From 97e41e6f2fed8b899183179d88ea0cbc79ad2c34 Mon Sep 17 00:00:00 2001 From: stacksharebot Date: Mon, 25 Dec 2023 20:39:48 +0000 Subject: [PATCH 1/4] Create techstack.yml --- techstack.yml | 167 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 167 insertions(+) create mode 100644 techstack.yml diff --git a/techstack.yml b/techstack.yml new file mode 100644 index 0000000..b6fbb8f --- /dev/null +++ b/techstack.yml @@ -0,0 +1,167 @@ +repo_name: andreacomo/tomcat-bcrypt +report_id: ee1c46ebafa3fc4d69b34bfecbdd3f35 +version: 0.1 +repo_type: Public +timestamp: '2023-12-25T20:39:46+00:00' +requested_by: andreacomo +provider: github +branch: master +detected_tools_count: 9 +tools: +- name: Java + description: A concurrent, class-based, object-oriented, language specifically designed + to have as few implementation dependencies as possible + website_url: https://www.java.com + open_source: true + hosted_saas: false + category: Languages & Frameworks + sub_category: Languages + image_url: https://img.stackshare.io/service/995/K85ZWV2F.png + detection_source: Repo Metadata +- name: Git + description: Fast, scalable, distributed revision control system + website_url: http://git-scm.com/ + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Version Control System + image_url: https://img.stackshare.io/service/1046/git.png + detection_source: Repo Metadata +- name: JUnit + description: A programmer-oriented testing framework for Java + website_url: http://junit.org/ + version: '4.12' + license: EPL-1.0 + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Testing Frameworks + image_url: https://img.stackshare.io/service/2020/874086.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z +- name: Mockito + description: Tasty mocking framework for unit tests in Java + website_url: https://site.mockito.org/ + version: 1.10.19 + license: MIT + open_source: true + hosted_saas: false + category: Build, Test, Deploy + sub_category: Testing Frameworks + image_url: https://img.stackshare.io/service/2021/4y634TJm_400x400.jpg + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z +- name: Travis CI + description: A hosted continuous integration service for open source and private + projects + website_url: http://travis-ci.com/ + open_source: false + hosted_saas: true + category: Build, Test, Deploy + sub_category: Continuous Integration + image_url: https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png + detection_source: ".travis.yml" + last_updated_by: Andrea Como + last_updated_on: 2018-01-24 20:53:43.000000000 Z +- name: junit:junit + description: JUnit is a unit testing framework for Java + version: '4.12' + license: EPL-1.0 + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z + vulnerabilities: + - name: TemporaryFolder on unix-like systems does not limit access to created files + cve_id: CVE-2020-15250 + cve_url: https://github.com/advisories/GHSA-269g-pwp5-87pp + detected_date: Aug 22 + severity: moderate + first_patched: 4.13.1 +- name: org.apache.tomcat:tomcat-catalina + description: Tomcat Servlet Engine Core Classes and Standard implementations + version: 8.0.28 + license: Apache-2.0 + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 21:53:13.000000000 Z + vulnerabilities: + - name: Authentication Bypass Using an Alternate Path or Channel in Apache Tomcat + cve_id: CVE-2016-5018 + cve_url: https://github.com/advisories/GHSA-4v3g-g84w-hv7r + detected_date: Jul 7 + severity: critical + first_patched: 8.0.37 + - name: Potential remote code execution in Apache Tomcat + cve_id: CVE-2020-9484 + cve_url: https://github.com/advisories/GHSA-344f-f5vg-2jfj + detected_date: Sep 27 + severity: high + first_patched: 8.5.55 + - name: Concurrent Execution using Shared Resource with Improper Synchronization + in Apache Tomcat + cve_id: CVE-2016-8745 + cve_url: https://github.com/advisories/GHSA-w3j5-q8f2-3cqq + detected_date: Jul 7 + severity: high + first_patched: 8.0.41 + - name: Improper Access Control in Apache Tomcat + cve_id: CVE-2016-5388 + cve_url: https://github.com/advisories/GHSA-v646-rx6w-r3qq + detected_date: Jul 7 + severity: high + first_patched: 8.5.5 + - name: Incorrect Authorization in Apache Tomcat + cve_id: CVE-2016-6797 + cve_url: https://github.com/advisories/GHSA-q6x7-f33r-3wxx + detected_date: Jul 7 + severity: high + first_patched: 8.0.37 +- name: org.apache.tomcat:tomcat-coyote + description: Tomcat Connectors and HTTP parser + version: 8.0.28 + license: Apache-2.0 + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 21:53:13.000000000 Z + vulnerabilities: + - name: Improper Input Validation in Apache Tomcat + cve_id: CVE-2016-6816 + cve_url: https://github.com/advisories/GHSA-jc7p-5r39-9477 + detected_date: Sep 27 + severity: high + first_patched: 8.0.39 +- name: org.mockito:mockito-core + description: Mockito mock objects library core API and implementation + version: 1.10.19 + license: MIT + open_source: true + hosted_saas: false + category: Libraries + sub_category: Maven Packages + image_url: https://img.stackshare.io/package/maven/image.