Dependency-Check Report

Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

Scan Information (show all):

dependency-check version: 12.1.0
Report Generated On: Tue, 4 Mar 2025 13:40:25 +0530
Dependencies Scanned: 70 (59 unique)
Vulnerable Dependencies: 2
Vulnerabilities Found: 3
Vulnerabilities Suppressed: 0
...
NVD API Last Checked: 2025-03-04T10:03:23+0530
NVD API Last Modified: 2025-03-04T04:15:15Z

Summary

Display: Showing Vulnerable Dependencies (click to show all)

Dependency	Vulnerability IDs	Package	Highest Severity	CVE Count	Confidence	Evidence Count
APF.Core3.1.API:6.0.0.*		pkg:nuget/APF.Core3.1.API@6.0.0.%2A		0		8
APF.Core3.1.AWS:6.0.0.*		pkg:nuget/APF.Core3.1.AWS@6.0.0.%2A		0		8
APF.Core3.1:6.0.0.*		pkg:nuget/APF.Core3.1@6.0.0.%2A		0		8
APF.Core3.1:6.0.0.8		pkg:nuget/APF.Core3.1@6.0.0.8		0		8
AWSSDK.APIGateway:3.7.100.22		pkg:nuget/AWSSDK.APIGateway@3.7.100.22		0		6
AWSSDK.CodePipeline:3.7.100.22		pkg:nuget/AWSSDK.CodePipeline@3.7.100.22		0		6
AWSSDK.Core:3.7.100.22		pkg:nuget/AWSSDK.Core@3.7.100.22		0		6
AWSSDK.Extensions.NETCore.Setup:3.7.2		pkg:nuget/AWSSDK.Extensions.NETCore.Setup@3.7.2		0		8
AWSSDK.S3:3.7.100		pkg:nuget/AWSSDK.S3@3.7.100		0		6
AWSSDK.SecurityToken:3.7.100.22		pkg:nuget/AWSSDK.SecurityToken@3.7.100.22		0		6
AWSSDK.SimpleSystemsManagement:3.7.100.2		pkg:nuget/AWSSDK.SimpleSystemsManagement@3.7.100.2		0		6
Amazon.Lambda.AspNetCoreServer:6.1.0	cpe:2.3:a:asp-project:asp-project:6.1.0:::::::*	pkg:nuget/Amazon.Lambda.AspNetCoreServer@6.1.0		0	Low	8
Amazon.Lambda.Core:2.1.0		pkg:nuget/Amazon.Lambda.Core@2.1.0		0		8
Amazon.Lambda.Serialization.SystemTextJson:2.3.0		pkg:nuget/Amazon.Lambda.Serialization.SystemTextJson@2.3.0		0		8
AutoMapper.Extensions.Microsoft.DependencyInjection:12.0.0		pkg:nuget/AutoMapper.Extensions.Microsoft.DependencyInjection@12.0.0		0		8
AutoMapper:12.0.0		pkg:nuget/AutoMapper@12.0.0		0		4
AwsParameterStore.Microsoft.Extensions.Configuration:0.7.0		pkg:nuget/AwsParameterStore.Microsoft.Extensions.Configuration@0.7.0		0		8
FeesSwagger.js				0		0
FluentValidation.AspNetCore:11.3.0	cpe:2.3:a:asp-project:asp-project:11.3.0:::::::*	pkg:nuget/FluentValidation.AspNetCore@11.3.0		0	Low	6
FluentValidation.DependencyInjectionExtensions:11.9.0		pkg:nuget/FluentValidation.DependencyInjectionExtensions@11.9.0		0		6
FluentValidation:11.9.0		pkg:nuget/FluentValidation@11.9.0		0		4
Hashids.net:1.3.0		pkg:nuget/Hashids.net@1.3.0		0		6
Lumigo.DotNET:1.0.45		pkg:nuget/Lumigo.DotNET@1.0.45		0		6
MerchantBeneficiarySwagger.js				0		0
MerchantBeneficiaryVersion2Swagger.js				0		0
MerchantBillingConfigurationSwagger.js				0		0
MerchantPaymentMethodSwagger.js				0		0
MerchantProcessorConfiguration.js				0		0
MerchantSettingSwagger.js				0		0
MerchantSwagger.js				0		0
MerchantVersion2Swagger.js				0		0
Microsoft.AspNetCore.Authentication.JwtBearer:3.1.3	cpe:2.3:a:asp-project:asp-project:3.1.3:::::::*	pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.1.3	LOW	1	Low	8
Microsoft.AspNetCore.Mvc.NewtonsoftJson:6.0.24	cpe:2.3:a:asp-project:asp-project:6.0.24:::::::*	pkg:nuget/Microsoft.AspNetCore.Mvc.NewtonsoftJson@6.0.24		0	Low	8
Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer:5.1.0	cpe:2.3:a:asp-project:asp-project:5.1.0:::::::*	pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer@5.1.0		0	Low	8
Microsoft.EntityFrameworkCore.Design:8.0.0		pkg:nuget/Microsoft.EntityFrameworkCore.Design@8.0.0		0		8
Microsoft.EntityFrameworkCore.SqlServer:8.0.0	cpe:2.3:a:www-sql_project:www-sql:8.0.0:::::::*	pkg:nuget/Microsoft.EntityFrameworkCore.SqlServer@8.0.0		0	Low	8
Microsoft.EntityFrameworkCore.Tools:8.0.0		pkg:nuget/Microsoft.EntityFrameworkCore.Tools@8.0.0		0		8
Microsoft.Extensions.Configuration.EnvironmentVariables:6.0.1		pkg:nuget/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.1		0		8
Microsoft.Extensions.Configuration.Json:6.0.0		pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0		0		8
Microsoft.Extensions.Configuration:6.0.1		pkg:nuget/Microsoft.Extensions.Configuration@6.0.1		0		8
Microsoft.Extensions.DependencyInjection:6.0.1		pkg:nuget/Microsoft.Extensions.DependencyInjection@6.0.1		0		8
Microsoft.Extensions.Logging:6.0.0		pkg:nuget/Microsoft.Extensions.Logging@6.0.0		0		8
ModuleSwagger.js				0		0
Newtonsoft.Json.dll	cpe:2.3:a:newtonsoft:json.net:13.0.3:::::::*	pkg:generic/Newtonsoft.Json@13.0.3		0	Low	22
PayoutCodePipelineDeployAPI.csproj				0		2
PayoutEntity.dll		pkg:generic/PayoutEntity@1.0.0		0		13
PayoutMerchant.API.csproj				0		2
PayoutMerchant.csproj				0		2
Pomelo.EntityFrameworkCore.MySql:8.0.0	cpe:2.3:a:mysql:mysql:8.0.0:::::::* cpe:2.3:a:www-sql_project:www-sql:8.0.0:::::::*	pkg:nuget/Pomelo.EntityFrameworkCore.MySql@8.0.0		0	Low	8
ProcessorSwagger.js				0		0
RatePlanSwagger.js				0		0
SonarScanner.MSBuild.Common.dll		pkg:generic/SonarScanner.MSBuild.Common@6.1.0.83647		0		17
SonarScanner.MSBuild.Tasks.dll	cpe:2.3:a:tasks:tasks:6.1.0.83647:::::::*	pkg:generic/SonarScanner.MSBuild.Tasks@6.1.0.83647	MEDIUM	2	Low	15
SwaggerController.js				0		0
Swashbuckle.AspNetCore:6.4.0		pkg:nuget/Swashbuckle.AspNetCore@6.4.0		0		6
TaxesSwagger.js				0		0
package.json				0		0
swagger.js				0		0
swaggerDefinition.js				0		0

