 2.12.4, and 2.3.2.
        CWE-20 Improper Input Validation, CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

        CVSSv3:
        • Base Score: MEDIUM (6.6)
        • Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:0.7/RC:R/MAV:A
        CVSSv2:
        • Base Score: HIGH (8.5)
        • Vector: /AV:N/AC:M/Au:S/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2021-45105  

        Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
        CWE-20 Improper Input Validation, CWE-674 Uncontrolled Recursion

        CVSSv3:
        • Base Score: MEDIUM (5.9)
        • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:2.2/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2020-9488  

        Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
        CWE-295 Improper Certificate Validation

        CVSSv3:
        • Base Score: LOW (3.7)
        • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:2.2/RC:R/MAV:A
        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:P/I:N/A:N

        References:

        Vulnerable Software & Versions: (show all)

        SixLabors.ImageSharp.dll

        Description:

        SixLabors.ImageSharp

A new, fully featured, fully managed, cross-platform, 2D graphics API for .NET

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\SixLabors.ImageSharp.dll
        MD5: a40efa1d42a3a30f36c02f51cef30df7
        SHA1: 429c492836c632520601eb0fb2713cbff6d09cef
        SHA256:0a15ca64cd2d91dc94481055fdfe29a2324385f8693f0ef56e2431405387f32a

        Identifiers

        CVE-2024-32035  

        ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit this flaw.  This flaw can be exploited to cause a denial of service (DoS) by depleting process memory, thereby affecting applications and services that rely on ImageSharp for image processing tasks. Users and administrators are advised to update to the latest version of ImageSharp that addresses this vulnerability to mitigate the risk of exploitation. The problem has been patched in v3.1.4 and v2.1.8.
        CWE-789 Memory Allocation with Excessive Size Value, CWE-770 Allocation of Resources Without Limits or Throttling

        CVSSv3:
        • Base Score: MEDIUM (6.5)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:2.8/RC:R/MAV:A

        References:
        • af854a3a-2127-422b-91ae-364da2661108 - PATCH
        • af854a3a-2127-422b-91ae-364da2661108 - PATCH
        • af854a3a-2127-422b-91ae-364da2661108 - PRODUCT
        • af854a3a-2127-422b-91ae-364da2661108 - PRODUCT
        • af854a3a-2127-422b-91ae-364da2661108 - VENDOR_ADVISORY
        • security-advisories@github.com - PATCH
        • security-advisories@github.com - PATCH
        • security-advisories@github.com - PRODUCT
        • security-advisories@github.com - PRODUCT
        • security-advisories@github.com - VENDOR_ADVISORY

        Vulnerable Software & Versions: (show all)

        CVE-2024-32036  

        ImageSharp is a 2D graphics API. A data leakage flaw was found in ImageSharp's JPEG and TGA decoders. This vulnerability is triggered when an attacker passes a specially crafted JPEG or TGA image file to a software using ImageSharp, potentially disclosing sensitive information from other parts of the software in the resulting image buffer. The problem has been patched in v3.1.4 and v2.1.8.
        CWE-226 Sensitive Information in Resource Not Removed Before Reuse, CWE-212 Improper Removal of Sensitive Information Before Storage or Transfer

        CVSSv3:
        • Base Score: MEDIUM (6.5)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:2.8/RC:R/MAV:A

        References:
        • af854a3a-2127-422b-91ae-364da2661108 - PATCH
        • af854a3a-2127-422b-91ae-364da2661108 - PATCH
        • af854a3a-2127-422b-91ae-364da2661108 - VENDOR_ADVISORY
        • security-advisories@github.com - PATCH
        • security-advisories@github.com - PATCH
        • security-advisories@github.com - VENDOR_ADVISORY

        Vulnerable Software & Versions: (show all)

        StatusEventHandler.csproj

        File Path: D:\Onboarding\MerchantManagement\src\StatusEventHandler\StatusEventHandler.csproj
        MD5: 0367bb03a7eacda97fb2be2829feafea
        SHA1: ec7c5db747524d293de6b0ab9ea3ec43b3490243
        SHA256:a255415e858ed69187418c82af63862837177f4da329d57f590a677bc57ccced

        Identifiers

        • None

        StatusEventHandler.dll

        Description:

        StatusEventHandler

        File Path: D:\Onboarding\MerchantManagement\src\StatusEventHandler\bin\Debug\net6.0\StatusEventHandler.dll
        MD5: 30a1aec1a475aaf8a543853977fab276
        SHA1: c80a2b18e2e35a6a99d40b54422e0d4bdc49edaf
        SHA256:53f590732538cf8ffc0ceff29bfe3ef6ff670e726e0c24e406773471de4a277f

