CVE-2021-42392

Synchro Task SynchroTask is a lightweight library which helps to synchronize Java routines in distributed environments Synchronization is one of the most important parts in software development Programming languages offer a wide range of options to work with locks and concurrency In Java, developers can choose between low-level features, such as synchronized or methods li

Audit Dependency-Track findings and policy violations via policy as code

dtapac Audit Dependency-Track findings and policy violations via policy as code Consider this project to be a proof-of-concept It is not very sophisticated, but it gets the job done Try it in a test environment first Do not skip this step, do not run it in production without prior testing! Introduction Dependency-Track offers a fairly sophisticated auditing workflow for

Your hitman for anything JVM.

Agent 🧩 Patches 📦 Generic (wiki) Patch Description h2jndi patches CVE-2021-42392 log4jjndi patches CVE-2021-44228 📦 Sonatype (wiki) Patch Description nexusanonymize Anonymizes the 'Uploader' and 'Uploader's IP Address' on assets Library Repository: mavenCentral() Dependencies: iogithublxgaming:agent:VERSION iogit

Global Security Database (GSD) Analysis

GSD Analysis The primary goal of this analysis is to understand the data sources, structure, and counts of the Global Security Database (GSD) Replication Clone both this repository and the gsd-database repository Checkout the gsd-database commit to (gsd timestamp: 2022-05-20T05:00:05:000) replicate below results: :~/gsd-database$ git checkout d8ce33d48de2f00130e821e9828c3e04b

Generate and populate SQL tables via JPA provider

jpa-ddl Use JPA 21 to generate database tables, load initial data via SQL statements, and emit DDL statements Two versions are presented, one that uses plain Tomcat with EclipseLink bundled in the WAR file, and another one that uses TomEE with EclipseLink (this version needs EclipseLink to be manually installed) The two versions are very similar The TomEE version is a bit s

CVE-2021-42392-Detect About The script detects vulnerable H2 server for the give list of IPs, it can identify the H2 Console web pages and check for access restrictions Usage Create a file containing list of IPs and name the file IPtxt, place the 'IPtxt' and 'h2-detectpy' in a directory and execute the script Here "IPtxt" is the default filen

Encrypted storage of SQL columns using JPA and javax.crypto

jpa-crypt Store and retrieve encrypted data in SQL databases using JPA JPA 21 supports automatic table creation and generating DDL statements, so no actual SQL coding is required The encryption algorithm used is AES-GCM, which is a shorthand for the mouthful Advanced Encryption Standard -- Galois/Counter Mode, but this can easily be changed by changing a few parameters in th