Dependencies (vulnerable)

APF.Core3.1.API:6.0.0.*

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	APF	Medium
Vendor	msbuild	id	APF.Core3.1.API	Medium
Vendor	msbuild	id	Core3	Low
Vendor	msbuild	id	Core3.1.API	Low
Product	msbuild	id	APF.Core3.1.API	Highest
Product	msbuild	id	Core3	Medium
Product	msbuild	id	Core3.1.API	Medium
Version	msbuild	version	6.0.0.*	Highest

Identifiers

pkg:nuget/APF.Core3.1.API@6.0.0.%2A (Confidence:Highest)

APF.Core3.1.AWS:6.0.0.*

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	APF	Medium
Vendor	msbuild	id	APF.Core3.1.AWS	Medium
Vendor	msbuild	id	Core3	Low
Vendor	msbuild	id	Core3.1.AWS	Low
Product	msbuild	id	APF.Core3.1.AWS	Highest
Product	msbuild	id	Core3	Medium
Product	msbuild	id	Core3.1.AWS	Medium
Version	msbuild	version	6.0.0.*	Highest

Related Dependencies

Identifiers

pkg:nuget/APF.Core3.1.AWS@6.0.0.%2A (Confidence:Highest)

APF.Core3.1:6.0.0.*

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	APF	Medium
Vendor	msbuild	id	APF.Core3.1	Medium
Vendor	msbuild	id	Core3	Low
Vendor	msbuild	id	Core3.1	Low
Product	msbuild	id	APF.Core3.1	Highest
Product	msbuild	id	Core3	Medium
Product	msbuild	id	Core3.1	Medium
Version	msbuild	version	6.0.0.*	Highest

Related Dependencies

Identifiers

pkg:nuget/APF.Core3.1@6.0.0.%2A (Confidence:Highest)

APF.Core3.1:6.0.0.8

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	APF	Medium
Vendor	msbuild	id	APF.Core3.1	Medium
Vendor	msbuild	id	Core3	Low
Vendor	msbuild	id	Core3.1	Low
Product	msbuild	id	APF.Core3.1	Highest
Product	msbuild	id	Core3	Medium
Product	msbuild	id	Core3.1	Medium
Version	msbuild	version	6.0.0.8	Highest

Identifiers

pkg:nuget/APF.Core3.1@6.0.0.8 (Confidence:Highest)

AWSSDK.APIGateway:3.7.100.22

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	APIGateway	Low
Vendor	msbuild	id	AWSSDK	Medium
Vendor	msbuild	id	AWSSDK.APIGateway	Medium
Product	msbuild	id	APIGateway	Medium
Product	msbuild	id	AWSSDK.APIGateway	Highest
Version	msbuild	version	3.7.100.22	Highest

Identifiers

pkg:nuget/AWSSDK.APIGateway@3.7.100.22 (Confidence:Highest)

AWSSDK.CodePipeline:3.7.100.22

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AWSSDK	Medium
Vendor	msbuild	id	AWSSDK.CodePipeline	Medium
Vendor	msbuild	id	CodePipeline	Low
Product	msbuild	id	AWSSDK.CodePipeline	Highest
Product	msbuild	id	CodePipeline	Medium
Version	msbuild	version	3.7.100.22	Highest

Identifiers

pkg:nuget/AWSSDK.CodePipeline@3.7.100.22 (Confidence:Highest)

AWSSDK.Core:3.7.100.22

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AWSSDK	Medium
Vendor	msbuild	id	AWSSDK.Core	Medium
Vendor	msbuild	id	Core	Low
Product	msbuild	id	AWSSDK.Core	Highest
Product	msbuild	id	Core	Medium
Version	msbuild	version	3.7.100.22	Highest

Identifiers

pkg:nuget/AWSSDK.Core@3.7.100.22 (Confidence:Highest)

AWSSDK.Extensions.NETCore.Setup:3.7.2

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AWSSDK	Medium
Vendor	msbuild	id	AWSSDK.Extensions.NETCore.Setup	Medium
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.NETCore.Setup	Low
Product	msbuild	id	AWSSDK.Extensions.NETCore.Setup	Highest
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.NETCore.Setup	Medium
Version	msbuild	version	3.7.2	Highest

Identifiers

pkg:nuget/AWSSDK.Extensions.NETCore.Setup@3.7.2 (Confidence:Highest)

AWSSDK.S3:3.7.100

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Identifiers

pkg:nuget/AWSSDK.S3@3.7.100 (Confidence:Highest)

