diff --git a/techstack.md b/techstack.md new file mode 100644 index 0000000..23e1dea --- /dev/null +++ b/techstack.md @@ -0,0 +1,102 @@ + +
+ +# Tech Stack File +![](https://img.stackshare.io/repo.svg "repo") [andreacomo/tomcat-bcrypt](https://github.com/andreacomo/tomcat-bcrypt)![](https://img.stackshare.io/public_badge.svg "public") +

+|9
Tools used|01/05/24
Report generated| +|------|------| +
+ +## Languages (1) + + + + +
+ Java +
+ Java +
+ +
+ +## DevOps (4) + + + + + + + + + + +
+ Git +
+ Git +
+ +		 + JUnit +
+ JUnit +
+ v4.12 +		 + Mockito +
+ Mockito +
+ v1.10.19 +		 + Travis CI +
+ Travis CI +
+ +
+ + +## Open source packages (4) + +## Apache Maven (4) + +|NAME|VERSION|LAST UPDATED|LAST UPDATED BY|LICENSE|VULNERABILITIES| +|:------|:------|:------|:------|:------|:------| +|[junit:junit](http://junit.org)|v4.12|01/24/18|andrea.como |EPL-1.0|[CVE-2020-15250](https://github.com/advisories/GHSA-269g-pwp5-87pp) (Moderate)| +|[org.apache.tomcat:tomcat-catalina](https://tomcat.apache.org/)|v8.0.28|01/24/18|andrea.como |Apache-2.0|[CVE-2016-5018](https://github.com/advisories/GHSA-4v3g-g84w-hv7r) (Critical)
[CVE-2020-9484](https://github.com/advisories/GHSA-344f-f5vg-2jfj) (High)
[CVE-2016-8745](https://github.com/advisories/GHSA-w3j5-q8f2-3cqq) (High)
[CVE-2016-5388](https://github.com/advisories/GHSA-v646-rx6w-r3qq) (High)
[CVE-2016-6797](https://github.com/advisories/GHSA-q6x7-f33r-3wxx) (High)| +|[org.apache.tomcat:tomcat-coyote](https://tomcat.apache.org/)|v8.0.28|01/24/18|andrea.como |Apache-2.0|[CVE-2016-6816](https://github.com/advisories/GHSA-jc7p-5r39-9477) (High)| +|[org.mockito:mockito-core](https://github.com/mockito/mockito)|v1.10.19|01/24/18|andrea.como |MIT|N/A| + +
+
+ +Generated via [Stack File](https://github.com/marketplace/stack-file) diff --git a/techstack.yml b/techstack.yml new file mode 100644 index 0000000..c01ce98 --- /dev/null +++ b/techstack.yml @@ -0,0 +1,170 @@ +repo_name: andreacomo/tomcat-bcrypt +report_id: ee1c46ebafa3fc4d69b34bfecbdd3f35 +version: 0.1 +repo_type: Public +timestamp: '2024-01-05T08:15:23+00:00' +requested_by: andreacomo +provider: github +branch: master +detected_tools_count: 9 +tools: +- name: Java + description: A concurrent, class-based, object-oriented, language specifically designed + to have as few implementation dependencies as possible + website_url: https://www.java.com + open_source: true + hosted_saas: false + category: Languages & Frameworks + sub_category: Languages + image_url: https://img.stackshare.io/service/995/K85ZWV2F.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt + detection_source: Repo Metadata +- name: Git + description: Fast, scalable, distributed revision control system + website_url: http://git-scm.com/ + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Version Control System + image_url: https://img.stackshare.io/service/1046/git.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt + detection_source: Repo Metadata +- name: JUnit + description: A programmer-oriented testing framework for Java + website_url: http://junit.org/ + version: '4.12' + license: EPL-1.0 + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Testing Frameworks + image_url: https://img.stackshare.io/service/2020/874086.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z +- name: Mockito + description: Tasty mocking framework for unit tests in Java + website_url: https://site.mockito.org/ + version: 1.10.19 + license: MIT + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Testing Frameworks + image_url: https://img.stackshare.io/service/2021/4y634TJm_400x400.jpg + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z +- name: Travis CI + description: A hosted continuous integration service for open source and private + projects + website_url: http://travis-ci.com/ + open_source: false + hosted_saas: true + category: Build, Test, Deploy + sub_category: Continuous Integration + image_url: https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/.travis.yml + detection_source: ".travis.yml" + last_updated_by: Andrea Como + last_updated_on: 2018-01-24 20:53:43.000000000 Z +- name: junit:junit + description: JUnit is a unit testing framework for Java + version: '4.12' + license: EPL-1.0 + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z + vulnerabilities: + - name: TemporaryFolder on unix-like systems does not limit access to created files + cve_id: CVE-2020-15250 + cve_url: https://github.com/advisories/GHSA-269g-pwp5-87pp + detected_date: Aug 22 + severity: moderate + first_patched: 4.13.1 +- name: org.apache.tomcat:tomcat-catalina + description: Tomcat Servlet Engine Core Classes and Standard implementations + version: 8.0.28 + license: Apache-2.0 + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 21:53:13.000000000 Z + vulnerabilities: + - name: Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat + cve_id: CVE-2016-5018 + cve_url: https://github.com/advisories/GHSA-4v3g-g84w-hv7r + detected_date: Jul 7 + severity: critical + first_patched: 8.0.37 + - name: Potential remote code execution in Apache Tomcat + cve_id: CVE-2020-9484 + cve_url: https://github.com/advisories/GHSA-344f-f5vg-2jfj + detected_date: Sep 27 + severity: high + first_patched: 8.5.55 + - name: Concurrent Execution using Shared Resource with Improper Synchronization + in Apache Tomcat + cve_id: CVE-2016-8745 + cve_url: https://github.com/advisories/GHSA-w3j5-q8f2-3cqq + detected_date: Jul 7 + severity: high + first_patched: 8.0.41 + - name: Improper Access Control in Apache Tomcat + cve_id: CVE-2016-5388 + cve_url: https://github.com/advisories/GHSA-v646-rx6w-r3qq + detected_date: Jul 7 + severity: high + first_patched: 8.5.5 + - name: Incorrect Authorization in Apache Tomcat + cve_id: CVE-2016-6797 + cve_url: https://github.com/advisories/GHSA-q6x7-f33r-3wxx + detected_date: Jul 7 + severity: high + first_patched: 8.0.37 +- name: org.apache.tomcat:tomcat-coyote + description: Tomcat Connectors and HTTP parser + version: 8.0.28 + license: Apache-2.0 + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 21:53:13.000000000 Z + vulnerabilities: + - name: Improper Input Validation in Apache Tomcat + cve_id: CVE-2016-6816 + cve_url: https://github.com/advisories/GHSA-jc7p-5r39-9477 + detected_date: Sep 27 + severity: high + first_patched: 8.0.39 +- name: org.mockito:mockito-core + description: Mockito mock objects library core API and implementation + version: 1.10.19 + license: MIT + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z