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/pom.xml + detection_source: pom.xml + last_updated_by: andrea.como + last_updated_on: 2018-01-24 20:16:31.000000000 Z From f0b74637948948cc7b21bd0d109150a84f8c0f43 Mon Sep 17 00:00:00 2001 From: stacksharebot Date: Mon, 25 Dec 2023 20:39:49 +0000 Subject: [PATCH 2/4] Create techstack.md --- techstack.md | 102 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 techstack.md diff --git a/techstack.md b/techstack.md new file mode 100644 index 0000000..aa8fa1a --- /dev/null +++ b/techstack.md @@ -0,0 +1,102 @@ + +
+ +# Tech Stack File +![](https://img.stackshare.io/repo.svg "repo") [andreacomo/tomcat-bcrypt](https://github.com/andreacomo/tomcat-bcrypt)![](https://img.stackshare.io/public_badge.svg "public") +

+|9
Tools used|12/25/23
Report generated| +|------|------| +
+ +## Languages (1) + + + + +
+ Java +
+ Java +
+ +
+ +## DevOps (4) + + + + + + + + + + +
+ Git +
+ Git +
+ +		 + JUnit +
+ JUnit +
+ v4.12 +		 + Mockito +
+ Mockito +
+ v1.10.19 +		 + Travis CI +
+ Travis CI +
+ +
+ + +## Open source packages (4) + +## Apache Maven (4) + +|NAME|VERSION|LAST UPDATED|LAST UPDATED BY|LICENSE|VULNERABILITIES| +|:------|:------|:------|:------|:------|:------| +|[junit:junit](http://junit.org)|v4.12|01/24/18|andrea.como |EPL-1.0|[CVE-2020-15250](https://github.com/advisories/GHSA-269g-pwp5-87pp) (Moderate)| +|[org.apache.tomcat:tomcat-catalina](https://tomcat.apache.org/)|v8.0.28|01/24/18|andrea.como |Apache-2.0|[CVE-2016-5018](https://github.com/advisories/GHSA-4v3g-g84w-hv7r) (Critical)
[CVE-2020-9484](https://github.com/advisories/GHSA-344f-f5vg-2jfj) (High)
[CVE-2016-8745](https://github.com/advisories/GHSA-w3j5-q8f2-3cqq) (High)
[CVE-2016-5388](https://github.com/advisories/GHSA-v646-rx6w-r3qq) (High)
[CVE-2016-6797](https://github.com/advisories/GHSA-q6x7-f33r-3wxx) (High)| +|[org.apache.tomcat:tomcat-coyote](https://tomcat.apache.org/)|v8.0.28|01/24/18|andrea.como |Apache-2.0|[CVE-2016-6816](https://github.com/advisories/GHSA-jc7p-5r39-9477) (High)| +|[org.mockito:mockito-core](https://github.com/mockito/mockito)|v1.10.19|01/24/18|andrea.como |MIT|N/A| + +
+
+ +Generated via [Stack File](https://github.com/marketplace/stack-file) From 992b16279fd5f1e69afd1148daf9f2eb33690088 Mon Sep 17 00:00:00 2001 From: stacksharebot Date: Fri, 5 Jan 2024 09:28:44 +0000 Subject: [PATCH 3/4] Update techstack.yml --- techstack.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/techstack.yml b/techstack.yml index b6fbb8f..c01ce98 100644 --- a/techstack.yml +++ b/techstack.yml @@ -2,7 +2,7 @@ repo_name: andreacomo/tomcat-bcrypt report_id: ee1c46ebafa3fc4d69b34bfecbdd3f35 version: 0.1 repo_type: Public -timestamp: '2023-12-25T20:39:46+00:00' +timestamp: '2024-01-05T08:15:23+00:00' requested_by: andreacomo provider: github branch: master @@ -17,6 +17,7 @@ tools: category: Languages & Frameworks sub_category: Languages image_url: https://img.stackshare.io/service/995/K85ZWV2F.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt detection_source: Repo Metadata - name: Git description: Fast, scalable, distributed revision control system @@ -26,6 +27,7 @@ tools: category: Build, Test, Deploy sub_category: Version Control System image_url: https://img.stackshare.io/service/1046/git.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt detection_source: Repo Metadata - name: JUnit description: A programmer-oriented testing framework for Java @@ -64,6 +66,7 @@ tools: category: Build, Test, Deploy sub_category: Continuous Integration image_url: https://img.stackshare.io/service/460/Lu6cGu0z_400x400.png + detection_source_url: https://github.com/andreacomo/tomcat-bcrypt/blob/master/.travis.yml detection_source: ".travis.yml" last_updated_by: Andrea Como last_updated_on: 2018-01-24 20:53:43.000000000 Z From 8f887db8e3b5f5a5effd57d91dea641b29a7785c Mon Sep 17 00:00:00 2001 From: stacksharebot Date: Fri, 5 Jan 2024 09:28:45 +0000 Subject: [PATCH 4/4] Update techstack.md --- techstack.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/techstack.md b/techstack.md index aa8fa1a..23e1dea 100644 --- a/techstack.md +++ b/techstack.md @@ -30,7 +30,7 @@ Full tech stack [here](/techstack.md) # Tech Stack File ![](https://img.stackshare.io/repo.svg "repo") [andreacomo/tomcat-bcrypt](https://github.com/andreacomo/tomcat-bcrypt)![](https://img.stackshare.io/public_badge.svg "public")

-|9
Tools used|12/25/23
Report generated| +|9
Tools used|01/05/24
Report generated| |------|------|