AWSSDK.SecurityToken:3.7.100.22

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AWSSDK	Medium
Vendor	msbuild	id	AWSSDK.SecurityToken	Medium
Vendor	msbuild	id	SecurityToken	Low
Product	msbuild	id	AWSSDK.SecurityToken	Highest
Product	msbuild	id	SecurityToken	Medium
Version	msbuild	version	3.7.100.22	Highest

Identifiers

pkg:nuget/AWSSDK.SecurityToken@3.7.100.22 (Confidence:Highest)

AWSSDK.SimpleSystemsManagement:3.7.100.2

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AWSSDK	Medium
Vendor	msbuild	id	AWSSDK.SimpleSystemsManagement	Medium
Vendor	msbuild	id	SimpleSystemsManagement	Low
Product	msbuild	id	AWSSDK.SimpleSystemsManagement	Highest
Product	msbuild	id	SimpleSystemsManagement	Medium
Version	msbuild	version	3.7.100.2	Highest

Identifiers

pkg:nuget/AWSSDK.SimpleSystemsManagement@3.7.100.2 (Confidence:Highest)

Amazon.Lambda.AspNetCoreServer:6.1.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Amazon	Medium
Vendor	msbuild	id	Amazon.Lambda.AspNetCoreServer	Medium
Vendor	msbuild	id	Lambda	Low
Vendor	msbuild	id	Lambda.AspNetCoreServer	Low
Product	msbuild	id	Amazon.Lambda.AspNetCoreServer	Highest
Product	msbuild	id	Lambda	Medium
Product	msbuild	id	Lambda.AspNetCoreServer	Medium
Version	msbuild	version	6.1.0	Highest

Identifiers

pkg:nuget/Amazon.Lambda.AspNetCoreServer@6.1.0 (Confidence:Highest)
cpe:2.3:a:asp-project:asp-project:6.1.0:*:*:*:*:*:*:* (Confidence:Low)

Amazon.Lambda.Core:2.1.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Amazon	Medium
Vendor	msbuild	id	Amazon.Lambda.Core	Medium
Vendor	msbuild	id	Lambda	Low
Vendor	msbuild	id	Lambda.Core	Low
Product	msbuild	id	Amazon.Lambda.Core	Highest
Product	msbuild	id	Lambda	Medium
Product	msbuild	id	Lambda.Core	Medium
Version	msbuild	version	2.1.0	Highest

Identifiers

pkg:nuget/Amazon.Lambda.Core@2.1.0 (Confidence:Highest)

Amazon.Lambda.Serialization.SystemTextJson:2.3.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Amazon	Medium
Vendor	msbuild	id	Amazon.Lambda.Serialization.SystemTextJson	Medium
Vendor	msbuild	id	Lambda	Low
Vendor	msbuild	id	Lambda.Serialization.SystemTextJson	Low
Product	msbuild	id	Amazon.Lambda.Serialization.SystemTextJson	Highest
Product	msbuild	id	Lambda	Medium
Product	msbuild	id	Lambda.Serialization.SystemTextJson	Medium
Version	msbuild	version	2.3.0	Highest

Identifiers

pkg:nuget/Amazon.Lambda.Serialization.SystemTextJson@2.3.0 (Confidence:Highest)

AutoMapper.Extensions.Microsoft.DependencyInjection:12.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AutoMapper	Medium
Vendor	msbuild	id	AutoMapper.Extensions.Microsoft.DependencyInjection	Medium
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.Microsoft.DependencyInjection	Low
Product	msbuild	id	AutoMapper.Extensions.Microsoft.DependencyInjection	Highest
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.Microsoft.DependencyInjection	Medium
Version	msbuild	version	12.0.0	Highest

Identifiers

pkg:nuget/AutoMapper.Extensions.Microsoft.DependencyInjection@12.0.0 (Confidence:Highest)

AutoMapper:12.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Identifiers

pkg:nuget/AutoMapper@12.0.0 (Confidence:Highest)

AwsParameterStore.Microsoft.Extensions.Configuration:0.7.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AwsParameterStore	Medium
Vendor	msbuild	id	AwsParameterStore.Microsoft.Extensions.Configuration	Medium
Vendor	msbuild	id	Microsoft	Low
Vendor	msbuild	id	Microsoft.Extensions.Configuration	Low
Product	msbuild	id	AwsParameterStore.Microsoft.Extensions.Configuration	Highest
Product	msbuild	id	Microsoft	Medium
Product	msbuild	id	Microsoft.Extensions.Configuration	Medium
Version	msbuild	version	0.7.0	Highest

Identifiers

pkg:nuget/AwsParameterStore.Microsoft.Extensions.Configuration@0.7.0 (Confidence:Highest)

FeesSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\FeesSwagger.js
MD5: d6ea59b7f0f5e07c8472f1d670e7a066
SHA1: d8f937900a1275c6abad9b0ed722db7705ff0937
SHA256:407e53be6baca3ee2172f59ef916449f724f1d15208dfab419f23cf4d6654157

Evidence

Identifiers

None

FluentValidation.AspNetCore:11.3.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AspNetCore	Low
Vendor	msbuild	id	FluentValidation	Medium
Vendor	msbuild	id	FluentValidation.AspNetCore	Medium
Product	msbuild	id	AspNetCore	Medium
Product	msbuild	id	FluentValidation.AspNetCore	Highest
Version	msbuild	version	11.3.0	Highest

Identifiers

pkg:nuget/FluentValidation.AspNetCore@11.3.0 (Confidence:Highest)
cpe:2.3:a:asp-project:asp-project:11.3.0:*:*:*:*:*:*:* (Confidence:Low)

FluentValidation.DependencyInjectionExtensions:11.9.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	DependencyInjectionExtensions	Low
Vendor	msbuild	id	FluentValidation	Medium
Vendor	msbuild	id	FluentValidation.DependencyInjectionExtensions	Medium
Product	msbuild	id	DependencyInjectionExtensions	Medium
Product	msbuild	id	FluentValidation.DependencyInjectionExtensions	Highest
Version	msbuild	version	11.9.0	Highest