        Identifiers

        SwaggerController.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\controller\SwaggerController.js
        MD5: fbb9c42c9574d8659a0cbe5295f81cdf
        SHA1: fb37a7f99eb7c42d3b151b80f2a73804c1a24053
        SHA256:df3b37f7e1805a91a7a80755b4b5990d71a874b042fadf7dd4f13eba62e27025

        Identifiers

        • None

        Swashbuckle.AspNetCore.Examples.dll

        Description:

        Swashbuckle.AspNetCore.Examples

Adds the SwaggerRequestExample and SwaggerResponseExample attribute for Swashbuckle. This will populate the example property of a schema object in the output swagger.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Swashbuckle.AspNetCore.Examples.dll
        MD5: e8e4af0942a93e9e14a41db9da877386
        SHA1: cf0e97d388fb10d4c3bd3e38272231e725917af7
        SHA256:e49c970927f55ca30d51ef02a72a8018d636d01dee49da8c1a6cb9e151772b0b

        Identifiers

        Swashbuckle.AspNetCore.Swagger.dll

        Description:

        Swashbuckle.AspNetCore.Swagger

Middleware to expose Swagger JSON endpoints from API's built on ASP.NET Core

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Swashbuckle.AspNetCore.Swagger.dll
        MD5: 1561a8168854d0d464856cd980acc455
        SHA1: 26e98626430375d7c4842be8d0a25e8d7026c5b0
        SHA256:c797237da5e07d88a1576d5edbcd2e775e0b5f506d464e2d3b40e5985593c564

        Identifiers

        Swashbuckle.AspNetCore.SwaggerGen.dll

        Description:

        Swashbuckle.AspNetCore.SwaggerGen

Swagger Generator for API's built on ASP.NET Core

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Swashbuckle.AspNetCore.SwaggerGen.dll
        MD5: 5b00e76687a228a01f7432e8b49a3cc4
        SHA1: 5c4f85708881a9ca9de58af46768bfec55b30a97
        SHA256:210ead724c458892b0ab805107e5cb2b44c74d169e89f56e851a71b6e4182747

        Identifiers

        System.Drawing.Common.dll

        Description:

        System.Drawing.Common

Provides access to GDI+ graphics functionality.

Commonly Used Types:
System.Drawing.Bitmap
System.Drawing.BitmapData
System.Drawing.Brush
System.Drawing.Font
System.Drawing.Graphics
System.Drawing.Icon

Unix support is disabled by default. See https://aka.ms/systemdrawingnonwindows for more information.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\System.Drawing.Common.dll
        MD5: 916949ef1ba93758bd98d58a6b278092
        SHA1: 2f1aaf6a045be385c7f6c69d1aa8f7ed232baa04
        SHA256:98d07e6b1e7d3641a8608a360b3dc273fe8a0f78926b6e1e5f679a7a074d491f

        Identifiers

        System.Drawing.Common:6.0.0

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\MerchantManagement.API.csproj

        Identifiers

        System.IdentityModel.Tokens.Jwt.dll

        Description:

        System.IdentityModel.Tokens.Jwt

Includes types that provide support for creating, serializing and validating JSON Web Tokens.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\System.IdentityModel.Tokens.Jwt.dll
        MD5: 9f46bcace87297112eb2d5c014c567df
        SHA1: 67233c3f7b1a18e42922cdc8090cc8b3ae3df216
        SHA256:d846a6c25639740ab0bd169734859678b32af9c371b544c5faf5960f70df3727

        Identifiers

        • pkg:generic/System.IdentityModel.Tokens.Jwt@6.25.1.31130  (Confidence:Medium)
        • cpe:2.3:a:identitymodel_project:identitymodel:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
        • cpe:2.3:a:microsoft:identity_model:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  
        • cpe:2.3:a:microsoft:identitymodel:6.25.1.31130:*:*:*:*:*:*:*  (Confidence:Low)  

        CVE-2024-21319  

        Microsoft Identity Denial of service vulnerability
        CWE-20 Improper Input Validation, NVD-CWE-noinfo

        CVSSv3:
        • Base Score: MEDIUM (6.8)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:2.3/RC:R/MAV:A

        References:

        Vulnerable Software & Versions: (show all)

