{"id":361767,"url":"https://github.com/ESAPI/esapi-java-legacy","last_synced_at":"2026-06-21T13:30:24.198Z","repository":{"id":20576971,"uuid":"23857463","full_name":"ESAPI/esapi-java-legacy","owner":"ESAPI","description":"ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.","archived":false,"fork":false,"pushed_at":"2026-04-18T01:11:47.000Z","size":58120,"stargazers_count":646,"open_issues_count":130,"forks_count":373,"subscribers_count":54,"default_branch":"develop","last_synced_at":"2026-06-10T04:28:33.372Z","etag":null,"topics":["java","security"],"latest_commit_sha":null,"homepage":"https://owasp.org/www-project-enterprise-security-api/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ESAPI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING-TO-ESAPI.txt","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-09-10T02:12:29.000Z","updated_at":"2026-06-05T08:44:09.000Z","dependencies_parsed_at":"2025-11-18T04:01:35.447Z","dependency_job_id":null,"html_url":"https://github.com/ESAPI/esapi-java-legacy","commit_stats":null,"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"purl":"pkg:github/ESAPI/esapi-java-legacy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/sbom","scorecard":{"id":43618,"data":{"date":"2025-08-11","repo":{"name":"github.com/ESAPI/esapi-java-legacy","commit":"a0353871f07099fa30ad8ac07b773d24562ef43b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.7,"checks":[{"name":"Code-Review","score":1,"reason":"Found 2/16 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/maven.yml:1","Warn: no topLevel permission defined: .github/workflows/superlinter.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/maven.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/maven.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/superlinter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/superlinter.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/superlinter.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/superlinter.yml/develop?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: esapi-2.7.0.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.7.0.0","Info: signed release artifact: esapi-2.6.2.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.2.0","Info: signed release artifact: esapi-2.6.1.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.1.0","Info: signed release artifact: esapi-2.6.0.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.0.0","Info: signed release artifact: esapi-2.5.5.0-configuration.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.5.0","Warn: release artifact esapi-2.7.0.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/228498369","Warn: release artifact esapi-2.6.2.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/222580423","Warn: release artifact esapi-2.6.1.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/219379478","Warn: release artifact esapi-2.6.0.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/187434524","Warn: release artifact esapi-2.5.5.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/179002757"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 16 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-pvp8-3xj6-8c6x","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T22:10:36.648Z","repository_id":20576971,"created_at":"2025-08-14T22:10:36.648Z","updated_at":"2025-08-14T22:10:36.648Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34402663,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-16T02:00:06.860Z","response_time":126,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"owner":{"login":"ESAPI","name":"Enterprise Security API","uuid":"5580725","kind":"organization","description":null,"email":null,"website":null,"location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/5580725?v=4","repositories_count":6,"last_synced_at":"2024-03-27T12:50:39.032Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/ESAPI","funding_links":[],"total_stars":1124,"followers":22,"following":0,"created_at":"2022-11-06T05:41:20.782Z","updated_at":"2024-03-27T12:50:41.626Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI/repositories"},"packages":[{"id":13424814,"name":"libowasp-esapi-java","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-07T11:46:57.596Z","latest_release_published_at":"2026-02-07T11:46:57.596Z","latest_release_number":"2.2.3.1-1","last_synced_at":"2026-03-07T12:41:10.902Z","created_at":"2026-02-07T11:46:56.711Z","updated_at":"2026-03-07T13:01:40.616Z","registry_url":"https://launchpad.net/ubuntu/+source/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"libowasp-esapi-java, libowasp-esapi-java-doc","standards_version":"4.6.0","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, bsh-doc, default-jdk-doc, libcommons-beanutils-java, libcommons-beanutils-java-doc, libcommons-collections4-java, libcommons-collections4-java-doc, libcommons-configuration-java, libcommons-configuration-java-doc, libcommons-fileupload-java, libcommons-fileupload-java-doc, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), liblog4j1.2-java-doc, libmaven-javadoc-plugin-java, libowasp-antisamy-java, libowasp-antisamy-java-doc, libservlet3.1-java, libservlet3.1-java-doc, libxom-java, libxom-java-doc","build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/libowasp-esapi-java?arch=source\u0026distro=ubuntu-22.04\u0026repository_url=https://launchpad.net/ubuntu/jammy","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"ubuntu-22.04","url":"https://launchpad.net/ubuntu/jammy","ecosystem":"ubuntu","default":false,"packages_count":34289,"maintainers_count":0,"namespaces_count":4,"keywords_count":1523,"github":"ubuntu","metadata":{"codename":"jammy","funded_packages_count":167},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:46.486Z","updated_at":"2026-06-10T05:17:45.610Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-22.04/namespaces"}},{"id":13654809,"name":"libowasp-esapi-java","ecosystem":"debian","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["misc"],"namespace":"main","versions_count":1,"first_release_published_at":"2026-02-12T06:38:46.679Z","latest_release_published_at":"2026-02-12T06:38:46.679Z","latest_release_number":"2.4.0.0-2.1","last_synced_at":"2026-03-14T04:08:53.112Z","created_at":"2026-02-12T06:38:46.391Z","updated_at":"2026-03-14T04:08:53.112Z","registry_url":"https://tracker.debian.org/pkg/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":"https://packages.debian.org/trixie/libowasp-esapi-java","metadata":{"component":"main","architecture":"all","priority":"optional","binary":"libowasp-esapi-java","standards_version":"4.6.2","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, libcommons-beanutils-java, libcommons-collections4-java, libcommons-configuration-java, libcommons-fileupload-java, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), libmaven-javadoc-plugin-java, libowasp-antisamy-java, libservlet-api-java, libxom-java","build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-12T06:38:50.518Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/debian/libowasp-esapi-java?arch=source\u0026distro=debian-13\u0026repository_url=https://packages.debian.org/trixie","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/debian/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/debian/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/debian/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"debian-13","url":"https://packages.debian.org/trixie","ecosystem":"debian","default":false,"packages_count":38024,"maintainers_count":0,"namespaces_count":4,"keywords_count":1987,"github":"debian","metadata":{"codename":"trixie","funded_packages_count":316},"icon_url":"https://github.com/debian.png","created_at":"2026-02-04T11:01:50.448Z","updated_at":"2026-06-10T05:17:04.542Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/debian-13/namespaces"}},{"id":13695718,"name":"libowasp-esapi-java","ecosystem":"debian","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":"other","normalized_licenses":["Other"],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["misc"],"namespace":"main","versions_count":1,"first_release_published_at":"2026-02-12T20:06:55.841Z","latest_release_published_at":"2026-02-12T20:06:55.841Z","latest_release_number":"2.4.0.0-2","last_synced_at":"2026-03-13T04:23:03.065Z","created_at":"2026-02-12T20:06:55.052Z","updated_at":"2026-03-13T04:30:38.075Z","registry_url":"https://tracker.debian.org/pkg/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":"https://packages.debian.org/bookworm/libowasp-esapi-java","metadata":{"component":"main","architecture":"all","priority":"optional","binary":"libowasp-esapi-java","standards_version":"4.6.2","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, libcommons-beanutils-java, libcommons-collections4-java, libcommons-configuration-java, libcommons-fileupload-java, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), libmaven-javadoc-plugin-java, libowasp-antisamy-java, libservlet-api-java, libxom-java","build_depends_arch":null},"repo_metadata":{"id":20576971,"uuid":"23857463","full_name":"ESAPI/esapi-java-legacy","owner":"ESAPI","description":"ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.","archived":false,"fork":false,"pushed_at":"2025-10-23T20:31:29.000Z","size":58109,"stargazers_count":642,"open_issues_count":128,"forks_count":371,"subscribers_count":55,"default_branch":"develop","last_synced_at":"2026-02-06T03:22:10.435Z","etag":null,"topics":["java","security"],"latest_commit_sha":null,"homepage":"https://owasp.org/www-project-enterprise-security-api/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ESAPI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING-TO-ESAPI.txt","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-09-10T02:12:29.000Z","updated_at":"2026-01-25T13:07:42.000Z","dependencies_parsed_at":"2025-11-18T04:01:35.447Z","dependency_job_id":null,"html_url":"https://github.com/ESAPI/esapi-java-legacy","commit_stats":null,"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"purl":"pkg:github/ESAPI/esapi-java-legacy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/sbom","scorecard":{"id":43618,"data":{"date":"2025-08-11","repo":{"name":"github.com/ESAPI/esapi-java-legacy","commit":"a0353871f07099fa30ad8ac07b773d24562ef43b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.7,"checks":[{"name":"Code-Review","score":1,"reason":"Found 2/16 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/maven.yml:1","Warn: no topLevel permission defined: .github/workflows/superlinter.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/maven.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/maven.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/superlinter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/superlinter.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/superlinter.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/superlinter.yml/develop?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: esapi-2.7.0.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.7.0.0","Info: signed release artifact: esapi-2.6.2.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.2.0","Info: signed release artifact: esapi-2.6.1.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.1.0","Info: signed release artifact: esapi-2.6.0.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.0.0","Info: signed release artifact: esapi-2.5.5.0-configuration.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.5.0","Warn: release artifact esapi-2.7.0.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/228498369","Warn: release artifact esapi-2.6.2.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/222580423","Warn: release artifact esapi-2.6.1.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/219379478","Warn: release artifact esapi-2.6.0.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/187434524","Warn: release artifact esapi-2.5.5.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/179002757"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 16 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-pvp8-3xj6-8c6x","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T22:10:36.648Z","repository_id":20576971,"created_at":"2025-08-14T22:10:36.648Z","updated_at":"2025-08-14T22:10:36.648Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29379845,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-12T19:05:20.189Z","status":"ssl_error","status_checked_at":"2026-02-12T19:01:44.216Z","response_time":55,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"repo_metadata_updated_at":"2026-02-12T20:07:04.063Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":1.787873553290724,"forks_count":0.7686992572119536,"docker_downloads_count":null,"average":0.6391432026256694},"purl":"pkg:deb/debian/libowasp-esapi-java?arch=source\u0026distro=debian-12","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/debian/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/debian/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/debian/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2026-02-08T23:11:06.144Z","issues_count":101,"pull_requests_count":110,"avg_time_to_close_issue":11364637.701492537,"avg_time_to_close_pull_request":1671581.1134020619,"issues_closed_count":67,"pull_requests_closed_count":97,"pull_request_authors_count":27,"issue_authors_count":58,"avg_comments_per_issue":4.138613861386139,"avg_comments_per_pull_request":2.5636363636363635,"merged_pull_requests_count":71,"bot_issues_count":0,"bot_pull_requests_count":7,"past_year_issues_count":9,"past_year_pull_requests_count":20,"past_year_avg_time_to_close_issue":335582.6,"past_year_avg_time_to_close_pull_request":56514.53846153846,"past_year_issues_closed_count":5,"past_year_pull_requests_closed_count":13,"past_year_pull_request_authors_count":8,"past_year_issue_authors_count":7,"past_year_avg_comments_per_issue":3.6666666666666665,"past_year_avg_comments_per_pull_request":1.45,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":1,"past_year_merged_pull_requests_count":11,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/issues","maintainers":[{"login":"jeremiahjstacey","count":24,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jeremiahjstacey"},{"login":"xeno6696","count":10,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xeno6696"}],"active_maintainers":[{"login":"jeremiahjstacey","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jeremiahjstacey"},{"login":"xeno6696","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xeno6696"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"debian-12","url":"https://packages.debian.org/bookworm","ecosystem":"debian","default":true,"packages_count":34734,"maintainers_count":0,"namespaces_count":4,"keywords_count":2667,"github":"debian","metadata":{"codename":"bookworm","funded_packages_count":395},"icon_url":"https://github.com/debian.png","created_at":"2026-02-04T11:01:49.459Z","updated_at":"2026-06-10T05:17:51.014Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/debian-12/namespaces"}},{"id":13455667,"name":"libowasp-esapi-java","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-09T01:10:32.859Z","latest_release_published_at":"2026-02-09T01:10:32.859Z","latest_release_number":"2.4.0.0-2","last_synced_at":"2026-03-09T01:29:25.467Z","created_at":"2026-02-09T01:10:32.463Z","updated_at":"2026-03-09T01:34:15.211Z","registry_url":"https://launchpad.net/ubuntu/+source/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"libowasp-esapi-java","standards_version":"4.6.2","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, libcommons-beanutils-java, libcommons-collections4-java, libcommons-configuration-java, libcommons-fileupload-java, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), libmaven-javadoc-plugin-java, libowasp-antisamy-java, libservlet-api-java, libxom-java","build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/libowasp-esapi-java?arch=source\u0026distro=ubuntu-24.10\u0026repository_url=https://launchpad.net/ubuntu/oracular","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"ubuntu-24.10","url":"https://launchpad.net/ubuntu/oracular","ecosystem":"ubuntu","default":false,"packages_count":38437,"maintainers_count":0,"namespaces_count":4,"keywords_count":1473,"github":"ubuntu","metadata":{"codename":"oracular","mirror":"http://old-releases.ubuntu.com/ubuntu","funded_packages_count":214},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:48.028Z","updated_at":"2026-06-10T05:17:05.787Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.10/namespaces"}},{"id":13482738,"name":"libowasp-esapi-java","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-10T13:23:20.831Z","latest_release_published_at":"2026-02-10T13:23:20.831Z","latest_release_number":"2.4.0.0-2","last_synced_at":"2026-03-10T14:24:12.889Z","created_at":"2026-02-10T13:23:15.280Z","updated_at":"2026-03-10T14:24:12.890Z","registry_url":"https://launchpad.net/ubuntu/+source/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"libowasp-esapi-java","standards_version":"4.6.2","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, libcommons-beanutils-java, libcommons-collections4-java, libcommons-configuration-java, libcommons-fileupload-java, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), libmaven-javadoc-plugin-java, libowasp-antisamy-java, libservlet-api-java, libxom-java","build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":null,"dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/libowasp-esapi-java?arch=source\u0026distro=ubuntu-23.10\u0026repository_url=https://launchpad.net/ubuntu/mantic","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"ubuntu-23.10","url":"https://launchpad.net/ubuntu/mantic","ecosystem":"ubuntu","default":false,"packages_count":36642,"maintainers_count":0,"namespaces_count":4,"keywords_count":2223,"github":"ubuntu","metadata":{"codename":"mantic","mirror":"http://old-releases.ubuntu.com/ubuntu","funded_packages_count":444},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:48.636Z","updated_at":"2026-06-10T05:17:48.008Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.10/namespaces"}},{"id":4966951,"name":"org.owasp.esapi:esapi","ecosystem":"maven","description":"The