Related Dependencies

Identifiers

pkg:nuget/FluentValidation.DependencyInjectionExtensions@11.9.0 (Confidence:Highest)

FluentValidation:11.9.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	FluentValidation	Medium
Vendor	msbuild	id	FluentValidation	Low
Product	msbuild	id	FluentValidation	Highest
Version	msbuild	version	11.9.0	Highest

Related Dependencies

Identifiers

pkg:nuget/FluentValidation@11.9.0 (Confidence:Highest)

Hashids.net:1.3.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Hashids	Medium
Vendor	msbuild	id	Hashids.net	Medium
Vendor	msbuild	id	net	Low
Product	msbuild	id	Hashids.net	Highest
Product	msbuild	id	net	Medium
Version	msbuild	version	1.3.0	Highest

Identifiers

pkg:nuget/Hashids.net@1.3.0 (Confidence:Highest)

Lumigo.DotNET:1.0.45

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	DotNET	Low
Vendor	msbuild	id	Lumigo	Medium
Vendor	msbuild	id	Lumigo.DotNET	Medium
Product	msbuild	id	DotNET	Medium
Product	msbuild	id	Lumigo.DotNET	Highest
Version	msbuild	version	1.0.45	Highest

Identifiers

pkg:nuget/Lumigo.DotNET@1.0.45 (Confidence:Highest)

MerchantBeneficiarySwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantBeneficiarySwagger.js
MD5: 56da23f9205b835201240e2b34948c45
SHA1: a17b98ad0d140775fbb11958573b647617b934ad
SHA256:bd1ebaa15f1b414a2214665a4117a4d931bb92cfcf4ec96ebcb1b2941da12fdb

Evidence

Identifiers

None

MerchantBeneficiaryVersion2Swagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantBeneficiaryVersion2Swagger.js
MD5: 047d29c96babd45ec69feb7798747116
SHA1: 39c84298bb48c9d96d638c2462ad84ea743c9144
SHA256:625fb570e16dd4d06b0a9e84872025ce7d73ebe78dd9fb708f090f08ae8f4219

Evidence

Identifiers

None

MerchantBillingConfigurationSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantBillingConfigurationSwagger.js
MD5: 472b94b9c0305832c1b401dfac351617
SHA1: 7953460dda6ef1e55c642fef6f73c083a55a4087
SHA256:b3d74c086b289686cb328d38a70d35e4a466ca12002f87706b0ed1d2714c50c8

Evidence

Identifiers

None

MerchantPaymentMethodSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantPaymentMethodSwagger.js
MD5: 05b10b1b4db1ee9a0850e09b1076600e
SHA1: c48fc59006a81026d9e48e47da9905a86b35abf5
SHA256:6bf0909e4c60d82908ff766b1893863e7fbe1589c0a7006f4a1568f9990fa094

Evidence

Identifiers

None

MerchantProcessorConfiguration.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantProcessorConfiguration.js
MD5: 39daf04eb6b02cc6c8b386322acbe3fa
SHA1: 52600e22bf0c319ae6978caaf6416c977f25edc4
SHA256:b7bdd6f8e7ddb7ff8e9aff2466fe7f9434bbc32c052b49d9b9094306755fe7b9

Evidence

Identifiers

None

MerchantSettingSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantSettingSwagger.js
MD5: 535082eae6774ce9851185f50d6e167b
SHA1: b3bcf9d2095eaf727f9bee4ca2600291e43a2b36
SHA256:d3710df5816a3d8900f1dc0f21935d4d3a5cbb0b3cef4d39d68d0bbdb3b6f1bd

Evidence

Identifiers

None

MerchantSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantSwagger.js
MD5: 78f4d93c7284d8a7076186140d284a7e
SHA1: 5bbbefe01fe48a60b278cbe86c9482ee5667f664
SHA256:6e69e65026bd90e393b09e26b046236d7b62dbbca8744b90584e147fbda352a2

Evidence

Identifiers

None

MerchantVersion2Swagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\MerchantVersion2Swagger.js
MD5: d49a6ba4d6741035cc2b2f0b462954c3
SHA1: 03a17fc013ec79fb107c634ec9396d5d0a6fde04
SHA256:d8e3755b10f3fd566590b524bb0c7f28db0764d04970285df9d1e2c699a56ff6

Evidence

Identifiers

None

Microsoft.AspNetCore.Authentication.JwtBearer:3.1.3

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AspNetCore	Low
Vendor	msbuild	id	AspNetCore.Authentication.JwtBearer	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.AspNetCore.Authentication.JwtBearer	Medium
Product	msbuild	id	AspNetCore	Medium
Product	msbuild	id	AspNetCore.Authentication.JwtBearer	Medium
Product	msbuild	id	Microsoft.AspNetCore.Authentication.JwtBearer	Highest
Version	msbuild	version	3.1.3	Highest

Related Dependencies

Identifiers

pkg:nuget/Microsoft.AspNetCore.Authentication.JwtBearer@3.1.3 (Confidence:Highest)
cpe:2.3:a:asp-project:asp-project:3.1.3:*:*:*:*:*:*:* (Confidence:Low)

Published Vulnerabilities

CVE-2021-34532 (OSSINDEX)

ASP.NET Core and Visual Studio Information Disclosure Vulnerability

CWE-noinfo

CVSSv2:

Base Score: LOW (2.0999999046325684)
Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

References:

OSSINDEX - [CVE-2021-34532] CWE-noinfo
OSSIndex - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-34532
OSSIndex - https://bugzilla.redhat.com/show_bug.cgi?id=1990300
OSSIndex - https://github.com/dotnet/announcements/issues/195
OSSIndex - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34532

