Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 8.3.1Report Generated On : Tue, 8 Aug 2023 18:21:25 GMTDependencies Scanned : 35 (24 unique)Vulnerable Dependencies : 5 Vulnerabilities Found : 5Vulnerabilities Suppressed : 0 ... NVD CVE Checked : 2023-08-08T01:10:39NVD CVE Modified : 2023-08-08T00:00:02VersionCheckOn : 2023-08-08T01:10:51kev.checked : 1691457052Summary Display:
Showing Vulnerable Dependencies (click to show all) DNS.dllDescription:
DNS
Library for parsing and serializing DNS messages. Includes a basic DNS client and server. File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/DNS.dllMD5: 510424f5a1ae62687069ff427af72cf9SHA1: 850e140457c8590af7fe5a53dec6d3effc2e33c3SHA256: 749903465e037987b203930f4f24a3f8faa013164498a21f0a755eda4a59d3a9
Evidence Type Source Name Value Confidence Vendor file name DNS High Vendor grokassembly CompanyName Mirza Kapetanovic Highest Product file name DNS High Product grokassembly FileDescription DNS High Product grokassembly InternalName DNS.dll Medium Product grokassembly OriginalFilename DNS.dll Medium Product grokassembly ProductName DNS Highest Version AssemblyAnalyzer FilteredVersion 6.0.1 Highest Version grokassembly ProductVersion 6.0.1 Highest
DNS:6.1.0File Path: /github/workspace/src/DependencyCheckExample/DependencyCheckExample.csproj
Evidence Type Source Name Value Confidence Vendor msbuild id DNS Low Product msbuild id DNS Highest Version msbuild version 6.1.0 Highest
pkg:nuget/DNS@6.1.0 (Confidence :Highest)cpe:2.3:a:net_dns:net_dns:6.1.0:*:*:*:*:*:*:* (Confidence :Low) suppress CVE-2021-4248 (OSSINDEX) suppress
A vulnerability was found in kapetan dns up to 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file DNS/Protocol/Request.cs. The manipulation leads to insufficient entropy in prng. The attack may be launched remotely. Upgrading to version 7.0.0 is able to address this issue. The name of the patch is cf7105aa2aae90d6656088fe5a8ee1d5730773b6. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216188. CWE-330 Use of Insufficiently Random Values
CVSSv3:
Base Score: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:DNS:6.1.0:*:*:*:*:*:*:* DependencyCheckExample.csprojFile Path: /github/workspace/src/DependencyCheckExample/DependencyCheckExample.csprojMD5: 5cf667e4f1bfff77504c9f3a57384f6fSHA1: 34d8f4db66a505f5bb4f7704dd6248b9dfc041f8SHA256: 12da4ee91851c6075880e023ea518c5eec4cd0a4d237fd94ee350996a963ee43
Evidence Type Source Name Value Confidence Vendor file name DependencyCheckExample High Product file name DependencyCheckExample High
DependencyCheckExample.dllDescription:
DependencyCheckExample File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/DependencyCheckExample.dllMD5: a19f6ab63d74911bb59130a44fdc7f73SHA1: 931d0da3ad8bac0c537713224c70b5ed1672562cSHA256: ca776b3922f9f009113d279e5937706026d8af18f11bf87a39bdfa6aa53a2a56
Evidence Type Source Name Value Confidence Vendor file name DependencyCheckExample High Vendor grokassembly CompanyName DependencyCheckExample Highest Product file name DependencyCheckExample High Product grokassembly FileDescription DependencyCheckExample High Product grokassembly InternalName DependencyCheckExample.exe Medium Product grokassembly OriginalFilename DependencyCheckExample.exe Medium Product grokassembly ProductName DependencyCheckExample Highest Version AssemblyAnalyzer FilteredVersion 1.0.0 Highest Version grokassembly ProductVersion 1.0.0 Highest
Related Dependencies DependencyCheckExample.dllFile Path: /github/workspace/src/DependencyCheckExample/obj/Debug/net7.0/DependencyCheckExample.dll MD5: a19f6ab63d74911bb59130a44fdc7f73 SHA1: 931d0da3ad8bac0c537713224c70b5ed1672562c SHA256: ca776b3922f9f009113d279e5937706026d8af18f11bf87a39bdfa6aa53a2a56 DependencyCheckExample.dllDescription:
DependencyCheckExample File Path: /github/workspace/src/DependencyCheckExample/obj/Debug/net7.0/ref/DependencyCheckExample.dllMD5: 24a9bcdee3ac3715e165e82c9a255c96SHA1: ea802f0cdf4c838c3f584a6646ff586bff40a2dbSHA256: 614413977275c782889040da55171cf9aacb241b31ab9e28284ffd3156820fad