        System.IdentityModel.Tokens.Jwt:6.25.1

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement\MerchantManagement.csproj

        Identifiers

        CVE-2024-21319 (OSSINDEX)  

        Microsoft Identity Denial of service vulnerability
        CWE-20 Improper Input Validation

        CVSSv3:
        • Base Score: MEDIUM (6.800000190734863)
        • Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

        References:

        Vulnerable Software & Versions (OSSINDEX):

        • cpe:2.3:a:*:System.IdentityModel.Tokens.Jwt:6.25.1:*:*:*:*:*:*:*

        TermsAndConditionsSwagger.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\TermsAndConditionsSwagger.js
        MD5: 9c60dd3a3cdf4ee103450f8591c57170
        SHA1: 388661ea976810cb5e4b60110924a0519c6af52d
        SHA256:0cb43a5de0adba45d2747defe5cc5bc363ca7d17f51baa71c93e980c7c5a0166

        Identifiers

        • None

        Tesseract.dll

        Description:

        Tesseract

Tesseract 4 adds a new neural net (LSTM) based OCR engine which is focused on line recognition, but also still supports the legacy Tesseract OCR engine of Tesseract 3 which works by recognizing character patterns. Compatibility with Tesseract 3 is enabled by using the Legacy OCR Engine mode (--oem 0). It also needs traineddata files which support the legacy engine, for example those from the tessdata repository.

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\Tesseract.dll
        MD5: 8156de188eb6fe31980c95f38936a841
        SHA1: fc0a366b6f1fd45ba123ce4f6a1a47ac974872bf
        SHA256:621ac53ad55c7f9d87fd44a7ff4b196a0e62fe895e1733a42fee4ba5eb067d2b

        Identifiers

        • pkg:generic/Tesseract@4.1.1  (Confidence:Medium)
        • cpe:2.3:a:tesseract_project:tesseract:4.1.1:*:*:*:*:*:*:*  (Confidence:Low)  

        US_export_policy.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\security\policy\limited\US_export_policy.jar
        MD5: 0d59c5639aa24c7d326e7bd54bb8eda5
        SHA1: 58875d7463460d7998c4013912fb89965e823044
        SHA256:9ce50a70ed7051c155ab8ea06755f94823d8d1cba67ffd8fd3fe3249b3ac31ea

        Identifiers

        • None

        US_export_policy.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\security\policy\unlimited\US_export_policy.jar
        MD5: 6cbca5808b4a8613d2fed6fe4a84c449
        SHA1: 0135b30ebec03fb69d79cdc3126e608d9effb8b2
        SHA256:761aab2969883e9e5ea76df63ca404fb67673efc3f97def057f8e22517fc9518

        Identifiers

        • None

        VerificationSwagger.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\VerificationSwagger.js
        MD5: f953368f6e0dd506f23a789482e8ef72
        SHA1: 4dae19f777f14a1b739f6fb62a66b7e52e4956cd
        SHA256:dbe1e5d47a671e2094afcfafa2cb70e4f13af6d43a5da49aaa1eaaf55899a5f7

        Identifiers

        • None

        WebhookEventHandler.csproj

        File Path: D:\Onboarding\MerchantManagement\src\WebhookEventHandler\WebhookEventHandler.csproj
        MD5: d63f7617652a880d4de581e54fae459c
        SHA1: 5177bc4e6e332bf652773a4397e028c3eedd6f40
        SHA256:d23458d6bc7c31dda805e6227fdb5a7777aa18b3db8dc41cec828861807fa000

        Identifiers

        • None

        WebhookEventHandler.dll

        Description:

        WebhookEventHandler

        File Path: D:\Onboarding\MerchantManagement\src\WebhookEventHandler\bin\Debug\net6.0\WebhookEventHandler.dll
        MD5: d698383dab45060b697087b2e31bffae
        SHA1: 20d662d06d2c8c841b24481027731202069b9f6b
        SHA256:5814bb71975641e1d904a856355db9e713348ef1819391407ac695a292eb9c99

        Identifiers

        WebhookSwagger.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\definitions\WebhookSwagger.js
        MD5: b8c75e5f023717498b451912e1b565a1
        SHA1: 7557fdf90eee2b3f267b33be6198e2dcf45d216d
        SHA256:1a5c928140e374b04f621cbfda104f71f2b80c145844afb736cb6e65b632abda

        Identifiers

        • None

        charsets.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\charsets.jar
        MD5: be75a8a9ef9d57f82fd36dec50499da6
        SHA1: cc11cb6830b747274959accdce356c53c4af4951
        SHA256:25ced31eaffc46d3c9ce8152c55582e6387d0c2af1224e25e71b4d4dedcb130e

        Identifiers

        • None

        cldrdata.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\cldrdata.jar
        MD5: e340f52bb44fb8037fc5aaee310d870e
        SHA1: 895d2b3e73b2b77cd330ddf090edfeeb45c05673
        SHA256:bdf9ab179946462317faff751388927af7e0fbdbf27e2ae813d8f69632417645

        Identifiers

        • None

        coverlet.collector:3.1.0

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.Tests\MerchantManagement.Tests.csproj

        Identifiers

        deploy.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\deploy.jar
        MD5: bd9b63cd8ef803810d99e30ee37c3fbc
        SHA1: b4ce5d7e65b78b7654dc9afa3a478e2084d6411b
        SHA256:e7a20615cd163d543b69129278a1fdcaa25a8123cadb78d5171226f3661c2c2e

        Identifiers

        • None

        dnsns.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\dnsns.jar
        MD5: cef025c4c4137b2455cff867ce923184
        SHA1: 64c5697beefb66fcbeeaae3fb0fb87f7ee40c5f5
        SHA256:16ba799d7b41a5c5366a82c61b2e941f18cf224915e4692a1429c900b7cf6439

        Identifiers

        • None

        jaccess.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\jaccess.jar
        MD5: 223749749aa47e7e3f1bcce4a140d8c4
        SHA1: f6b60adcb2e903e6cbf0bd2a334ba9b7ef772f7f
        SHA256:166559f8f1e0c2fbfdaa0a2b183c459a7a7a0d98b0a2ec5bc2225eef58883f3f

        Identifiers

        • None

        javaws.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\javaws.jar
        MD5: 3d7068376febd26cf6d7d29a5d4ee420
        SHA1: 7d828c64c02b893fc07355c2176e9d92130b8fd3
        SHA256:ed958eaebb2a7c3b284730694ef8e495eaa5339f7b30de985997c4a82e8dd8e7

        Identifiers

        • None

        jce.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\jce.jar
        MD5: 1f4d4fc6b33c30c5782c66b80d92c4f9
        SHA1: 194df32fb23b470dae4929605d18abd041c743c6
        SHA256:81b8de0e148ed3601cf5f1bdf2787c5b15213d842bc537af9ede9635d692b904

        Identifiers

        • None

        jfr.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\jfr.jar
        MD5: 4e4400ad8bb0c3d3de86191cd24d3c4c
        SHA1: 456724c9a558b3d5d2a29c17d868f84d42e6f7f3
        SHA256:4d88e36fcceb71a0775c1dbcf2d5aac6b6dd89b9f3a8a7f6187dd640b064de43

        Identifiers

        CVE-2009-1006  

        Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.2 and earlier, with SDK/JRE 1.4.2, JRE/JDK 5, and JRE/JDK 6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (10.0)
        • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2011-3545  

        Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, 5.0 Update 31 and earlier, and 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (10.0)
        • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-2380  

        Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.  NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (10.0)
        • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5782  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (10.0)
        • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5830  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (10.0)
        • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2011-3551  

        Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (9.3)
        • Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2011-3556  

        Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3557.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (7.5)
        • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5802  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: HIGH (7.5)
        • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2011-3557  

        Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, 5.0 Update 31 and earlier, 1.4.2_33 and earlier, and JRockit R28.1.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to RMI, a different vulnerability than CVE-2011-3556.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: MEDIUM (6.8)
        • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5804  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: MEDIUM (6.4)
        • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5823  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: MEDIUM (5.0)
        • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5825  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: MEDIUM (5.0)
        • Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5780  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: MEDIUM (4.3)
        • Vector: /AV:N/AC:M/Au:N/C:P/I:N/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2011-3553  

        Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7, 6 Update 27 and earlier, and JRockit R28.1.4 and earlier allows remote authenticated users to affect confidentiality, related to JAXWS.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: LOW (3.5)
        • Vector: /AV:N/AC:M/Au:S/C:P/I:N/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5797  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: LOW (3.5)
        • Vector: /AV:N/AC:M/Au:S/C:N/I:P/A:N

        References:

        Vulnerable Software & Versions: (show all)

        CVE-2013-5803  

        Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.
        NVD-CWE-noinfo

        CVSSv2:
        • Base Score: LOW (2.6)
        • Vector: /AV:N/AC:H/Au:N/C:N/I:N/A:P