Enterprise Security API (ESAPI) project is an OWASP project to create simple strong security controls for every web platform. Security controls are not simple to build. You can read about the hundreds of pitfalls for unwary developers on the OWASP web site. By providing developers with a set of strong controls, we aim to eliminate some of the complexity of creating secure web applications. This can result in significant cost savings across the SDLC.","homepage":"https://owasp.org/www-project-enterprise-security-api/","licenses":"BSD,Creative Commons 3.0 BY-SA","normalized_licenses":["BSD-3-Clause","CC0-1.0"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","keywords_array":[],"namespace":"org.owasp.esapi","versions_count":30,"first_release_published_at":"2010-09-07T17:44:36.000Z","latest_release_published_at":"2013-09-03T01:17:59.000Z","latest_release_number":"2.1.0","last_synced_at":"2026-06-19T06:13:21.100Z","created_at":"2022-07-27T07:56:24.485Z","updated_at":"2026-06-19T08:13:11.143Z","registry_url":"https://central.sonatype.com/artifact/org.owasp.esapi/esapi/","install_command":null,"documentation_url":"https://appdoc.app/artifact/org.owasp.esapi/esapi/","metadata":{"distribution_repositories":["https://central.sonatype.org/publish/publish-portal-maven/"]},"repo_metadata":{"id":20576971,"uuid":"23857463","full_name":"ESAPI/esapi-java-legacy","owner":"ESAPI","description":"ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.","archived":false,"fork":false,"pushed_at":"2025-10-23T20:31:29.000Z","size":58109,"stargazers_count":640,"open_issues_count":125,"forks_count":370,"subscribers_count":55,"default_branch":"develop","last_synced_at":"2025-11-01T20:01:49.989Z","etag":null,"topics":["java","security"],"latest_commit_sha":null,"homepage":"https://owasp.org/www-project-enterprise-security-api/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ESAPI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING-TO-ESAPI.txt","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2014-09-10T02:12:29.000Z","updated_at":"2025-10-31T01:54:09.000Z","dependencies_parsed_at":"2023-02-14T19:16:11.769Z","dependency_job_id":"e0067454-ca21-44fa-9671-00e323fee419","html_url":"https://github.com/ESAPI/esapi-java-legacy","commit_stats":null,"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"purl":"pkg:github/ESAPI/esapi-java-legacy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/sbom","scorecard":{"id":43618,"data":{"date":"2025-08-11","repo":{"name":"github.com/ESAPI/esapi-java-legacy","commit":"a0353871f07099fa30ad8ac07b773d24562ef43b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":5.7,"checks":[{"name":"Code-Review","score":1,"reason":"Found 2/16 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/maven.yml:1","Warn: no topLevel permission defined: .github/workflows/superlinter.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":2,"reason":"badge detected: InProgress","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/maven.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/maven.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/maven.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/superlinter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/superlinter.yml/develop?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/superlinter.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ESAPI/esapi-java-legacy/superlinter.yml/develop?enable=pin","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":8,"reason":"5 out of the last 5 releases have a total of 5 signed artifacts.","details":["Info: signed release artifact: esapi-2.7.0.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.7.0.0","Info: signed release artifact: esapi-2.6.2.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.2.0","Info: signed release artifact: esapi-2.6.1.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.1.0","Info: signed release artifact: esapi-2.6.0.0-configuration.jar.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.0.0","Info: signed release artifact: esapi-2.5.5.0-configuration.asc: https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.5.0","Warn: release artifact esapi-2.7.0.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/228498369","Warn: release artifact esapi-2.6.2.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/222580423","Warn: release artifact esapi-2.6.1.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/219379478","Warn: release artifact esapi-2.6.0.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/187434524","Warn: release artifact esapi-2.5.5.0 does not have provenance: https://api.github.com/repos/ESAPI/esapi-java-legacy/releases/179002757"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 16 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-pvp8-3xj6-8c6x","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T22:10:36.648Z","repository_id":20576971,"created_at":"2025-08-14T22:10:36.648Z","updated_at":"2025-08-14T22:10:36.648Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":282196547,"owners_count":26630284,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-11-01T02:00:06.759Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"ESAPI","name":"Enterprise Security API","uuid":"5580725","kind":"organization","description":null,"email":null,"website":null,"location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/5580725?v=4","repositories_count":6,"last_synced_at":"2024-03-27T12:50:39.032Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/ESAPI","funding_links":[],"total_stars":1124,"followers":22,"following":0,"created_at":"2022-11-06T05:41:20.782Z","updated_at":"2024-03-27T12:50:41.626Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ESAPI/repositories"},"tags":[{"name":"esapi-2.7.1.0-RC1","sha":"e533c5de161ede962d96ef591401809c88af26a9","kind":"tag","published_at":"2025-09-30T01:04:34.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.7.1.0-RC1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.7.1.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.7.1.0-RC1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.7.1.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.7.1.0-RC1/manifests"},{"name":"esapi-2.7.0.0","sha":"0fa4c0f1311aa525b1a776f0a789fb1dc8a04b41","kind":"tag","published_at":"2025-06-27T22:22:23.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.7.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.7.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.7.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.7.0.0/manifests"},{"name":"esapi-2.6.2.0","sha":"ba358e4955300b7e464fcd9d0c8dea31be1f8ad3","kind":"tag","published_at":"2025-06-03T01:18:22.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.6.2.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.6.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.6.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.6.2.0/manifests"},{"name":"esapi-2.6.1.0","sha":"e0ef29556f1bf7fbaf4d6ad94899db3e9d431f90","kind":"tag","published_at":"2025-05-19T01:53:35.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.6.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.6.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.6.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.6.1.0/manifests"},{"name":"esapi-2.6.0.0","sha":"dcde6c2362654b6f4af2b7daa96ef44c16c5763d","kind":"tag","published_at":"2024-11-25T23:43:02.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.6.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.6.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.6.0.0/manifests"},{"name":"esapi-2.5.5.0","sha":"3f2ff053269572dceef78bdefe3b8c3ecfd83076","kind":"tag","published_at":"2024-10-08T01:35:43.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.5.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.5.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.5.0/manifests"},{"name":"esapi-2.5.4.0","sha":"8c0e5e0ffe0e12326cda2896b149e2a0179e3378","kind":"tag","published_at":"2024-05-30T00:26:09.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.4.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.4.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.4.0/manifests"},{"name":"esapi-2.5.3.1","sha":"7823a879289e800e975b177a96cc3f57cc211da9","kind":"tag","published_at":"2023-12-01T03:38:15.