Evidence Type Source Name Value Confidence Vendor file name DependencyCheckExample High Vendor grokassembly CompanyName DependencyCheckExample Highest Product file name DependencyCheckExample High Product grokassembly FileDescription DependencyCheckExample High Product grokassembly InternalName DependencyCheckExample.exe Medium Product grokassembly OriginalFilename DependencyCheckExample.exe Medium Product grokassembly ProductName DependencyCheckExample Highest Version AssemblyAnalyzer FilteredVersion 1.0.0 Highest Version grokassembly ProductVersion 1.0.0 Highest
Related Dependencies DependencyCheckExample.dllFile Path: /github/workspace/src/DependencyCheckExample/obj/Debug/net7.0/refint/DependencyCheckExample.dll MD5: 24a9bcdee3ac3715e165e82c9a255c96 SHA1: ea802f0cdf4c838c3f584a6646ff586bff40a2db SHA256: 614413977275c782889040da55171cf9aacb241b31ab9e28284ffd3156820fad Microsoft.Win32.SystemEvents.dllDescription:
Microsoft.Win32.SystemEvents
Microsoft.Win32.SystemEvents File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/Microsoft.Win32.SystemEvents.dllMD5: dd6399dc9bc839c0c66dd22a394d249cSHA1: dc1afa18437751d0842a9ce36c2cf9ab957c2725SHA256: e7a3165fb182ba25be3b410fce4528d238fa4ff9a1a5507ac7e50542d692daa1
Evidence Type Source Name Value Confidence Vendor dll namespace Microsoft.Win32 Highest Vendor file name Microsoft.Win32.SystemEvents High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace Microsoft.Win32 Highest Product file name Microsoft.Win32.SystemEvents High Product grokassembly FileDescription Microsoft.Win32.SystemEvents High Product grokassembly InternalName Microsoft.Win32.SystemEvents.dll Medium Product grokassembly OriginalFilename Microsoft.Win32.SystemEvents.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies Microsoft.Win32.SystemEvents.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll MD5: ef50bd977976ed929fabeaf6c9241c45 SHA1: ad004278f0c66cf0086c1024ce46b04852de6eca SHA256: 1d5bbfb227f20e866cf25f649a059b61c3f35336f69ebd19b8ede7b6e14a7414 pkg:generic/Microsoft.Win32.SystemEvents@4.700.19.56404 Oracle.ManagedDataAccess.Core:3.21.1File Path: /github/workspace/src/DependencyCheckExample/DependencyCheckExample.csproj
Evidence Type Source Name Value Confidence Vendor msbuild id Oracle Medium Vendor msbuild (hint) id sun Medium Product msbuild id ManagedDataAccess Medium Product msbuild id ManagedDataAccess.Core Medium Product msbuild id Oracle.ManagedDataAccess.Core Highest Version msbuild version 3.21.1 Highest
CVE-2023-21893 (OSSINDEX) suppress
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Data Provider for .NET. Note: Applies also to Database client-only on Windows platform. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:Oracle.ManagedDataAccess.Core:3.21.1:*:*:*:*:*:*:* Oracle.ManagedDataAccess.dllDescription:
Oracle.ManagedDataAccess.dll
Oracle.ManagedDataAccess.dll File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/Oracle.ManagedDataAccess.dllMD5: 22a079bca9882c8106b87b846f0a03cfSHA1: d892ee4f0e681d33e821e5d0640218aea6204cccSHA256: 82a2b223f510add06cdda2b497ab0d63febb6b0e988af1f697abb67ec6ebd237
Evidence Type Source Name Value Confidence Vendor file name Oracle.ManagedDataAccess High Vendor grokassembly CompanyName Oracle Corporation Highest Product file name Oracle.ManagedDataAccess High Product grokassembly FileDescription Oracle.ManagedDataAccess.dll High Product grokassembly InternalName Oracle.ManagedDataAccess.dll Medium Product grokassembly OriginalFilename Oracle.ManagedDataAccess.dll Medium Product grokassembly ProductName Oracle Data Provider for .NET, Managed Driver Highest
Oracle.ManagedDataAccess:21.4.0File Path: /github/workspace/src/DependencyCheckExample/DependencyCheckExample.csproj
Evidence Type Source Name Value Confidence Vendor msbuild id Oracle Medium Vendor msbuild (hint) id sun Medium Product msbuild id ManagedDataAccess Medium Product msbuild id Oracle.ManagedDataAccess Highest Version msbuild version 21.4.0 Highest
CVE-2023-21893 (OSSINDEX) suppress
Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Data Provider for .NET. Note: Applies also to Database client-only on Windows platform. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). CWE-noinfo
CVSSv3:
Base Score: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:Oracle.ManagedDataAccess:21.4.0:*:*:*:*:*:*:* System.Configuration.ConfigurationManager.dllDescription:
System.Configuration.ConfigurationManager
System.Configuration.ConfigurationManager File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Configuration.ConfigurationManager.dllMD5: 70e81bfc1dcce3aa3ab30c3abaf3ea53SHA1: 2132451e6dc8b1c18568181ddb5d697a491ef7faSHA256: 4668f89524fcb4d71950e0ad7e0d56e5e5db2c70e395ad49f7db6a8164cc50d6
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Configuration Highest Vendor file name System.Configuration.ConfigurationManager High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Configuration Highest Product file name System.Configuration.ConfigurationManager High Product grokassembly FileDescription System.Configuration.ConfigurationManager High Product grokassembly InternalName System.Configuration.ConfigurationManager.dll Medium Product grokassembly OriginalFilename System.Configuration.ConfigurationManager.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
System.Data.SqlClient.dllDescription:
System.Data.SqlClient
System.Data.SqlClient File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Data.SqlClient.dllMD5: 5dab94399d68803d02574944e1c92fe8SHA1: 946b586a2264d2e95fbf3ceee438e57a5031f8e4SHA256: 30486583763dc4f8383d5c39d2d74772d9731c7a874c02edd5d3a58c8f38249a
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Data Highest Vendor dll namespace System.Data.SqlClient Highest Vendor file name System.Data.SqlClient High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Data Highest Product dll namespace System.Data.SqlClient Highest Product file name System.Data.SqlClient High Product grokassembly FileDescription System.Data.SqlClient High Product grokassembly InternalName System.Data.SqlClient.dll Medium Product grokassembly OriginalFilename System.Data.SqlClient.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.21.41603 High
Related Dependencies System.Data.SqlClient.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/unix/lib/netcoreapp2.1/System.Data.SqlClient.dll MD5: 24697e2a7dc0f4be58c7737d0456e37b SHA1: 7d6b805264309383cec7a1445e6782332f55506b SHA256: f17fe2ea5f92f91fba3889c3c19954e2f8b5f46e19fc6605829e22f7fb994c20 pkg:generic/System.Data.SqlClient@4.700.21.41603 System.Data.SqlClient.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp2.1/System.Data.SqlClient.dll MD5: 1d59b0b4ce6e00f17e326aaa8725e465 SHA1: 86c77ddae4bf7c6be9ef4a9dfedad572154ae8ed SHA256: c99593246b0ff528c2dd96eeb4c160a7e134bc0d79989d0784682a69f1156803 pkg:generic/System.Data.SqlClient@4.700.21.41603 System.Data.SqlClient:4.8.3File Path: /github/workspace/src/DependencyCheckExample/DependencyCheckExample.csproj
Evidence Type Source Name Value Confidence Vendor msbuild id System Medium Product msbuild id Data Medium Product msbuild id Data.SqlClient Medium Product msbuild id System.Data.SqlClient Highest Version msbuild version 4.8.3 Highest
CVE-2022-41064 (OSSINDEX) suppress
.NET Framework Information Disclosure Vulnerability
Sonatype's research suggests that this CVE's details differ from those defined at NVD. See https://ossindex.sonatype.org/vulnerability/CVE-2022-41064 for details CWE-noinfo
CVSSv3:
Base Score: MEDIUM (5.8) Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:System.Data.SqlClient:4.8.3:*:*:*:*:*:*:* System.Diagnostics.PerformanceCounter.dllDescription:
System.Diagnostics.PerformanceCounter
System.Diagnostics.PerformanceCounter File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Diagnostics.PerformanceCounter.dllMD5: 2f4cdc54748a20727a0cdf0b38184a72SHA1: d80ce87e279fd8ddd5823359c2c05003388e9817SHA256: 621f48ccc94d6acb0d03f0071f1f0829c3fb9950c95abb84617b1926bd13dbc2