        References:

        Vulnerable Software & Versions: (show all)

        jfxrt.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\jfxrt.jar
        MD5: decab926ec27ece8ad8de1959bbe6e40
        SHA1: 19f97d5951f07e7895dff0b61f56e34b02f68cf8
        SHA256:986e41698d6afdef1a554fcce1b4ade86784ee4df579c074472659395a66f5b1

        Identifiers

        • None

        jsse.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\jsse.jar
        MD5: 6f71db514c082474b5e2d6ced7215dd9
        SHA1: a11cefd162f46c4bd4898d712267c74faa03a34f
        SHA256:5c8a841a3ecc757ab84fdb6569bcc6d5f7ae1752531c915d43d491541d8de937

        Identifiers

        leptonica-1.80.0.dll

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\x64\leptonica-1.80.0.dll
        MD5: 35e3f58d3d868e244b103f901fb2c66d
        SHA1: 35c7829b8d204bfa85449017afb7462fa4512284
        SHA256:29e58956c947ac5d21ff6c5755607098dfdfb220b21566bb146bcc6dbc454cdf

        Identifiers

        • cpe:2.3:a:leptonica:leptonica:1.80.0:*:*:*:*:*:*:*  (Confidence:Low)  

        leptonica-1.80.0.dll

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\x86\leptonica-1.80.0.dll
        MD5: bfc156ebfe3b86fbce3f24b475c19f20
        SHA1: 79c38f3505ee30132ac708895c5bb433794cafd2
        SHA256:23ae1310c7aa3e661963a363dae33bb698407648e7ea3085afa7a1dbdefea594

        Identifiers

        • cpe:2.3:a:leptonica:leptonica:1.80.0:*:*:*:*:*:*:*  (Confidence:Low)  

        local_policy.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\security\policy\limited\local_policy.jar
        MD5: 6280d06e46e0cc047e04c85c83874566
        SHA1: 7d0a29932b496edbdd1fc55572014bc89703ad07
        SHA256:92780525250258f336a8f746ed7437035512d06050d85786fb44fdf12e08419c

        Identifiers

        • None

        local_policy.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\security\policy\unlimited\local_policy.jar
        MD5: 360663f26c5584e6c6127254b261fa0c
        SHA1: aee6515eede2ad7c697ba8a61bdd9359be3319d2
        SHA256:02f69a433405ea928c89a8aade74e5462282ccb9a9d30851312ed3459398f85c

        Identifiers

        • None

        localedata.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\localedata.jar
        MD5: 4d2e3063b3d1fc20deb18859e10357f9
        SHA1: 3ec186a9394223d5fecd27f45679f426998603ef
        SHA256:751eb64554449397845cb997cde0918834ad7147efeb429ff83be3d2b2b4b87b

        Identifiers

        • None

        management-agent.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\management-agent.jar
        MD5: fa58bb0dea08d8c8629afdcb57d124a4
        SHA1: 1995713167f486a9dd340411767a24487cd51510
        SHA256:b4770222b7a752f2c887ff25f20cd8402b0650f8c9e9ba05e07f0ad608e47e67

        Identifiers

        • None

        nashorn.jar: base.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\base.js
        MD5: 4884a40c521d57e79eb78446dab4ec36
        SHA1: 2b501655f4967658431bdd02dac98ecbfdf5fbce
        SHA256:bfcd57b6cdfa2c3e880da9e04ebe73d63a20e226c0a911120e70fb05e2503a79

        Identifiers

        • None

        nashorn.jar: bootstrap.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\bootstrap.js
        MD5: 0852e1ca5f5196c655c83f4a31d9a38e
        SHA1: d2c673b70d5b86a7ade93b7d91aefb52ba7b0d59
        SHA256:716d8a0b83f41f70580a84faafce491672ec9429f842e8a87972d795bb90a81e

        Identifiers

        • None

        nashorn.jar: controls.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\controls.js
        MD5: 517df1cdcc12e68624bcfd93b3795e2b
        SHA1: 5770571b49c0d98f04fa56349282051bee54695b
        SHA256:a65a5409c41e4926bc66f9d982e8759e11faa4a224453db64d03880b74de6667

        Identifiers

        • None

        nashorn.jar: fxml.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\fxml.js
        MD5: 4f6c5373999aba13c67e938079e1c5d6
        SHA1: 0b87229d0b8c2035fe18eb850c87332915ae92d1
        SHA256:b28e554027f850fd7ec750f3a7aeb48fb86f37233b62136493b960b6810c2602