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.3.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.3.1/manifests"},{"name":"esapi-2.5.3.0","sha":"ce7a72543fea94bab3cecb3d790a4dbbd8fb3e9a","kind":"tag","published_at":"2023-11-24T18:16:38.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.3.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.3.0/manifests"},{"name":"esapi-2.5.2.0","sha":"15737a23c0eb171da45148583d388edb023ff4b3","kind":"tag","published_at":"2023-04-13T00:21:02.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.2.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.2.0/manifests"},{"name":"esapi-2.5.1.0","sha":"958892f3e7bc59fe97f9594d06350e02275dc431","kind":"tag","published_at":"2022-11-27T16:36:35.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.1.0/manifests"},{"name":"esapi-2.5.0.0","sha":"8993a1ac07157e3207c342d915da6ee0cfc40c55","kind":"tag","published_at":"2022-07-20T03:16:17.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.5.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.5.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.5.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.5.0.0/manifests"},{"name":"esapi-2.4.0.0","sha":"db7f38cbd1e484597764b1e2bbdd0f62ca662510","kind":"tag","published_at":"2022-04-24T21:31:42.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.4.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.4.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.4.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.4.0.0/manifests"},{"name":"esapi-2.3.0.0","sha":"7797bc3ebd3a3bd700817b27e2a4455a0ba61f33","kind":"tag","published_at":"2022-04-17T22:35:09.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.3.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.3.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.3.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.3.0.0/manifests"},{"name":"esapi-2.2.3.1","sha":"2e8694c6beb3bdbb2645b882eba72ce41bc63242","kind":"tag","published_at":"2021-05-08T01:54:47.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.3.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.3.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.1/manifests"},{"name":"esapi-2.2.3.0","sha":"67980b8739f9ff03329a96e32af9d8012e9290da","kind":"tag","published_at":"2021-03-24T02:42:53.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.3.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.3.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.3.0/manifests"},{"name":"esapi-2.2.2.0","sha":"609e21c1d0253224f6f998f355ba5edcecb1d01a","kind":"tag","published_at":"2020-11-27T23:50:58.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.2.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.2.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.2.0/manifests"},{"name":"esapi-2.2.1.1","sha":"74fc4ba1fa9d356efa5e7052286482c689aafa09","kind":"commit","published_at":"2020-07-27T04:01:15.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.1.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.1.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.1/manifests"},{"name":"esapi-2.2.1.0","sha":"fefe6033d8e21963ab5f84b1649b8708366cd524","kind":"tag","published_at":"2020-07-13T02:44:26.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0/manifests"},{"name":"esapi-2.2.1.0-RC1","sha":"b6f8808e9bc0f1db01391ae40b18237b988252d8","kind":"tag","published_at":"2020-07-05T03:55:11.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.1.0-RC1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.1.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.1.0-RC1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.1.0-RC1/manifests"},{"name":"esapi-2.2.0.0","sha":"b9f1f87ad767a1985b4d528ebf04b899cdead255","kind":"tag","published_at":"2019-06-25T00:03:06.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.0.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0/manifests"},{"name":"esapi-2.2.0.0-RC3","sha":"06aa99e0881139768b87f5d50f91823dc9de5e98","kind":"tag","published_at":"2019-06-11T04:26:04.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0-RC3","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0-RC3","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.0.0-RC3","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC3/manifests"},{"name":"esapi-2.2.0.0-RC2","sha":"2671692f631f5d618b1dd49497e1cfcb0b66a528","kind":"tag","published_at":"2019-05-02T02:06:34.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0-RC2","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0-RC2","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.0.0-RC2","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC2/manifests"},{"name":"esapi-2.2.0.0-RC1","sha":"cc264ce3d23337d778a1d566dedfb3d319a3d1c7","kind":"tag","published_at":"2019-03-18T01:58:52.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.2.0.0-RC1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.2.0.0-RC1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.2.0.0-RC1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.2.0.0-RC1/manifests"},{"name":"esapi-2.1.0.1","sha":"5582e1ffb6afce1208d65cf890986fb70d8b0aac","kind":"tag","published_at":"2016-02-05T05:57:17.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.1.0.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.1.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0.1/manifests"},{"name":"esapi-2.1.0","sha":"842a799a20bb19e1923db2a15857d34487fdd459","kind":"commit","published_at":"2013-09-03T01:16:47.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.1.0","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.1.0","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.1.0/manifests"},{"name":"esapi-2.0.1","sha":"1c0b5d555ac7cac4e49c0a7011f56769c4699ff5","kind":"commit","published_at":"2011-07-25T06:24:48.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0.1","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.0.1","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0.1/manifests"},{"name":"esapi-2.0GA","sha":"ec188273e489ace3ad83bbbd7bd6d63b1a13139e","kind":"commit","published_at":"2011-05-11T05:54:00.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0GA","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0GA","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.0GA","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0GA","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0GA/manifests"},{"name":"releases","sha":"71971bbe353294a826d9c88a9ba370e9aea38b05","kind":"commit","published_at":"2011-05-05T17:44:54.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/releases","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/releases","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@releases","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/releases/manifests"},{"name":"esapi-2.0_rc11","sha":"aba31593fbf04250aa1193fb944732895eac5d92","kind":"commit","published_at":"2011-03-23T17:19:18.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0_rc11","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0_rc11","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.0_rc11","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc11/manifests"},{"name":"2.0_rc10","sha":"adb332d17b1618eb9e0de84a4fd3a1d5e4841339","kind":"commit","published_at":"2010-10-16T16:08:29.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/2.0_rc10","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/2.0_rc10","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@2.0_rc10","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_rc10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_rc10/manifests"},{"name":"esapi-2.0_rc10","sha":"1c2ba1f6e4d838d4cb8b3498f3c96403af117aa5","kind":"commit","published_at":"2010-10-15T19:56:26.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/esapi-2.0_rc10","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.0_rc10","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@esapi-2.0_rc10","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/esapi-2.0_rc10/manifests"},{"name":"2.0_RC10","sha":"8a1cc9f66498be92893e3f0d5301449176a20c19","kind":"commit","published_at":"2010-10-15T17:41:31.000Z","download_url":"https://codeload.github.com/ESAPI/esapi-java-legacy/tar.gz/2.0_RC10","html_url":"https://github.com/ESAPI/esapi-java-legacy/releases/tag/2.0_RC10","dependencies_parsed_at":null,"dependency_job_id":null,"purl":"pkg:github/ESAPI/esapi-java-legacy@2.0_RC10","tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_RC10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/tags/2.0_RC10/manifests"}]},"repo_metadata_updated_at":"2026-02-11T15:21:53.861Z","dependent_packages_count":106,"downloads":null,"downloads_period":null,"dependent_repos_count":1483,"rankings":{"downloads":null,"dependent_repos_count":0.30173552990925906,"dependent_packages_count":0.7051841647912479,"stargazers_count":14.98045826959579,"forks_count":9.39845107759829,"docker_downloads_count":0.507764634273312,"average":5.17871873523358},"purl":"pkg:maven/org.owasp.esapi/esapi","advisories":[{"uuid":"GSA_kwCzR0hTQS1yNjhoLWpoaGotOWp2bc4AA3Xs","url":"https://github.com/advisories/GHSA-r68h-jhhj-9jvm","title":"Validator.isValidSafeHTML is being deprecated and will be deleted from org.owasp.esapi:esapi in 1 year","description":"### Impact\nThe `Validator.isValidSafeHTML` method can result in false negatives where it reports some input as safe (i.e., returns true), but really isn't, and using that same input as-is can in certain circumstances result in XSS vulnerabilities. Because this method cannot be fixed, it is being deprecated and will be removed in one years time from when this advisory is published. Full details may be found in [ESAPI Security Bulletin #12](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin12.pdf).