Home » com.tencent.bk.devops.ci.common » common-security » 1.13.0

BK CI » 1.13.0

Tencent blueking ci project

LicenseMIT
Tagssecurity
HomePage https://github.com/Tencent/bk-ci 🔍 Inspect URL
DateFeb 26, 2024
Filespom (34 KB)  jar (13 KB)  View All
RepositoriesCentral
Ranking#215882 in MvnRepository (See Top Artifacts)
Used By2 artifacts
VulnerabilitiesVulnerabilities from dependencies:
CVE-2025-8916
CVE-2025-4949
CVE-2025-37727
View 31 more ...

Note: There is a new version for this artifact

New Version4.1.0-rc.3

Scope:
Scope:
Format:
Scope:
Scope:
Scope:
Scope:
Scope:
Scope:

Compile Dependencies (6)

Category/License Group / ArtifactVersionUpdates

MIT		com.tencent.bk.devops.ci.common » common-util 1.13.04.0.0

MIT		com.tencent.bk.devops.ci.common » common-service 1.13.04.0.0
JWT Lib
Apache 2.0		io.jsonwebtoken » jjwt-api 0.11.20.13.0
App Server
Apache 2.0		org.springframework.boot » spring-boot
Config
Apache 2.0		org.springframework.boot » spring-boot-autoconfigure
Annotation Tool
Apache 2.0		org.springframework.boot » spring-boot-configuration-processor

Runtime Dependencies (6)

Category/License Group / ArtifactVersionUpdates
Core Utils
Apache 2.0		com.google.guava » guava2 vulnerabilities 29.0-jre33.5.0-jre
JWT Lib
Apache 2.0		io.jsonwebtoken » jjwt-impl 0.11.20.13.0

Apache 2.0		io.jsonwebtoken » jjwt-jackson 0.11.20.13.0
Lang Runtime
Apache 2.0		org.jetbrains.kotlin » kotlin-stdlib-jdk8 1.6.212.2.21
Reflection
Apache 2.0		org.jetbrains.kotlin » kotlin-reflect 1.6.212.2.21
Dep Injection
Apache 2.0		org.springframework » spring-context

Managed Dependencies (76)

Category/License Group / ArtifactVersionUpdates
Bytecode
Apache 2.0		cglib » cglib 2.2.23.3.0
CRON Parser
Apache 2.0		com.cronutils » cron-utils 9.1.69.2.1

Apache 2.0		com.floragunn » search-guard-ssl 5.6.14-236.8.6-25.7
Docker Client
Apache 2.0		com.github.docker-java » docker-java 3.2.53.7.0

Apache 2.0		com.github.docker-java » docker-java-transport-okhttp 3.2.53.7.0
JSON Schema
Apache 2.0LGPL		com.github.fge » json-schema-validator 2.2.62.2.14

MIT		com.github.oshi » oshi-core 5.8.36.9.1

MIT		com.github.shyiko » ktlint 0.29.00.31.0

MIT		com.github.ulisesbocchio » jasypt-spring-boot-starter 3.0.33.0.5

Apache 2.0		com.github.xingePush » xinge 1.2.4.91.2.4.10

MIT		com.googlecode.plist » dd-plist 1.231.28
Cache Impl
Apache 2.0		com.jakewharton » disklrucache 2.0.2
JSON Schema
Apache 2.0		com.networknt » json-schema-validator 1.0.492.0.0

com.perforce » p4java 2021.1.21638432025.1.2785811
HTTP Clients
Apache 2.0		com.squareup.okhttp3 » okhttp 4.9.05.3.2
Mocking
Apache 2.0		com.squareup.okhttp3 » mockwebserver 4.9.05.3.2

Apache 2.0		com.squareup.okhttp3 » okhttp-dnsoverhttps 4.9.05.3.2

Apache 2.0		com.squareup.okhttp3 » logging-interceptor 4.9.05.3.2

Apache 2.0		com.squareup.okhttp3 » okcurl 4.9.05.3.2

Apache 2.0		com.squareup.okhttp3 » okhttp-testing-support4.9.03.14.9

Apache 2.0		com.squareup.okhttp3 » okhttp-tls 4.9.05.3.2

Apache 2.0		com.squareup.okhttp3 » okhttp-urlconnection 4.9.05.3.2
HTTP Clients
Apache 2.0		com.squareup.okhttp3 » okhttp-sse 4.9.05.3.2

MIT		com.tencent.bk.repo » api-generic 1.0.11.1.0-RELEASE

MIT		com.tencent.bk.repo » api-repository 1.0.11.1.0-RELEASE

MIT		com.tencent.bk.repo » api-webhook 1.0.11.1.0-RELEASE

MIT		com.tencent.bk.sdk » iam-java-sdk 1.0.02.0.0

MIT		com.tencent.devops.leaf » leaf-boot-starter 1.0.2-RELEASE
Emoji
MIT		com.vdurmont » emoji-java 5.1.1
I/O
Apache 2.0		commons-io » commons-io1 vulnerability 2.72.21.0

Apache 2.0		io.github.resilience4j » resilience4j-circuitbreaker 1.7.12.3.0
Mocking
Apache 2.0		io.mockk » mockk 1.12.21.14.6