        Identifiers

        • None

        nashorn.jar: graphics.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\graphics.js
        MD5: acb809d6467da2969d074ff1f13b0103
        SHA1: 047729c8dc0ccf151b4292b4fed8ead4cef99005
        SHA256:ef2ab315d7a6e27ce2fa671b108316a48bfcbbeeb018b3d297b5c7ebe837d589

        Identifiers

        • None

        nashorn.jar: media.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\media.js
        MD5: d4638490bda644b5923d2343e10c0810
        SHA1: 880275b9d59522bf40d925b9a859dc3297a4e8d4
        SHA256:620f1bf0f3400b76766ed2370a968472ed2bba20655a3c271100c10a7013505d

        Identifiers

        • None

        nashorn.jar: mozilla_compat.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\mozilla_compat.js
        MD5: 99de93bc0ab59c29f697a85af0a3368a
        SHA1: 76e77f67936752966d21f9ae9417adec8cd1253d
        SHA256:7fb48c8da0ba954827417160745d9b1b9fc045c9b2e02f5f5fa05d25ad4b9c32

        Identifiers

        • None

        nashorn.jar: parser.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\parser.js
        MD5: 007899ccc6ae2a845c86bfdfaeb2a534
        SHA1: 44c413366635773825b0515148bf204e237ae5b8
        SHA256:cf94d48fb199626fbe05c093e94c2a3021fb54fdf48270519165b625379ce697

        Identifiers

        • None

        nashorn.jar: swing.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\swing.js
        MD5: c6681565ae3327935fcdcbcc5325566e
        SHA1: 55e28e524464c46d8363683c18b1349bfc5fca74
        SHA256:8c6982f67558f4ddab5b43de97650e4027186ebc6274bcb99f2ce740a9decec7

        Identifiers

        • None

        nashorn.jar: swt.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\swt.js
        MD5: 2302f9444742118e7630d79fc265116f
        SHA1: 3dc7e9ce146c71e09b8ad00f310aacdd5b9c1510
        SHA256:43a93bce53690bdf0b767a018f1e2d579a23b955992d679e147053767e7d1c12

        Identifiers

        • None

        nashorn.jar: web.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar\jdk\nashorn\internal\runtime\resources\fx\web.js
        MD5: af46e2d30ec629796f76e1539993e1c6
        SHA1: 5b5005fb18a2498f4e9b954da69bd8083ed121d4
        SHA256:653e15f1477cc6d8d3282f5ed3cc6a4ba9932954c98ce8a252e55dc56d5d656e

        Identifiers

        • None

        nashorn.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\nashorn.jar
        MD5: 74c436e75f08a01f57cb473f2c8a5515
        SHA1: 0970f14e2431afeabd51f0c3dc147d4a80056965
        SHA256:347dda25d017cc19034ef28c97dddc9331f5e11b568931769c2e052dac302f57

        Identifiers

        • None

        package.json

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\package.json
        MD5: 900eea6dcc0ec5f5e340d4e925c560e9
        SHA1: 102729223fff910795cb01de9abd02b2c99f57df
        SHA256:b1d5cca4276e489b92c01b11088b551c14288c76a704d813097231c13927f608

        Identifiers

        • None

        package.json

        File Path: D:\Onboarding\MerchantManagement\src\OCR\package.json
        MD5: 245567ae0be728133fd5b9d1f9e8e49a
        SHA1: b6c5855bd4ae707a64e0c9ad9b700799a396c9a3
        SHA256:3f65ac9b18446364f50449ba9fcda2f3e0aaabd9290cf13435bae2479671b8c6

        Identifiers

        • None

        pdfium.dll

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\runtimes\win-x64\native\pdfium.dll
        MD5: 1d1b12e0f3e12a764424f6365255fdef
        SHA1: 8ba7a14e6177154d373c07e18791f5ad8376fd65
        SHA256:bca96944d731dd72877116d3472083c847fe307fc58ca39bce16cbe998c478f1

        Identifiers

        • None

        pdfium.dll

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\runtimes\win-x86\native\pdfium.dll
        MD5: 2154a2872defd49f6c26e060212cae5c
        SHA1: e6fb9e6537e11e8f621fa4a14c3b95076c7e2c30
        SHA256:b7851fd6581b8bfe40c485a7c7e2f08fca245a7c2d1d5dcf051807488d346f09