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Diagnostics Highest Vendor file name System.Diagnostics.PerformanceCounter High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Diagnostics Highest Product file name System.Diagnostics.PerformanceCounter High Product grokassembly FileDescription System.Diagnostics.PerformanceCounter High Product grokassembly InternalName System.Diagnostics.PerformanceCounter.dll Medium Product grokassembly OriginalFilename System.Diagnostics.PerformanceCounter.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies System.Diagnostics.PerformanceCounter.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp2.0/System.Diagnostics.PerformanceCounter.dll MD5: f0718d0adf1fb556767adc72da0607e0 SHA1: 9de0ed2da7662eb219e5302e8ea687420905ab79 SHA256: 53b69dedac9f505ac1007c25891afd3965e82b8c2bfe0578b204f7c9b8d2d57f pkg:generic/System.Diagnostics.PerformanceCounter@4.700.19.56404 System.DirectoryServices.Protocols.dllDescription:
System.DirectoryServices.Protocols
System.DirectoryServices.Protocols File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.DirectoryServices.Protocols.dllMD5: ba0e982e84490ee208a78f586837c171SHA1: b319c2fdae51ddbe0b22fa68f7e326a911f2993cSHA256: 8805680a68ffe54e71668b92a1476c26de6f536ab562c28ce31f3192d4b6c7ad
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.DirectoryServices.Protocols Highest Vendor file name System.DirectoryServices.Protocols High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.DirectoryServices.Protocols Highest Product file name System.DirectoryServices.Protocols High Product grokassembly FileDescription System.DirectoryServices.Protocols High Product grokassembly InternalName System.DirectoryServices.Protocols.dll Medium Product grokassembly OriginalFilename System.DirectoryServices.Protocols.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies System.DirectoryServices.Protocols.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp2.0/System.DirectoryServices.Protocols.dll MD5: 00f6fdf414915d71d481d7d9b114f264 SHA1: 35c501c4a1cc4b2151ae081520445fd937af7b7f SHA256: 80d42555ed0f5aa3b7a692400a5985413aa7833b1a8c719f1a9d0f69b3297434 pkg:generic/System.DirectoryServices.Protocols@4.700.19.56404 System.DirectoryServices.dllDescription:
System.DirectoryServices
System.DirectoryServices File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.DirectoryServices.dllMD5: 231580a00c6d1c7e1954ae275daa118bSHA1: 1bee5bb1f3f2dcf4abd047d877b76465ee446ad7SHA256: 0eb7c9ecb57c059efd0613b841a520a4da84fa0270fb0bf59ab0a5d1b76564d5
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.DirectoryServices Highest Vendor file name System.DirectoryServices High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.DirectoryServices Highest Product file name System.DirectoryServices High Product grokassembly FileDescription System.DirectoryServices High Product grokassembly InternalName System.DirectoryServices.dll Medium Product grokassembly OriginalFilename System.DirectoryServices.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies System.DirectoryServices.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp2.0/System.DirectoryServices.dll MD5: 39c0dbbd2ccd0749dfd04d7d74db3fd9 SHA1: 4a83fa6925d50d273dce37c0803042a61756bd07 SHA256: cc0c3b36198a27b8019d540b2fa94c7dab33f35bd1573790ca07707ceb9115f8 pkg:generic/System.DirectoryServices@4.700.19.56404 System.Drawing.Common.dllDescription:
System.Drawing.Common
System.Drawing.Common File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Drawing.Common.dllMD5: 2bb2433323109421d538d57b3839585bSHA1: 61b91ab9add755e0ab82c02602d6746ad94d6779SHA256: 13efece14e17b7f885afff8377b652a975c038964a8273805b80b9afb38f7077
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Drawing Highest Vendor file name System.Drawing.Common High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Drawing Highest Product file name System.Drawing.Common High Product grokassembly FileDescription System.Drawing.Common High Product grokassembly InternalName System.Drawing.Common.dll Medium Product grokassembly OriginalFilename System.Drawing.Common.dll Medium Product grokassembly ProductName Microsoft® .NET Framework Highest Version AssemblyAnalyzer FilteredVersion 4.6.26919.02 Highest Version grokassembly FileVersion 4.6.26919.02 High