Vulnerable Software & Versions (OSSINDEX):

cpe:2.3:a:*:Microsoft.AspNetCore.Authentication.JwtBearer:3.1.3:*:*:*:*:*:*:*

Microsoft.AspNetCore.Mvc.NewtonsoftJson:6.0.24

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AspNetCore	Low
Vendor	msbuild	id	AspNetCore.Mvc.NewtonsoftJson	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.AspNetCore.Mvc.NewtonsoftJson	Medium
Product	msbuild	id	AspNetCore	Medium
Product	msbuild	id	AspNetCore.Mvc.NewtonsoftJson	Medium
Product	msbuild	id	Microsoft.AspNetCore.Mvc.NewtonsoftJson	Highest
Version	msbuild	version	6.0.24	Highest

Identifiers

pkg:nuget/Microsoft.AspNetCore.Mvc.NewtonsoftJson@6.0.24 (Confidence:Highest)
cpe:2.3:a:asp-project:asp-project:6.0.24:*:*:*:*:*:*:* (Confidence:Low)

Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer:5.1.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AspNetCore	Low
Vendor	msbuild	id	AspNetCore.Mvc.Versioning.ApiExplorer	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer	Medium
Product	msbuild	id	AspNetCore	Medium
Product	msbuild	id	AspNetCore.Mvc.Versioning.ApiExplorer	Medium
Product	msbuild	id	Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer	Highest
Version	msbuild	version	5.1.0	Highest

Related Dependencies

Identifiers

pkg:nuget/Microsoft.AspNetCore.Mvc.Versioning.ApiExplorer@5.1.0 (Confidence:Highest)
cpe:2.3:a:asp-project:asp-project:5.1.0:*:*:*:*:*:*:* (Confidence:Low)

Microsoft.EntityFrameworkCore.Design:8.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	EntityFrameworkCore	Low
Vendor	msbuild	id	EntityFrameworkCore.Design	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.EntityFrameworkCore.Design	Medium
Product	msbuild	id	EntityFrameworkCore	Medium
Product	msbuild	id	EntityFrameworkCore.Design	Medium
Product	msbuild	id	Microsoft.EntityFrameworkCore.Design	Highest
Version	msbuild	version	8.0.0	Highest

Identifiers

pkg:nuget/Microsoft.EntityFrameworkCore.Design@8.0.0 (Confidence:Highest)

Microsoft.EntityFrameworkCore.SqlServer:8.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	EntityFrameworkCore	Low
Vendor	msbuild	id	EntityFrameworkCore.SqlServer	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.EntityFrameworkCore.SqlServer	Medium
Product	msbuild	id	EntityFrameworkCore	Medium
Product	msbuild	id	EntityFrameworkCore.SqlServer	Medium
Product	msbuild	id	Microsoft.EntityFrameworkCore.SqlServer	Highest
Version	msbuild	version	8.0.0	Highest

Related Dependencies

Identifiers

pkg:nuget/Microsoft.EntityFrameworkCore.SqlServer@8.0.0 (Confidence:Highest)
cpe:2.3:a:www-sql_project:www-sql:8.0.0:*:*:*:*:*:*:* (Confidence:Low)

Microsoft.EntityFrameworkCore.Tools:8.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	EntityFrameworkCore	Low
Vendor	msbuild	id	EntityFrameworkCore.Tools	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.EntityFrameworkCore.Tools	Medium
Product	msbuild	id	EntityFrameworkCore	Medium
Product	msbuild	id	EntityFrameworkCore.Tools	Medium
Product	msbuild	id	Microsoft.EntityFrameworkCore.Tools	Highest
Version	msbuild	version	8.0.0	Highest

Related Dependencies

Identifiers

pkg:nuget/Microsoft.EntityFrameworkCore.Tools@8.0.0 (Confidence:Highest)

Microsoft.Extensions.Configuration.EnvironmentVariables:6.0.1

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.Configuration.EnvironmentVariables	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.Extensions.Configuration.EnvironmentVariables	Medium
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.Configuration.EnvironmentVariables	Medium
Product	msbuild	id	Microsoft.Extensions.Configuration.EnvironmentVariables	Highest
Version	msbuild	version	6.0.1	Highest

Identifiers

pkg:nuget/Microsoft.Extensions.Configuration.EnvironmentVariables@6.0.1 (Confidence:Highest)

Microsoft.Extensions.Configuration.Json:6.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.Configuration.Json	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.Extensions.Configuration.Json	Medium
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.Configuration.Json	Medium
Product	msbuild	id	Microsoft.Extensions.Configuration.Json	Highest
Version	msbuild	version	6.0.0	Highest

Identifiers

pkg:nuget/Microsoft.Extensions.Configuration.Json@6.0.0 (Confidence:Highest)

Microsoft.Extensions.Configuration:6.0.1

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.Configuration	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.Extensions.Configuration	Medium
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.Configuration	Medium
Product	msbuild	id	Microsoft.Extensions.Configuration	Highest
Version	msbuild	version	6.0.1	Highest

Identifiers

pkg:nuget/Microsoft.Extensions.Configuration@6.0.1 (Confidence:Highest)

Microsoft.Extensions.DependencyInjection:6.0.1

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.DependencyInjection	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.Extensions.DependencyInjection	Medium
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.DependencyInjection	Medium
Product	msbuild	id	Microsoft.Extensions.DependencyInjection	Highest
Version	msbuild	version	6.0.1	Highest

Identifiers

pkg:nuget/Microsoft.Extensions.DependencyInjection@6.0.1 (Confidence:Highest)

Microsoft.Extensions.Logging:6.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	Extensions	Low
Vendor	msbuild	id	Extensions.Logging	Low
Vendor	msbuild	id	Microsoft	Medium
Vendor	msbuild	id	Microsoft.Extensions.Logging	Medium
Product	msbuild	id	Extensions	Medium
Product	msbuild	id	Extensions.Logging	Medium
Product	msbuild	id	Microsoft.Extensions.Logging	Highest
Version	msbuild	version	6.0.0	Highest

Identifiers

pkg:nuget/Microsoft.Extensions.Logging@6.0.0 (Confidence:Highest)

ModuleSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\ModuleSwagger.js
MD5: 959160ad570a3bfeec1e4d199ff8d4d3
SHA1: a3f8762c1f6f3d014f6b1019de27fd6e1a3311cc
SHA256:8558f7b06300d1447b864d0b25f900d00d09521c1f9a0aba0a3bd66d9d0db1de