        Identifiers

        • None

        plugin.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\plugin.jar
        MD5: 771eab9517aa9f593e7702ce31ec9524
        SHA1: 41cc24f59b5bcc4d3b71f56b0f9e2b8d9fe8dc3c
        SHA256:2da9ba5e7893265ef9abf38a5e9a6f524ee635e5d8067433aae6f8447b810535

        Identifiers

        • None

        resources.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\resources.jar
        MD5: 33fa302bbb01eb666f0b5db79e5e9b4f
        SHA1: d9e8dfb00cc1cb4bc0a7d4fbc6d06972b74639d9
        SHA256:9138df6eb6a6f0793db455a8b26ff294aa45fda4510a784575c4240ab80775bf

        Identifiers

        • None

        rt.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\rt.jar
        MD5: c1af941217d3e71df0061022ce628981
        SHA1: 03c0241595dde88052ab6ab4c868b117badcbbee
        SHA256:93f8e5fd7a9c3b2ced83cb7d65cb3b7a4956ca7c6312c000f65245ca1e2698cf

        Identifiers

        • None

        sunec.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\sunec.jar
        MD5: 8f584d88c5b02b9dde9b4ac752ee05f6
        SHA1: 2dfc8984e13a84aa39b1766072219f6df1a58228
        SHA256:b7467f44b1e57661c56726e72d5c0ad1d8b608813c9f723373a0e98e5648c98f

        Identifiers

        sunjce_provider.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\sunjce_provider.jar
        MD5: 67ac818985503bcc5ef5545a80af1240
        SHA1: 4cfd63f68a2d4c2ea88d6cc536dbafe4aeafbe40
        SHA256:9990d3b64e314ab6d44898bc7f99d0be2e7990b352d8025ac9f5e6afb547cfd9

        Identifiers

        • None

        sunpkcs11.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\sunpkcs11.jar
        MD5: dc3a3b045015dc549800fea995ec1706
        SHA1: a90d2e662af87da76127c16b90f0090fc5fd5a36
        SHA256:214c4f284c5e535228c715625112b8a85afddf190ad701802c80eec0ad5c96a6

        Identifiers

        • cpe:2.3:a:oracle:platform_security_for_java:1.8.0.361:*:*:*:*:*:*:*  (Confidence:Low)  

        swagger.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger.js
        MD5: 8c966df86ee27632be72505b900f5916
        SHA1: 9763a3faecb7eb413fff25dc9b64d48180ad717d
        SHA256:2361cc5e66651683d9f2ad44475939cb656919330e9eda7752d39bceeb20a068

        Identifiers

        • None

        swaggerDefinition.js

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.Swagger.API\swagger\swaggerDefinition.js
        MD5: afae31f15746414aff51064fb3c51250
        SHA1: 20d641446c9e33111a6b44913defc7b24e5b6e46
        SHA256:96e4e22625439f4efa5c0d6fa670379c38b2e224ada6d7bb5b5c0d97f3653cde

        Identifiers

        • None

        tesseract41.dll

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\x64\tesseract41.dll
        MD5: 3255fefb5dda0bb81adfbb1722fe45ef
        SHA1: dd7ef8696354ff16410d298042642106241ceb62
        SHA256:13a8eaffc40b2f2e50e8f4ad835a9b25143413e3d6a85a3e64f6ec575a795375

        Identifiers

        tesseract41.dll

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\bin\Debug\net6.0\x86\tesseract41.dll
        MD5: 298c0d71957cb2d82654373582c2313d
        SHA1: 5144e81cdb46cf31dc57000cd0c4c656c5e5e489
        SHA256:f7456f32c1066da10e9d1a94b73900ef61d6652729cb159504771f65dd331872

        Identifiers

        testhost.dll

        Description:

        testhost

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\testhost.dll
        MD5: 2f688db5ce1a04d7e68e67508ceb89da
        SHA1: f7f423e77d3a8f98a30e6288290fde469a282c33
        SHA256:6bb2d901bb119deb7b2a3047cc2d51bdb1e88544295e6ef497cdc26b01bcd573

        Identifiers

        testhost.exe

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\testhost.exe
        MD5: 402637a8ffd2c97840985117d59f44d5
        SHA1: 01054699ec09dcebacd1d838479650b588790787
        SHA256:106530dd43192e1bf8a7cab256131da7383a465de940798405774d2279f0dc02