\n\nNote that all versions of ESAPI, that have this method (which dates back to at least the ESAPI 1.3 release more than 15 years ago) have this issue and it will continue to exist until we remove these two methods in a future ESAPI release.\n\n### Patches\nThere is no patch. We do not believe that it is possible to patch this pretentiously named method other then perhaps renaming it to something like Validator.mightThisBeValidSafeHTML to dissuade developers from using it.\n\n### Workarounds\nStop using this method. Note that `Validator.getValidSafeHTML` is believed to be safe to use with the default **antisamy-esapi.xml** AntiSamy policy file.\n\n### Why is no CVE being filed?\nWe outline the reasons in the section \"Why no CVE for this issue?\" in [ESAPI Security Bulletin #12](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin12.pdf). If after reading that, if _you_ still want to file a CVE or this, knock yourself out.\n\n### References\n[CWE-79](https://cwe.mitre.org/data/definitions/79.html)\n[CWE-80](https://cwe.mitre.org/data/definitions/80.html)\n[ESAPI Security Bulletin #12](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin12.pdf)\n\n### Final resolution\nThis GitHub Security Advisory should now be considered remediated in [ESAPI versions 2.6.0.0](https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.6.0.0) and later as the deprecated methods have been removed from the ESAPI jar.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2023-11-27T17:25:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-r68h-jhhj-9jvm","https://github.com/advisories/GHSA-r68h-jhhj-9jvm"],"source_kind":"github","identifiers":["GHSA-r68h-jhhj-9jvm"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"created_at":"2023-11-27T18:06:02.649Z","updated_at":"2026-04-05T20:03:48.530Z","epss_percentage":null,"epss_percentile":null,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yNjhoLWpoaGotOWp2bc4AA3Xs","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS1yNjhoLWpoaGotOWp2bc4AA3Xs","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.6.0.0","vulnerable_version_range":"\u003c 2.6.0.0"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yNjhoLWpoaGotOWp2bc4AA3Xs/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS03YzJxLTVxbXItdjc2cc4AA2we","url":"https://github.com/advisories/GHSA-7c2q-5qmr-v76q","title":"DoS vulnerabilities persist in ESAPI file uploads despite remediation of CVE-2023-24998","description":"### Impact\nESAPI 2.5.2.0 and later addressed  the DoS vulnerability described in CVE-2023-24998, which Apache Commons FileUpload 1.5 attempted to remediate. But while writing up a new security bulletin regarding the impact on the affected ESAPI `HTTPUtilities.getFileUploads` methods (or more specifically those methods in the `DefaultHTTPUtilities` implementation class), I realized that a DoS vulnerability still persists in ESAPI and for that matter in Apache Commons FileUpload as well.\n\n### Related to\nCVE-2023-24998\n\n### Patches\nESAPI 2.5.2.0 or later.\n\n### Workarounds\n- See the 'Solutions' section of Security Bulletin 11, in the References section. If you are not using ESAPI file uploads, see also the 'Workarounds' section.\n- Deploy an external WAF or other suitable DoS protection.\n- Add additional defenses to your code using HTTPUtilities.getFileUpload, such as requiring prior authentication, restricting how many / much content can be uploaded per user per day or per hour, etc. (It is the opinion of the ESAPI development team that such required controls should not be added to ESAPI because it is a general purpose security library and thus ESAPI ought not be enforcing generic policies like these on everyone, especially it it could break existing code bases.)\n\n### References\n[Security Bulletin 11: How Does CVE-2023-24998 Impact ESAPI?](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin11.pdf)\nNew ESAPI 2.5.2.0  or later Javadoc on HTTPUtilities.getFileUploads: https://javadoc.io/static/org.owasp.esapi/esapi/2.5.2.0/org/owasp/esapi/HTTPUtilities.html#getFileUploads-javax.servlet.http.HttpServletRequest-java.io.File-java.util.List-\n(Note: This link won't work until the 2.5.2.0 release is made official.)\n\n### Final Word\n(Especially to GitHub Advance Security team / GitHub as a CNA) -- I do not really wish to file a CVE for this. I had originally considered it, but there is no real way to address the general DoS scenarios for file uploads without breaking ESAPI client code which we are not willing to do. The clients have to take some responsibility for this themselves. In the next ESAPI release, I am going to add a reference to the appropriate Javadoc to this GitHub Security Advisory, but that's the best we can do. If you wish to discuss this with me, please first contact me via email at kevin.w.wall@gmail.com. ","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-10-27T21:55:44.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-7c2q-5qmr-v76q","https://github.com/advisories/GHSA-7c2q-5qmr-v76q"],"source_kind":"github","identifiers":["GHSA-7c2q-5qmr-v76q"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"created_at":"2023-10-27T22:05:46.718Z","updated_at":"2026-04-05T20:07:18.129Z","epss_percentage":null,"epss_percentile":null,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS03YzJxLTVxbXItdjc2cc4AA2we","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS03YzJxLTVxbXItdjc2cc4AA2we","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.5.2.0","vulnerable_version_range":"\u003c 2.5.2.0"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS03YzJxLTVxbXItdjc2cc4AA2we/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS1qY3A5LTc5NmctcHY5cM4AAdXJ","url":"https://github.com/advisories/GHSA-jcp9-796g-pv9p","title":"Missing Cryptographic Step in OWASP Enterprise Security API for Java","description":"The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protection mechanisms via an attack against authenticity in the default configuration, involving a null MAC and a zero MAC length.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2022-05-17T03:56:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2013-5679","http://code.google.com/p/owasp-esapi-java/issues/detail?id=306","http://lists.owasp.org/pipermail/esapi-dev/2013-August/002285.html","http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/ESAPI-security-bulletin1.pdf","https://github.com/ESAPI/esapi-java-legacy/commit/41138fef5f63d9cf0d5e05d2bee2c7f682ffef3f","https://github.com/advisories/GHSA-jcp9-796g-pv9p"],"source_kind":"github","identifiers":["GHSA-jcp9-796g-pv9p","CVE-2013-5679"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"created_at":"2022-12-21T16:12:12.042Z","updated_at":"2026-05-09T06:05:18.939Z","epss_percentage":0.00053,"epss_percentile":0.16506,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qY3A5LTc5NmctcHY5cM4AAdXJ","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS1qY3A5LTc5NmctcHY5cM4AAdXJ","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.1.0","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.1.0"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qY3A5LTc5NmctcHY5cM4AAdXJ/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS0yZzU2LTdqdjctd3h4cc4AAUSC","url":"https://github.com/advisories/GHSA-2g56-7jv7-wxxq","title":"Missing Cryptographic Step in OWASP Enterprise Security API for Java","description":"The authenticated-encryption feature in the symmetric-encryption implementation in the OWASP Enterprise Security API (ESAPI) for Java 2.x before 2.1.0.1 does not properly resist tampering with serialized ciphertext, which makes it easier for remote attackers to bypass intended cryptographic protection mechanisms via an attack against the intended cipher mode in a non-default configuration, a different vulnerability than CVE-2013-5679.