Evidence

Identifiers

None

Newtonsoft.Json.dll

Description:

Json.NET .NET Standard 2.0

Json.NET is a popular high-performance JSON framework for .NET

File Path: D:\Auropayrepos\Payout\PayoutMerchant\.sonarqube\bin\Newtonsoft.Json.dll
MD5: bbe7bab7d62fff428929222396154324
SHA1: 142b1f67c392c48bc36d664cdaead35cf00ef209
SHA256:8c1dd5c184b4e2e7ead06971ff3ebcb46783be972292d1deb1061744369b4d80

Evidence

Type	Source	Name	Value	Confidence
Vendor	dll	namespace	Newtonsoft.Json	Highest
Vendor	file	name	Newtonsoft.Json	High
Vendor	grokassembly	CompanyName	Newtonsoft	Highest
Vendor	grokassembly	FileDescription	Json.NET .NET Standard 2.0	Low
Vendor	grokassembly	InternalName	Newtonsoft.Json.dll	Low
Vendor	grokassembly	OriginalFilename	Newtonsoft.Json.dll	Low
Vendor	grokassembly	ProductName	Json.NET	Medium
Vendor	msbuild	id	Json	Low
Vendor	msbuild	id	Newtonsoft	Medium
Vendor	msbuild	id	Newtonsoft.Json	Medium
Product	dll	namespace	Newtonsoft.Json	Highest
Product	file	name	Newtonsoft.Json	High
Product	grokassembly	CompanyName	Newtonsoft	Low
Product	grokassembly	FileDescription	Json.NET .NET Standard 2.0	High
Product	grokassembly	InternalName	Newtonsoft.Json.dll	Medium
Product	grokassembly	OriginalFilename	Newtonsoft.Json.dll	Medium
Product	grokassembly	ProductName	Json.NET	Highest
Product	hint analyzer	vendor	net	Medium
Product	msbuild	id	Json	Medium
Product	msbuild	id	Newtonsoft.Json	Highest
Version	AssemblyAnalyzer	FilteredVersion	13.0.3	Highest
Version	msbuild	version	13.0.3	Highest

Related Dependencies

Identifiers

pkg:generic/Newtonsoft.Json@13.0.3 (Confidence:Medium)
cpe:2.3:a:newtonsoft:json.net:13.0.3:*:*:*:*:*:*:* (Confidence:Low)

PayoutCodePipelineDeployAPI.csproj

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutCodePipelineDeployAPI\PayoutCodePipelineDeployAPI.csproj
MD5: b6fce2c49bc94a08111bd72e9493b86a
SHA1: d1ebdd80916fb7d6291b6cc6e0cca95414f2fd40
SHA256:ed64a4ee108f6cc22f5d7f46c94c9406df76cc59df01ef13a45c76f710172aed

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	PayoutCodePipelineDeployAPI	High
Product	file	name	PayoutCodePipelineDeployAPI	High

Identifiers

None

PayoutEntity.dll

Description:

PayoutEntity

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\libs\PayoutEntity.dll
MD5: 75f70f9969cf6fe47a36279517f8d6d9
SHA1: 6795550a606ff2c4fe6a54b49e417d5875e7401c
SHA256:8215c4193772b1ac5290482582fd3eaafd7ebfa888924eba26f7f88bef1dcf6b

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	PayoutEntity	High
Vendor	grokassembly	CompanyName	PayoutEntity	Highest
Vendor	grokassembly	FileDescription	PayoutEntity	Low
Vendor	grokassembly	InternalName	PayoutEntity.dll	Low
Vendor	grokassembly	OriginalFilename	PayoutEntity.dll	Low
Vendor	grokassembly	ProductName	PayoutEntity	Medium
Product	file	name	PayoutEntity	High
Product	grokassembly	CompanyName	PayoutEntity	Low
Product	grokassembly	FileDescription	PayoutEntity	High
Product	grokassembly	InternalName	PayoutEntity.dll	Medium
Product	grokassembly	OriginalFilename	PayoutEntity.dll	Medium
Product	grokassembly	ProductName	PayoutEntity	Highest
Version	AssemblyAnalyzer	FilteredVersion	1.0.0	Highest

Related Dependencies

Identifiers

pkg:generic/PayoutEntity@1.0.0 (Confidence:Medium)

PayoutMerchant.API.csproj

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj
MD5: 9d00f3aca36fd340d6758653b9bf2a4c
SHA1: 0d9f68b5abfc82f723adadba7135b250b005437d
SHA256:164de3416f6fa4a46890e733024bcecdaa561b5493c579ac514742d54a8f1e21

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	PayoutMerchant.API	High
Product	file	name	PayoutMerchant.API	High

Identifiers

None

PayoutMerchant.csproj

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj
MD5: b2b55b2fb2638a7185505c44993f3862
SHA1: 2292578f1e691a81ead661aae8d7847d21d491a3
SHA256:69b928b5cb0c62f2e0406af38f4f69bc5b44417f958454b79520b8fcc529d36c

Evidence

Type	Source	Name	Value	Confidence
Vendor	file	name	PayoutMerchant	High
Product	file	name	PayoutMerchant	High

Identifiers

None

Pomelo.EntityFrameworkCore.MySql:8.0.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant\PayoutMerchant.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	EntityFrameworkCore	Low
Vendor	msbuild	id	EntityFrameworkCore.MySql	Low
Vendor	msbuild	id	Pomelo	Medium
Vendor	msbuild	id	Pomelo.EntityFrameworkCore.MySql	Medium
Product	msbuild	id	EntityFrameworkCore	Medium
Product	msbuild	id	EntityFrameworkCore.MySql	Medium
Product	msbuild	id	Pomelo.EntityFrameworkCore.MySql	Highest
Version	msbuild	version	8.0.0	Highest