        Identifiers

        • None

        xunit.abstractions.dll

        Description:

        xUnit.net Abstractions (PCL)

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.abstractions.dll
        MD5: d8a035462916c19a6dd13cb534051e81
        SHA1: 92a0d358e7342e3da1e73dfb27c783de55a379c1
        SHA256:3166dc70323fb30ccf1cedb0fe86f2ad122c46d254542342d90386efc4c9285c

        Identifiers

        xunit.assert.dll

        Description:

        xUnit.net Assertion Library

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.assert.dll
        MD5: 424d4d02c203bb271b05891afd4b840b
        SHA1: b8f5f3d5063635765be0beab80329a0c1da87619
        SHA256:17b97301ee85f235cc45134055a2edc2fe6996966bd9fdebf0aede9770c6a06e

        Identifiers

        xunit.core.dll

        Description:

        xUnit.net Core

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.core.dll
        MD5: 63af8c05d126e90217560b32436283ba
        SHA1: 048ae886d2b90c14b0fbac8f852a9537a1720013
        SHA256:ea7acbee4e78e941df6cfe346e44be0e35e959015dc4421635fd114dbec42467

        Identifiers

        xunit.execution.dotnet.dll

        Description:

        xUnit.net Execution (dotnet)

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.execution.dotnet.dll
        MD5: bf60647fe6418db954344327a1fd9329
        SHA1: e36e00d865b5778fa6872b7e91aa43c2f506e3d2
        SHA256:99088544fcadd500e30258645765ab01e21d31fc29c46fd46b7def55fe35268f

        Identifiers

        xunit.runner.reporters.netcoreapp10.dll

        Description:

        xUnit.net Runner Reporters (.NET Core 1.0)

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.runner.reporters.netcoreapp10.dll
        MD5: 8dd04d8859206dcce5c1d400cd918dcd
        SHA1: eb81d761992ab633584cf7ecd8f7843743d1b136
        SHA256:2029c8d47645da90e0d58537ee0fd101e1291108806630232c138d52ec382de4

        Identifiers

        xunit.runner.utility.netcoreapp10.dll

        Description:

        xUnit.net Runner Utility (.NET Core 1.0)

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.runner.utility.netcoreapp10.dll
        MD5: 23b2927c45ffe829bcdc6ba6e437c651
        SHA1: 9de3650db94aa5fe82f8c04a719f137179f50059
        SHA256:508b79ae64e32fe80180118c86529f62d278deeec48c58c2cc091843650727e0

        Identifiers

        xunit.runner.visualstudio.dotnetcore.testadapter.dll

        Description:

        xUnit.net Runner for Visual Studio (netcoreapp2.1)

Visual Studio 2017 15.9+ Test Explorer runner for the xUnit.net framework. Capable of running xUnit.net v1.9.2 and v2.0+ tests. Supports .NET 2.0 or later, .NET Core 2.1 or later, and Universal Windows 10.0.16299 or later.

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.API.Tests\bin\Debug\net6.0\xunit.runner.visualstudio.dotnetcore.testadapter.dll
        MD5: f59853cbf4a8e6b9398e0fb728b8684c
        SHA1: c52840f8848c91e41d63790df0a1fc5e7ae5daf5
        SHA256:070380b5358b9b6bb58b4ae75b7aa04972c0ba40edc8b119ef72ac3ab70ebc45

        Identifiers

        xunit.runner.visualstudio:2.4.3

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.Tests\MerchantManagement.Tests.csproj

        Identifiers

        xunit:2.4.1

        File Path: D:\Onboarding\MerchantManagement\test\MerchantManagement.Tests\MerchantManagement.Tests.csproj

        Identifiers

        zipfs.jar

        File Path: D:\Onboarding\MerchantManagement\src\MerchantManagement.API\jre1.8.0_351\jre\lib\ext\zipfs.jar
        MD5: 6d7da4a8f1fc737689d382a821dd3e4c
        SHA1: 2675f3995983180a637f1d5cd71ac436057fa994
        SHA256:6bb0619d4cb6c7e273d50fc4be13aca32441e3b8bfbdd8a03032d5c2c300abc3

        Identifiers

        • None


        This report contains data retrieved from the National Vulnerability Database.
        This report may contain data retrieved from the CISA Known Exploited Vulnerability Catalog.
        This report may contain data retrieved from the Github Advisory Database (via NPM Audit API).
        This report may contain data retrieved from RetireJS.
        This report may contain data retrieved from the Sonatype OSS Index.