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-05-14T01:37:06.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2013-5960","https://github.com/ESAPI/esapi-java-legacy/issues/359","https://github.com/esapi/esapi-java-legacy/issues/306","https://github.com/ESAPI/esapi-java-legacy/blob/master/documentation/esapi4java-core-2.1.0.1-release-notes.txt","http://code.google.com/p/owasp-esapi-java/issues/detail?id=306","http://lists.owasp.org/pipermail/esapi-dev/2013-August/002285.html","http://owasp-esapi-java.googlecode.com/svn/trunk/documentation/ESAPI-security-bulletin1.pdf","https://github.com/ESAPI/esapi-java-legacy/commit/b7cbc53f9cc967cf1a5a9463d8c6fef9ed6ef4f7","https://github.com/advisories/GHSA-2g56-7jv7-wxxq"],"source_kind":"github","identifiers":["GHSA-2g56-7jv7-wxxq","CVE-2013-5960"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"created_at":"2022-12-21T16:12:11.603Z","updated_at":"2026-06-03T15:07:21.291Z","epss_percentage":0.00174,"epss_percentile":0.38505,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0yZzU2LTdqdjctd3h4cc4AAUSC","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS0yZzU2LTdqdjctd3h4cc4AAUSC","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.1.0.1","vulnerable_version_range":"\u003e= 2.0.0.0, \u003c= 2.1.0.0"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS0yZzU2LTdqdjctd3h4cc4AAUSC/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS1xNzdxLXZ4NHEteHg2cc1BTg","url":"https://github.com/advisories/GHSA-q77q-vx4q-xx6q","title":"Cross-site Scripting in org.owasp.esapi:esapi","description":"### Impact\nThere is a potential for an XSS vulnerability in ESAPI caused by a incorrect regular expression for \"onsiteURL\" in the **antisamy-esapi.xml** configuration file that can cause URLs with the \"javascript:\" scheme to NOT be sanitized. See the reference below for full details.\n\n### Patches\nPatched in ESAPI 2.3.0.0 and later. See important remediation details in the reference given below.\n\n### Workarounds\nManually edit your **antisamy-esapi.xml** configuration files to change the \"onsiteURL\" regular expression as per remediation instructions in the reference below.\n\n### References\n[Security Bulletin 8](https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin8.pdf)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email one of the project co-leaders. See email addresses listed on  the [OWASP ESAPI wiki](https://owasp.org/www-project-enterprise-security-api/) page, under \"Leaders\".\n* Send email to one of the two ESAPI related Google Groups listed under [Where to Find More Information on ESAPI](https://github.com/ESAPI/esapi-java-legacy#where-to-find-more-information-on-esapi) on our [README.md](https://github.com/ESAPI/esapi-java-legacy#readme) page.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-04-27T21:09:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.1,"cvss_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-q77q-vx4q-xx6q","https://nvd.nist.gov/vuln/detail/CVE-2022-24891","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin8.pdf","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.3.0.0-release-notes.txt","https://www.oracle.com/security-alerts/cpujul2022.html","https://lists.debian.org/debian-lts-announce/2025/07/msg00010.html","https://security.netapp.com/advisory/ntap-20230127-0014","https://github.com/advisories/GHSA-q77q-vx4q-xx6q"],"source_kind":"github","identifiers":["GHSA-q77q-vx4q-xx6q","CVE-2022-24891"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"created_at":"2022-12-21T16:12:29.635Z","updated_at":"2026-06-19T08:10:46.995Z","epss_percentage":0.0103,"epss_percentile":0.77818,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xNzdxLXZ4NHEteHg2cc1BTg","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS1xNzdxLXZ4NHEteHg2cc1BTg","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.3.0.0","vulnerable_version_range":"\u003c= 2.2.3.1"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xNzdxLXZ4NHEteHg2cc1BTg/related_packages","related_advisories":[]},{"uuid":"GSA_kwCzR0hTQS04bTVoLWhycW0tcHhtMs1BTQ","url":"https://github.com/advisories/GHSA-8m5h-hrqm-pxm2","title":"Path traversal in the OWASP Enterprise Security API","description":"### Impact\nThe default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat the tested input string as a child of the specified parent directory. This potentially could allow control-flow bypass checks to be defeated if an attack can specify the entire string representing the 'input' path.\n\n### Patches\nThis vulnerability is patched in release 2.3.0.0 of ESAPI. See https://github.com/ESAPI/esapi-java-legacy/releases/tag/esapi-2.3.0.0 for details.\n\n### Workarounds\nYes; in theory, one _could_ write the own implementation of the Validator interface. This would most easily be done by sub-classing a version of the affected `DefaultValidator` class and then overriding the affected `getValidDirectoryPath()` to correct the issue. However, this is not recommended.\n\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email one of the project co-leaders. See email addresses listed on  the [OWASP ESAPI wiki](https://owasp.org/www-project-enterprise-security-api/) page, under \"Leaders\".\n* Send email to one of the two ESAPI related Google Groups listed under [Where to Find More Information on ESAPI](https://github.com/ESAPI/esapi-java-legacy#where-to-find-more-information-on-esapi) on our [README.md](https://github.com/ESAPI/esapi-java-legacy#readme) page.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-04-27T21:09:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.5,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","references":["https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-8m5h-hrqm-pxm2","https://nvd.nist.gov/vuln/detail/CVE-2022-23457","https://github.com/ESAPI/esapi-java-legacy/commit/a0d67b75593878b1b6e39e2acc1773b3effedb2a","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/GHSL-2022-008_The_OWASP_Enterprise_Security_API.md","https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.3.0.0-release-notes.txt","https://www.oracle.com/security-alerts/cpujul2022.html","https://lists.debian.org/debian-lts-announce/2025/07/msg00010.html","https://security.netapp.com/advisory/ntap-20230127-0014","https://securitylab.github.com/advisories/GHSL-2022-008_The_OWASP_Enterprise_Security_API","https://github.com/advisories/GHSA-8m5h-hrqm-pxm2"],"source_kind":"github","identifiers":["GHSA-8m5h-hrqm-pxm2","CVE-2022-23457"],"repository_url":"https://github.com/ESAPI/esapi-java-legacy","blast_radius":0.0,"created_at":"2022-12-21T16:12:29.643Z","updated_at":"2026-06-19T08:10:46.996Z","epss_percentage":0.00547,"epss_percentile":0.68303,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04bTVoLWhycW0tcHhtMs1BTQ","html_url":"https://advisories.ecosyste.ms/advisories/GSA_kwCzR0hTQS04bTVoLWhycW0tcHhtMs1BTQ","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.3.0.0","vulnerable_version_range":"\u003c= 2.2.3.1"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS04bTVoLWhycW0tcHhtMs1BTQ/related_packages","related_advisories":[]},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncDYtaGhmdy00Z3F4","url":"https://github.com/advisories/GHSA-3gp6-hhfw-4gqx","title":"Padding oracle attacks","description":"It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle attacks.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-13T15:22:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.9,"cvss_vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2010-3300","https://seclists.org/oss-sec/2010/q3/357","https://www.usenix.org/legacy/events/woot10/tech/full_papers/Rizzo.pdf","https://github.com/advisories/GHSA-3gp6-hhfw-4gqx"],"source_kind":"github","identifiers":["GHSA-3gp6-hhfw-4gqx","CVE-2010-3300"],"repository_url":null,"blast_radius":0.0,"created_at":"2022-12-21T16:12:58.334Z","updated_at":"2026-06-04T03:10:34.511Z","epss_percentage":0.00204,"epss_percentile":0.42516,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncDYtaGhmdy00Z3F4","html_url":"https://advisories.ecosyste.ms/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncDYtaGhmdy00Z3F4","packages":[{"ecosystem":"maven","package_name":"org.owasp.esapi:esapi","versions":[{"first_patched_version":"2.0GA","vulnerable_version_range":"\u003c 