Related Dependencies

Identifiers

pkg:nuget/Pomelo.EntityFrameworkCore.MySql@8.0.0 (Confidence:Highest)
cpe:2.3:a:mysql:mysql:8.0.0:*:*:*:*:*:*:* (Confidence:Low)
cpe:2.3:a:www-sql_project:www-sql:8.0.0:*:*:*:*:*:*:* (Confidence:Low)

ProcessorSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\ProcessorSwagger.js
MD5: 34a067461c6d210c0897cf637a5c48b4
SHA1: 24ca7a9bf6179868a499e3850af747458055bb44
SHA256:b8083948a31c459e1d9d6b1874dfa4d1bb5e7690511f2127b1842c95247a6810

Evidence

Identifiers

None

RatePlanSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\RatePlanSwagger.js
MD5: aaa1a7c50ecf03a36cd95dd16426ab6c
SHA1: 4003cc48df0633225a88249e711b6e4023bb0446
SHA256:0d1e1c1872fc6462c018e083005e24a94b5f26d74818b3483adffad66f536353

Evidence

Identifiers

None

SonarScanner.MSBuild.Common.dll

Description:

SonarScanner.MSBuild.Common

File Path: D:\Auropayrepos\Payout\PayoutMerchant\.sonarqube\bin\SonarScanner.MSBuild.Common.dll
MD5: 638176ed2b26d5dc9bb235369e64ee47
SHA1: fdfa15ce9bc7db4e31fbae1110dd3e93748ba081
SHA256:59411967838149b3ef121cb6f51faf2cb59ac58e6d1a3fd4061d7cfcddade25b

Evidence

Type	Source	Name	Value	Confidence
Vendor	dll	namespace	SonarScanner.MSBuild	Highest
Vendor	dll	namespace	SonarScanner.MSBuild.Common	Highest
Vendor	file	name	SonarScanner.MSBuild.Common	High
Vendor	grokassembly	CompanyName	SonarSource and Microsoft	Highest
Vendor	grokassembly	FileDescription	SonarScanner.MSBuild.Common	Low
Vendor	grokassembly	InternalName	SonarScanner.MSBuild.Common.dll	Low
Vendor	grokassembly	OriginalFilename	SonarScanner.MSBuild.Common.dll	Low
Vendor	grokassembly	ProductName	SonarScanner.MSBuild.Common	Medium
Product	dll	namespace	SonarScanner.MSBuild	Highest
Product	dll	namespace	SonarScanner.MSBuild.Common	Highest
Product	file	name	SonarScanner.MSBuild.Common	High
Product	grokassembly	CompanyName	SonarSource and Microsoft	Low
Product	grokassembly	FileDescription	SonarScanner.MSBuild.Common	High
Product	grokassembly	InternalName	SonarScanner.MSBuild.Common.dll	Medium
Product	grokassembly	OriginalFilename	SonarScanner.MSBuild.Common.dll	Medium
Product	grokassembly	ProductName	SonarScanner.MSBuild.Common	Highest
Version	grokassembly	FileVersion	6.1.0.83647	High

Identifiers

pkg:generic/SonarScanner.MSBuild.Common@6.1.0.83647 (Confidence:Medium)

SonarScanner.MSBuild.Tasks.dll

Description:

SonarScanner.MSBuild.Tasks

File Path: D:\Auropayrepos\Payout\PayoutMerchant\.sonarqube\bin\SonarScanner.MSBuild.Tasks.dll
MD5: a1e7ea5f4cee21609b26391b88408ee0
SHA1: 3b5b7c413b9086a1c8fcdba384642da437b96600
SHA256:2024b5c55140da0bb83378fc218e4f48f48e26b49000eb26435e7cf4e2cdd919

Evidence

Type	Source	Name	Value	Confidence
Vendor	dll	namespace	SonarScanner.MSBuild.Tasks	Highest
Vendor	file	name	SonarScanner.MSBuild.Tasks	High
Vendor	grokassembly	CompanyName	SonarSource and Microsoft	Highest
Vendor	grokassembly	FileDescription	SonarScanner.MSBuild.Tasks	Low
Vendor	grokassembly	InternalName	SonarScanner.MSBuild.Tasks.dll	Low
Vendor	grokassembly	OriginalFilename	SonarScanner.MSBuild.Tasks.dll	Low
Vendor	grokassembly	ProductName	SonarScanner.MSBuild.Tasks	Medium
Product	dll	namespace	SonarScanner.MSBuild.Tasks	Highest
Product	file	name	SonarScanner.MSBuild.Tasks	High
Product	grokassembly	CompanyName	SonarSource and Microsoft	Low
Product	grokassembly	FileDescription	SonarScanner.MSBuild.Tasks	High
Product	grokassembly	InternalName	SonarScanner.MSBuild.Tasks.dll	Medium
Product	grokassembly	OriginalFilename	SonarScanner.MSBuild.Tasks.dll	Medium
Product	grokassembly	ProductName	SonarScanner.MSBuild.Tasks	Highest
Version	grokassembly	FileVersion	6.1.0.83647	High

Identifiers

pkg:generic/SonarScanner.MSBuild.Tasks@6.1.0.83647 (Confidence:Medium)
cpe:2.3:a:tasks:tasks:6.1.0.83647:*:*:*:*:*:*:* (Confidence:Low)

Published Vulnerabilities

CVE-2020-22475

"Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivity application component allows arbitrary applications on a device to add tasks with no restrictions.