System.Drawing.Common.dllDescription:
System.Drawing.Common
System.Drawing.Common File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/unix/lib/netcoreapp3.0/System.Drawing.Common.dllMD5: db35a96e741da1811826b56b660c84b8SHA1: 67e3da6371bcbc914ad23e1165a04f09ef805cc1SHA256: 000b09d998b23159ab9e7ef87c7cb09aad8c9cfb366f4ae69dfca50af5a166c0
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Drawing Highest Vendor file name System.Drawing.Common High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Drawing Highest Product file name System.Drawing.Common High Product grokassembly FileDescription System.Drawing.Common High Product grokassembly InternalName System.Drawing.Common.dll Medium Product grokassembly OriginalFilename System.Drawing.Common.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies System.Drawing.Common.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp3.0/System.Drawing.Common.dll MD5: ddd24ed9fe3b256ab955554893d832c6 SHA1: ddf4603fc7ab70f5e49c3cc7f7c691977ef82dd0 SHA256: df409de7822ebe4871aadef1f8e4a553406395c8d692704037781777ba650300 pkg:generic/System.Drawing.Common@4.700.19.56404 System.Security.Cryptography.ProtectedData.dllDescription:
System.Security.Cryptography.ProtectedData
System.Security.Cryptography.ProtectedData File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Security.Cryptography.ProtectedData.dllMD5: 6133f65f8f26de5d5e2c88b4add50698SHA1: 373afbbe34e7522541bc3a1a6f22cdc20a1472a1SHA256: 8604f8d2e3e932710b634730b29a245c896ceadfd64a62001e582e9171532f13
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Security.Cryptography Highest Vendor file name System.Security.Cryptography.ProtectedData High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Security.Cryptography Highest Product file name System.Security.Cryptography.ProtectedData High Product grokassembly FileDescription System.Security.Cryptography.ProtectedData High Product grokassembly InternalName System.Security.Cryptography.ProtectedData.dll Medium Product grokassembly OriginalFilename System.Security.Cryptography.ProtectedData.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies System.Security.Cryptography.ProtectedData.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netstandard2.0/System.Security.Cryptography.ProtectedData.dll MD5: a03540df7d46dbdc432635bf2a27963e SHA1: 40dfbc479d15856e1d324bc34d9c83a0fee5781e SHA256: a2c267a61ee145d69128220c10b3ddd451a137273126ef7b4bd306059e1727af pkg:generic/System.Security.Cryptography.ProtectedData@4.700.19.56404 System.Security.Permissions.dllDescription:
System.Security.Permissions
System.Security.Permissions File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Security.Permissions.dllMD5: 3a92c18c24d85f60f23becd852f1510aSHA1: f8eed1fad4218f32a1251fac65d42dbed903fc77SHA256: 74ef3b67960a9b569fed9ac457157769dbfe433b0f4fa13c52167c2246bfed71
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor dll namespace System.Security Highest Vendor dll namespace System.Security.Permissions Highest Vendor file name System.Security.Permissions High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product dll namespace System.Security Highest Product dll namespace System.Security.Permissions Highest Product file name System.Security.Permissions High Product grokassembly FileDescription System.Security.Permissions High Product grokassembly InternalName System.Security.Permissions.dll Medium Product grokassembly OriginalFilename System.Security.Permissions.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
System.Windows.Extensions.dllDescription:
System.Windows.Extensions
System.Windows.Extensions File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/System.Windows.Extensions.dllMD5: bdd02096130ca18e3238528abb813345SHA1: 0ec7446726e7ec2c32ffeb24133dfc4d88f0ae45SHA256: abbe8146fa3f638ee9f5aaae85182d72de7807c9f0a06311ef14eb4e5f3cb3b0