2.0GA"}],"purl":null}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNncDYtaGhmdy00Z3F4/related_packages","related_advisories":[]}],"docker_usage_url":"https://docker.ecosyste.ms/usage/maven/org.owasp.esapi:esapi","docker_dependents_count":676,"docker_downloads_count":102265081,"usage_url":"https://repos.ecosyste.ms/usage/maven/org.owasp.esapi:esapi","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/maven/org.owasp.esapi:esapi/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2025-11-01T20:01:25.638Z","issues_count":101,"pull_requests_count":107,"avg_time_to_close_issue":11364637.701492537,"avg_time_to_close_pull_request":1688992.3020833333,"issues_closed_count":67,"pull_requests_closed_count":96,"pull_request_authors_count":26,"issue_authors_count":58,"avg_comments_per_issue":4.138613861386139,"avg_comments_per_pull_request":2.588785046728972,"merged_pull_requests_count":70,"bot_issues_count":0,"bot_pull_requests_count":7,"past_year_issues_count":16,"past_year_pull_requests_count":25,"past_year_avg_time_to_close_issue":263371.0,"past_year_avg_time_to_close_pull_request":164900.3125,"past_year_issues_closed_count":9,"past_year_pull_requests_closed_count":16,"past_year_pull_request_authors_count":9,"past_year_issue_authors_count":12,"past_year_avg_comments_per_issue":3.8125,"past_year_avg_comments_per_pull_request":1.52,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":1,"past_year_merged_pull_requests_count":11,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/issues","maintainers":[{"login":"jeremiahjstacey","count":23,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jeremiahjstacey"},{"login":"xeno6696","count":9,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xeno6696"}],"active_maintainers":[{"login":"jeremiahjstacey","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jeremiahjstacey"},{"login":"xeno6696","count":1,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xeno6696"}]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.owasp.esapi:esapi/codemeta","maintainers":[],"registry":{"name":"repo1.maven.org","url":"https://repo.maven.apache.org/maven2","ecosystem":"maven","default":true,"packages_count":608482,"maintainers_count":0,"namespaces_count":80807,"keywords_count":34879,"github":"maven-central","metadata":{"funded_packages_count":37828},"icon_url":"https://github.com/maven-central.png","created_at":"2022-07-21T16:40:13.074Z","updated_at":"2026-06-10T05:05:55.821Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/namespaces"}},{"id":13718681,"name":"libowasp-esapi-java","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-13T00:38:17.904Z","latest_release_published_at":"2026-02-13T00:38:17.904Z","latest_release_number":"2.4.0.0-2","last_synced_at":"2026-03-13T01:08:37.590Z","created_at":"2026-02-13T00:38:17.009Z","updated_at":"2026-03-13T01:30:57.929Z","registry_url":"https://launchpad.net/ubuntu/+source/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"libowasp-esapi-java","standards_version":"4.6.2","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, libcommons-beanutils-java, libcommons-collections4-java, libcommons-configuration-java, libcommons-fileupload-java, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), libmaven-javadoc-plugin-java, libowasp-antisamy-java, libservlet-api-java, libxom-java","build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-13T00:38:18.557Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/libowasp-esapi-java?arch=source\u0026distro=ubuntu-24.04","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"ubuntu-24.04","url":"https://launchpad.net/ubuntu/noble","ecosystem":"ubuntu","default":true,"packages_count":37306,"maintainers_count":0,"namespaces_count":4,"keywords_count":1701,"github":"ubuntu","metadata":{"codename":"noble","funded_packages_count":198},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:45.928Z","updated_at":"2026-06-10T05:17:44.581Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-24.04/namespaces"}},{"id":13554027,"name":"libowasp-esapi-java","ecosystem":"ubuntu","description":null,"homepage":"https://github.com/esapi/esapi-java-legacy","licenses":null,"normalized_licenses":[],"repository_url":"https://github.com/esapi/esapi-java-legacy","keywords_array":["universe/misc"],"namespace":"universe","versions_count":1,"first_release_published_at":"2026-02-11T03:52:11.472Z","latest_release_published_at":"2026-02-11T03:52:11.472Z","latest_release_number":"2.4.0.0-2","last_synced_at":"2026-03-12T11:11:48.065Z","created_at":"2026-02-11T03:52:11.301Z","updated_at":"2026-03-12T11:11:48.065Z","registry_url":"https://launchpad.net/ubuntu/+source/libowasp-esapi-java","install_command":"apt-get install libowasp-esapi-java","documentation_url":null,"metadata":{"component":"universe","architecture":"all","priority":"optional","binary":"libowasp-esapi-java","standards_version":"4.6.2","maintainer":"Debian Java Maintainers \u003cpkg-java-maintainers@lists.alioth.debian.org\u003e","build_depends":"debhelper-compat (= 13), default-jdk, maven-debian-helper (\u003e= 1.5)","build_depends_indep":"bsh, libcommons-beanutils-java, libcommons-collections4-java, libcommons-configuration-java, libcommons-fileupload-java, libcommons-io-java, liblog4j1.2-java (\u003e= 1.2.16), libmaven-javadoc-plugin-java, libowasp-antisamy-java, libservlet-api-java, libxom-java","build_depends_arch":null},"repo_metadata":{},"repo_metadata_updated_at":"2026-02-11T14:46:35.396Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":0.0,"dependent_packages_count":0.0,"stargazers_count":null,"forks_count":null,"docker_downloads_count":null,"average":100},"purl":"pkg:deb/ubuntu/libowasp-esapi-java?arch=source\u0026distro=ubuntu-23.04\u0026repository_url=https://launchpad.net/ubuntu/lunar","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/ubuntu/libowasp-esapi-java","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/ubuntu/libowasp-esapi-java/dependencies","status":null,"funding_links":[],"critical":null,"issue_metadata":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/libowasp-esapi-java/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/libowasp-esapi-java/version_numbers","latest_version_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/libowasp-esapi-java/latest_version","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/libowasp-esapi-java/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/libowasp-esapi-java/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages/libowasp-esapi-java/codemeta","maintainers":[],"registry":{"name":"ubuntu-23.04","url":"https://launchpad.net/ubuntu/lunar","ecosystem":"ubuntu","default":false,"packages_count":36116,"maintainers_count":0,"namespaces_count":4,"keywords_count":1000,"github":"ubuntu","metadata":{"codename":"lunar","mirror":"http://old-releases.ubuntu.com/ubuntu","funded_packages_count":133},"icon_url":"https://github.com/ubuntu.png","created_at":"2026-02-04T11:01:49.117Z","updated_at":"2026-06-10T05:17:49.008Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/ubuntu-23.04/namespaces"}}],"commits":{"id":7224292,"full_name":"ESAPI/esapi-java-legacy","default_branch":"develop","total_commits":2131,"total_committers":70,"total_bot_commits":3,"total_bot_committers":1,"mean_commits":30.442857142857143,"dds":0.6719849835757861,"past_year_total_commits":16,"past_year_total_committers":3,"past_year_total_bot_commits":0,"past_year_total_bot_committers":0,"past_year_mean_commits":5.333333333333333,"past_year_dds":0.375,"last_synced_at":"2026-06-18T11:58:36.534Z","last_synced_commit":"58be1699d92336f3eff87435ee22cceced9a466d","created_at":"2024-12-03T16:13:28.714Z","updated_at":"2026-06-18T12:00:47.809Z","committers":[{"name":"kwwall","email":"kevin.w.wall@gmail.com","login":"kwwall","count":699},{"name":"kevin.w.wall","email":"kevin.w.wall@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":238},{"name":"manico.james","email":"manico.james@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":225},{"name":"Jeremiah Stacey","email":"jeremiah.j.stacey@gmail.com","login":"jeremiahjstacey","count":196},{"name":"planetlevel","email":"planetlevel@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":185},{"name":"kfealz@gmail.com","email":"kfealz@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":90},{"name":"chrisisbeef","email":"chrisisbeef@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":77},{"name":"Matt Seil","email":"mseil@acm.org","login":"xeno6696","count":76},{"name":"schallee@darkmist.net","email":"schallee@darkmist.net@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":45},{"name":"rogan.dawes","email":"rogan.dawes@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":40},{"name":"arshan.dabirsiaghi","email":"arshan.dabirsiaghi@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":25},{"name":"augustd","email":"augustd@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":25},{"name":"vanderaj@gmail.com","email":"vanderaj@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":18},{"name":"dwichers","email":"dwichers@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":15},{"name":"davewichers","email":"dwichers@gmail.com","login":"davewichers","count":15},{"name":"brent.shikoski@gmail.com","email":"brent.shikoski@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":14},{"name":"mike.boberski","email":"mike.boberski@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":12},{"name":"Jeffrey