CWE-276 Incorrect Default Permissions

CVSSv3:

Base Score: MEDIUM (6.8)
Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:0.9/RC:R/MAV:A

CVSSv2:

Base Score: MEDIUM (4.6)
Vector: /AV:L/AC:L/Au:N/C:P/I:P/A:P

References:

af854a3a-2127-422b-91ae-364da2661108 - EXPLOIT,PATCH,THIRD_PARTY_ADVISORY
af854a3a-2127-422b-91ae-364da2661108 - EXPLOIT,THIRD_PARTY_ADVISORY,VDB_ENTRY
cve@mitre.org - EXPLOIT,PATCH,THIRD_PARTY_ADVISORY
cve@mitre.org - EXPLOIT,THIRD_PARTY_ADVISORY,VDB_ENTRY

Vulnerable Software & Versions:

cpe:2.3:a:tasks:tasks:*:*:*:*:*:*:*:* versions up to (excluding) 9.7.3

CVE-2022-39349

The Tasks.org Android app is an open-source app for to-do lists and reminders. The Tasks.org app uses the activity `ShareLinkActivity.kt` to handle "share" intents coming from other components in the same device and convert them to tasks. Those intents may contain arbitrary file paths as attachments, in which case the files pointed by those paths are copied in the app's external storage directory. Prior to versions 12.7.1 and 13.0.1, those paths were not validated, allowing a malicious or compromised application in the same device to force Tasks.org to copy files from its internal storage to its external storage directory, where they became accessible to any component with permission to read the external storage. This vulnerability can lead to sensitive information disclosure. All information in the user's notes and the app's preferences, including the encrypted credentials of CalDav integrations if enabled, could be accessed by third party applications installed on the same device. This issue was fixed in versions 12.7.1 and 13.0.1. There are no known workarounds.

CWE-668 Exposure of Resource to Wrong Sphere, CWE-441 Unintended Proxy or Intermediary ('Confused Deputy')

CVSSv3:

Base Score: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:1.8/RC:R/MAV:A

References:

af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY
af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY
security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY
security-advisories@github.com - PATCH,THIRD_PARTY_ADVISORY

Vulnerable Software & Versions: (show all)

SwaggerController.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\controller\SwaggerController.js
MD5: 1bb56d1f5e39d3b73b6d865eebaff038
SHA1: 3e30daf6e010f32f1baa048efee6d340dd3b7d03
SHA256:71ccd764f78bf3b3abcb6d49683e2be6198f2fcd4cfb58a7f79cccbc60fdf68a

Evidence

Identifiers

None

Swashbuckle.AspNetCore:6.4.0

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.API\PayoutMerchant.API.csproj

Evidence

Type	Source	Name	Value	Confidence
Vendor	msbuild	id	AspNetCore	Low
Vendor	msbuild	id	Swashbuckle	Medium
Vendor	msbuild	id	Swashbuckle.AspNetCore	Medium
Product	msbuild	id	AspNetCore	Medium
Product	msbuild	id	Swashbuckle.AspNetCore	Highest
Version	msbuild	version	6.4.0	Highest

Identifiers

pkg:nuget/Swashbuckle.AspNetCore@6.4.0 (Confidence:Highest)

TaxesSwagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger\definitions\TaxesSwagger.js
MD5: ede60a7a360d9a187f8254f76b381478
SHA1: 04079391a0114f9e255190e974027fcdea985893
SHA256:59240c36fcb3fb752b0b608ca8ae44ce75b7b2bd4199b57402ba39e39fbf9b90

Evidence

Identifiers

None

package.json

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\package.json
MD5: 99e15b5d9858b477442716c33d83de34
SHA1: 26b0c01ac4525b39abcbecee02ca4339aa86f73a
SHA256:6a6435019db1810ef7343576b579d934d28d9239b2113d761f877c9abbd6f6dd

Evidence

Identifiers

None

swagger.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swagger.js
MD5: 8c966df86ee27632be72505b900f5916
SHA1: 9763a3faecb7eb413fff25dc9b64d48180ad717d
SHA256:2361cc5e66651683d9f2ad44475939cb656919330e9eda7752d39bceeb20a068

Evidence

Identifiers

None

swaggerDefinition.js

File Path: D:\Auropayrepos\Payout\PayoutMerchant\src\PayoutMerchant.Swagger.API\swaggerDefinition.js
MD5: 0cd7e8876e33919f448540bf11161400
SHA1: a9183fdafd7f3f5887b2d40ba03d6aa5be4f31b2
SHA256:72d7732d9443d9e7c9292e7af5a03d52cfc88e87cc5f8928570df931bb82b024

Evidence

Identifiers

None

How to read the report | Suppressing false positives | Getting Help: github issues Sponsor

Project: Testing

Summary

Dependencies (vulnerable)

APF.Core3.1.API:6.0.0.*

Evidence

Identifiers

APF.Core3.1.AWS:6.0.0.*

Evidence

Related Dependencies

Identifiers

APF.Core3.1:6.0.0.*

Evidence

Related Dependencies

Identifiers

APF.Core3.1:6.0.0.8

Evidence

Identifiers

AWSSDK.APIGateway:3.7.100.22

Evidence

Identifiers

AWSSDK.CodePipeline:3.7.100.22

Evidence

Identifiers

AWSSDK.Core:3.7.100.22

Evidence

Identifiers

AWSSDK.Extensions.NETCore.Setup:3.7.2

Evidence

Identifiers

AWSSDK.S3:3.7.100

Evidence

Identifiers

AWSSDK.SecurityToken:3.7.100.22

Evidence

Identifiers

AWSSDK.SimpleSystemsManagement:3.7.100.2

Evidence

Identifiers

Amazon.Lambda.AspNetCoreServer:6.1.0

Evidence

Identifiers

Amazon.Lambda.Core:2.1.0

Evidence

Identifiers

Amazon.Lambda.Serialization.SystemTextJson:2.3.0

Evidence

Identifiers

AutoMapper.Extensions.Microsoft.DependencyInjection:12.0.0

Evidence

Identifiers

AutoMapper:12.0.0

Evidence

Identifiers

AwsParameterStore.Microsoft.Extensions.Configuration:0.7.0

Evidence

Identifiers

FeesSwagger.js

Evidence

Identifiers

FluentValidation.AspNetCore:11.3.0

Evidence

Identifiers

FluentValidation.DependencyInjectionExtensions:11.9.0

Evidence

Related Dependencies

Identifiers

FluentValidation:11.9.0

Evidence

Related Dependencies

Identifiers

Hashids.net:1.3.0

Evidence

Identifiers

Lumigo.DotNET:1.0.45

Evidence

Identifiers

MerchantBeneficiarySwagger.js

Evidence

Identifiers

How to read the report | Suppressing false positives | Getting Help: github issues

Sponsor