Evidence Type Source Name Value Confidence Vendor dll namespace System Highest Vendor file name System.Windows.Extensions High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace System Highest Product file name System.Windows.Extensions High Product grokassembly FileDescription System.Windows.Extensions High Product grokassembly InternalName System.Windows.Extensions.dll Medium Product grokassembly OriginalFilename System.Windows.Extensions.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies System.Windows.Extensions.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp3.0/System.Windows.Extensions.dll MD5: f672a537a363a4eea79a48cf34fa5808 SHA1: b9101ba7e62b0116ac5a7d4064d91f684e25f233 SHA256: b0b15ee123d24a220dc3446c96a6273e2fdade71d1f352bf06217bde57778b24 pkg:generic/System.Windows.Extensions@4.700.19.56404 jQuery.Validation:1.19.3File Path: /github/workspace/src/DependencyCheckExample/DependencyCheckExample.csproj
Evidence Type Source Name Value Confidence Vendor msbuild id jQuery Medium Product msbuild id jQuery.Validation Highest Product msbuild id Validation Medium Version msbuild version 1.19.3 Highest
CVE-2021-43306 (OSSINDEX) suppress
jquery-validation - Regular expression Denial of Service (ReDoS)
jquery-validation - Regular expression Denial of Service (ReDoS) CWE-1333 Inefficient Regular Expression Complexity
CVSSv3:
Base Score: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:*:jQuery.Validation:1.19.3:*:*:*:*:*:*:* sni.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win-arm64/native/sni.dllMD5: 167136d7a81bcc85acf4930aa7ac835fSHA1: 1e70240cc820796e78d77b1219291eee2fb6dbe0SHA256: ef18458c4dcb93f6b4eac07e1589cf3450bf878f2dd623f5d34f6a0f1b16e57a
Evidence Type Source Name Value Confidence Vendor file name sni High Product file name sni High
sni.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win-x64/native/sni.dllMD5: 7f1799b65b98450a19e4d049e9d3e70dSHA1: ec80c5a33374423a9e986c383a36a97da70a3584SHA256: 68705c4ef9ab818f2956a78e05f3fefce501a1448793b073b46110beb49b47d6
Evidence Type Source Name Value Confidence Vendor file name sni High Product file name sni High
sni.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win-x86/native/sni.dllMD5: c62a83f20bc23aeface70ec13003c4c5SHA1: 35553cfcdcbeccdc49710e68aec495c16880f0bdSHA256: 1446d6b26da49a5a9f366972f89f4e236f916955f31ddc38ebb96217c1cace9c
Evidence Type Source Name Value Confidence Vendor file name sni High Product file name sni High
Suppressed Vulnerabilities Microsoft.Win32.SystemEvents.dll Description:
Microsoft.Win32.SystemEvents
Microsoft.Win32.SystemEvents File Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/Microsoft.Win32.SystemEvents.dllMD5: dd6399dc9bc839c0c66dd22a394d249cSHA1: dc1afa18437751d0842a9ce36c2cf9ab957c2725SHA256: e7a3165fb182ba25be3b410fce4528d238fa4ff9a1a5507ac7e50542d692daa1
Evidence Type Source Name Value Confidence Vendor dll namespace Microsoft.Win32 Highest Vendor file name Microsoft.Win32.SystemEvents High Vendor grokassembly CompanyName Microsoft Corporation Highest Product dll namespace Microsoft.Win32 Highest Product file name Microsoft.Win32.SystemEvents High Product grokassembly FileDescription Microsoft.Win32.SystemEvents High Product grokassembly InternalName Microsoft.Win32.SystemEvents.dll Medium Product grokassembly OriginalFilename Microsoft.Win32.SystemEvents.dll Medium Product grokassembly ProductName Microsoft® .NET Core Highest Version grokassembly FileVersion 4.700.19.56404 High
Related Dependencies Microsoft.Win32.SystemEvents.dllFile Path: /github/workspace/src/DependencyCheckExample/bin/Debug/net7.0/runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll MD5: ef50bd977976ed929fabeaf6c9241c45 SHA1: ad004278f0c66cf0086c1024ce46b04852de6eca SHA256: 1d5bbfb227f20e866cf25f649a059b61c3f35336f69ebd19b8ede7b6e14a7414 cpe:2.3:a:microsoft:.net_core:4.700.19.56404:*:*:*:*:*:*:* suppressed (Confidence :Low)Notes: file name: Microsoft.Win32.SystemEvents.dll