Apache 2.0		io.swagger » swagger-models 1.6.22.2.40

Apache 2.0		io.swagger » swagger-jersey2-jaxrs 1.6.21.6.16
Annotation Lib
Apache 2.0		io.swagger » swagger-annotations 1.6.22.2.40
Java Spec
EPL 2.0GPL 2.0		javax.ws.rs » javax.ws.rs-api 2.04.0.0

me.cassiano » ktlint-html-reporter 0.1.20.2.3

MIT		net.coobird » thumbnailator 0.4.80.4.21

BSD 2-clause		net.dongliu » apk-parser 2.5.32.6.10
JSON Lib
Public		net.sf.json-lib » json-lib 2.420250517
Build Tool
Apache 2.0		org.apache.ant » ant4 vulnerabilities 1.10.51.10.15
Collections
Apache 2.0		org.apache.commons » commons-collections4 4.44.5.0
External Proc Exec
Apache 2.0		org.apache.commons » commons-exec 1.31.5.0
Compression
Apache 2.0		org.apache.commons » commons-compress2 vulnerabilities 1.211.28.0
CSV
Apache 2.0		org.apache.commons » commons-csv 1.81.14.1
String Utils
Apache 2.0		org.apache.commons » commons-text 1.10.01.14.0
Full-Text Indexing
Apache 2.0		org.apache.lucene » lucene-core 8.11.110.3.1

Apache 2.0		org.apache.poi » poi-ooxml1 vulnerability 3.175.5.0
Excel Lib
Apache 2.0		org.apache.poi » poi1 vulnerability 3.175.5.0

Apache 2.0		org.apache.pulsar » pulsar-client1 vulnerability 2.7.24.1.1
HTTP Clients
Apache 2.0		org.asynchttpclient » async-http-client1 vulnerability 2.1.03.0.4
Encryption Lib
BouncyCastle		org.bouncycastle » bcprov-ext-jdk15on2 vulnerabilities 1.701.78.1
Encryption Lib
BouncyCastle		org.bouncycastle » bcprov-jdk15on3 vulnerabilities 1.701.82
Encryption Lib
BouncyCastle		org.bouncycastle » bcpkix-jdk15on1 vulnerability 1.701.82
XML Processing
BSD 3-clause		org.dom4j » dom4j 2.0.32.2.0

BSD 3-clauseEDL 1.0		org.eclipse.jgit » org.eclipse.jgit.ssh.jsch 5.13.1.202206130422-r7.4.0.202509020913-r
Git Tool
BSD 3-clauseEDL 1.0		org.eclipse.jgit » org.eclipse.jgit2 vulnerabilities 5.13.1.202206130422-r7.4.0.202509020913-r
ElasticSearch Client
AGPL 3.0SSPL 1		org.elasticsearch » elasticsearch12 vulnerabilities 7.17.39.2.1
ElasticSearch Client
org.elasticsearch.client » elasticsearch-rest-high-level-client 7.17.37.17.29
ElasticSearch Client
Apache 2.0		org.elasticsearch.client » elasticsearch-rest-client 7.17.39.2.1
Application Metrics
Apache 2.0		org.fusesource » sigar 1.6.4

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.containers » jersey-container-servlet 2.344.0.0

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.containers » jersey-container-servlet-core 2.343.1.11

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.core » jersey-client 2.344.0.0

Apache 2.0CC0 1.0EPL 2.0GPL 2.0Public		org.glassfish.jersey.core » jersey-common 2.344.0.0

Apache 2.0BSDEPL 2.0GPL 2.0		org.glassfish.jersey.core » jersey-server 2.344.0.0

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.ext » jersey-entity-filtering 2.344.0.0

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.ext » jersey-spring5 2.344.0.0
Validation
Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.ext » jersey-bean-validation 2.344.0.0

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.inject » jersey-hk2 2.344.0.0
JSON Lib
Apache 2.0EPL 2.0GPL 2.0		org.glassfish.jersey.media » jersey-media-json-jackson 2.344.0.0

Apache 2.0BSD 2-clauseCC0 1.0EDL 1.0EPL 2.0GPLMITPublicW3C		org.glassfish.jersey.media » jersey-media-multipart 2.344.0.0

MIT		org.hashids » hashids 1.0.3
JSON Lib
Public		org.json » json2 vulnerabilities 2021030720250517
O/R Mapping
Apache 2.0		org.mybatis » mybatis 3.5.63.5.19
Reflection
Apache 2.0		org.reflections » reflections 0.10.2

Licenses

LicenseURL
MIT https://github.com/Tencent/bk-ci/blob/master/LICENSE.txt

Developers

NameEmailDev IdRolesOrganization
bk-cidevops<at>tencent.comManager

Related Books

Penetration Testing with Java: A step-by-step pen testing handbook for Java applications (English Edition)Penetration Testing with Java: A step-by-step pen testing handbook for Java applications (English Edition) (2025)
by Snoke, Nancy
Mastering Secure Java Applications: Navigating security in cloud and microservices for Java (English Edition)Mastering Secure Java Applications: Navigating security in cloud and microservices for Java (English Edition) (2024)
by Chawdhury, Tarun Kumar, Banerjee, Joyanta, Gupta, Vipul, Poddar, Debopam
The Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and MoreThe Definitive Guide to Security in Jakarta EE: Securing Java-based Enterprise Applications with Jakarta Security, Authorization, Authentication and More (2022)
by Tijms, Arjan, Bais, Teo, Keil, Werner
Java Security (2nd Edition)Java Security (2nd Edition) (2001)
by Oaks, Scott