Walton","email":"noloader@gmail.com","login":"noloader","count":12},{"name":"mikehfauzy","email":"mikehfauzy@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":11},{"name":"Snyk bot","email":"snyk-bot@snyk.io","login":"snyk-bot","count":9},{"name":"jtmelton","email":"jtmelton@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":8},{"name":"Wiiitek","email":"kubiczak.jakub@gmail.com","login":"wiiitek","count":6},{"name":"Chris Schmidt","email":"chrisisbeef","login":"chrisisbeef","count":6},{"name":"chris.schmidt@owasp.org","email":"chris.schmidt@owasp.org@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":5},{"name":"arshan.dabirsiaghi@gmail.com","email":"arshan.dabirsiaghi@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":5},{"name":"Kad DEMBELE","email":"kad@thesoftwarecraftsman.org","login":null,"count":4},{"name":"Anthony Musyoki","email":"anthony.musyoki@gmail.com","login":"anthonyms","count":4},{"name":"karansanwal","email":"karansanwal@gmail.com","login":"karansanwal","count":4},{"name":"dependabot[bot]","email":"49699333+dependabot[bot]","login":"dependabot[bot]","count":3},{"name":"augustd","email":"augustd@codemagi.com","login":"augustd","count":3},{"name":"Constantino Cronemberger","email":"constantino.cronemberger@db.com","login":null,"count":3},{"name":"chrisisbeef@gmail.com","email":"chrisisbeef@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":3},{"name":"jonathan.ruckwood","email":"jonathan.ruckwood@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":3},{"name":"singhpawanpreet@gmail.com","email":"singhpawanpreet@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":3},{"name":"Simon McClenahan","email":"smcclenahan@gmail.com","login":"simon0117","count":2},{"name":"drmyersii","email":"davidrmyersii@gmail.com","login":"davidmyersdev","count":2},{"name":"Joel Rabinovitch","email":"joel.rabinovitch@tecsys.com","login":"JoelRabinovitch","count":2},{"name":"Steve","email":"steve.bosman@opencastsoftware.com","login":"stevebosman-oc","count":2},{"name":"erluko@gmail.com","email":"erluko@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":2},{"name":"kevin.w.wall@gmail.com","email":"kevin.w.wall@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":2},{"name":"mzilu","email":"michael.ziluck@kingland.com","login":null,"count":2},{"name":"planetlevel@gmail.com","email":"planetlevel@gmail.com@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":2},{"name":"NiklasMehner","email":"niklas.mehner@gmail.com","login":"NiklasMehner","count":1},{"name":"Olivier Jaquemet","email":"olivier.jaquemet@gmail.com","login":"OlivierJaquemet","count":1},{"name":"Pavan Kumar","email":"sunnypav","login":"sunnypav","count":1},{"name":"Robert Stoll","email":"rstoll@tutteli.ch","login":"robstoll","count":1},{"name":"Vinod Anandan","email":"vinod@owasp.org","login":"VinodAnandan","count":1},{"name":"Zac Spitzer","email":"zac.spitzer@gmail.com","login":"zspitzer","count":1},{"name":"mickeyz07","email":"32490762+mickeyz07","login":"mickeyz07","count":1},{"name":"Bill Sempf","email":"bill@pointweb.net","login":"sempf","count":1},{"name":"taringamberini","email":"taringamberini","login":"taringamberini","count":1},{"name":"preetgami","email":"109097825+preetgami","login":"preetgami","count":1},{"name":"mickilous","email":"mickilous@gmail.com","login":"mickilous","count":1},{"name":"Henrique Pinto","email":"97101738+HenriquePinto333","login":"HenriquePinto333","count":1},{"name":"Jacky","email":"jacky.chan@owasp.org","login":"jackycct","count":1},{"name":"Jeff Walker","email":"cavedog123@gmail.com","login":"Jeff-Walker","count":1},{"name":"Jonathan Putney","email":"42720634+jcputney","login":"jcputney","count":1},{"name":"Joseph Witthuhn","email":"joseph.witthuhn@thomsonreuters.com","login":"JosephWitthuhnTR","count":1},{"name":"Michael Ziluck","email":"ziluckm@iastate.edu","login":"Michael-Ziluck","count":1},{"name":"Michele Preziuso","email":"mpreziuso@kaosdynamics.com","login":"mpreziuso","count":1},{"name":"Helly Guo","email":"buffoonguo@gmail.com","login":"hellyguo","count":1},{"name":"HJW8472","email":"50944183+HJW8472","login":"HJW8472","count":1},{"name":"Debajit Kumar Phukan","email":"71944582+DebajitKumarPhukan","login":"DebajitKumarPhukan","count":1},{"name":"Dario Viva","email":"45972949+DarioViva42","login":"DarioViva42","count":1},{"name":"brent.shikoski","email":"brent.shikoski@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":1},{"name":"jim@manico.net","email":"jim@manico.net@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":1},{"name":"patrick.allen.higgins","email":"patrick.allen.higgins@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":1},{"name":"steven.van.der.baan@owasp.org","email":"steven.van.der.baan@owasp.org@69e6d614-4441-0410-9a8b-65af957f44db","login":null,"count":1},{"name":"Arpit Gupta","email":"arpitgup@10ddb1d55079.ant.amazon.com","login":null,"count":1},{"name":"Ben Sleek","email":"Benjamin.Sleek@spartasystems.com","login":null,"count":1}],"past_year_committers":[{"name":"kwwall","email":"kevin.w.wall@gmail.com","login":"kwwall","count":10},{"name":"jeremiah.stacey","email":"jeremiah.j.stacey@gmail.com","login":"jeremiahjstacey","count":5},{"name":"Matt Seil","email":"xeno6696","login":"xeno6696","count":1}],"commits_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/commits","host":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-06-18T00:00:09.052Z","repositories_count":6261735,"commits_count":876043296,"contributors_count":35059380,"owners_count":1167751,"icon_url":"https://github.com/github.png","host_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://commits.ecosyste.ms/api/v1/hosts/GitHub/repositories"}},"issues":{"table":{"full_name":"ESAPI/esapi-java-legacy","html_url":"https://github.com/ESAPI/esapi-java-legacy","last_synced_at":"2026-05-31T23:08:42.703Z","status":"active","issues_count":101,"pull_requests_count":112,"avg_time_to_close_issue":11364637.701492537,"avg_time_to_close_pull_request":1645628.1616161617,"issues_closed_count":67,"pull_requests_closed_count":99,"pull_request_authors_count":28,"issue_authors_count":58,"avg_comments_per_issue":4.138613861386139,"avg_comments_per_pull_request":2.5357142857142856,"merged_pull_requests_count":71,"bot_issues_count":0,"bot_pull_requests_count":7,"past_year_issues_count":6,"past_year_pull_requests_count":17,"past_year_avg_time_to_close_issue":557053.6666666666,"past_year_avg_time_to_close_pull_request":123770.8,"past_year_issues_closed_count":3,"past_year_pull_requests_closed_count":10,"past_year_pull_request_authors_count":8,"past_year_issue_authors_count":4,"past_year_avg_comments_per_issue":5.166666666666667,"past_year_avg_comments_per_pull_request":1.5882352941176472,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":6,"created_at":"2023-05-16T12:04:24.436Z","updated_at":"2026-05-31T23:08:42.704Z","repository_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy","issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/ESAPI%2Fesapi-java-legacy/issues","issue_labels_count":{"table":{"bug":42,"enhancement":24,"Build-Maven":7,"Priority-Low":7,"Component-Docs":6,"Priority-Medium":5,"wontfix":5,"falsepositive":4,"Component-Encoder":4,"imported":4,"Component-Logger":3,"good first issue":3,"javadoc":3,"question":3,"Configuration":3,"Component-Validator":2,"Priority-High":2,"Component-SecurityConfiguration":2,"Component-Encryptor":2,"Vulnerable Dependencies":2,"Security":1,"help wanted":1,"Milestone-Release2.2":1,"General Code Cleanup":1,"OpSys-All":1,"Milestone-Release2.1":1,"jdk_related":1,"Type-Other":1,"Component-Randomizer":1,"duplicate":1,"wait4future":1,"Release Steps":1,"Java 1.8":1,"NothingToFixHere":1,"IDE":1,"documentation_comments":1}},"pull_request_labels_count":{"table":{"Vulnerable Dependencies":6,"javadoc":2,"java":1,"dependencies":1}},"issue_author_associations_count":{"table":{"NONE":58,"CONTRIBUTOR":35,"COLLABORATOR":8}},"pull_request_author_associations_count":{"table":{"CONTRIBUTOR":64,"COLLABORATOR":26,"NONE":22}},"issue_authors":{"table":{"kwwall":29,"xeno6696":4,"meg23":4,"jeremiahjstacey":4,"JerryDevis":3,"raine93":2,"dwhacker":2,"vpalli-bnym":2,"sh26masood":2,"RutujaPSonawane":1,"Zokal84":1,"akwick":1,"Somdutta":1,"noloader":1,"saravanansubiramaniam":1,"Nikhilkarande33":1,"davewichers":1,"aabhasg":1,"RobertMolenda":1,"bardware":1,"swxEmily":1,"reschke":1,"NilsRenaud":1,"guadgarcia":1,"popa-raluca":1,"elangoravi":1,"paulpozicheun":1,"SatyaAchanta":1,"nettermensch":1,"happylife007":1,"Criptak":1,"madmax138":1,"Johnlon":1,"stevebosman-oc":1,"Afridi76320":1,"RodolfoAndre":1,"SubashJanarthanan":1,"nyinyi12N":1,"SalmanMohammedTR":1,"Jeff-Walker":1,"davidmichaelkarr":1,"bdthomsen":1,"SuperM-L":1,"kartik-kaushik":1,"in-fke":1,"pf-BenF":1,"DarioViva42":1,"mickeyz07":1,"ss839x":1,"cristiantm":1,"Adwait-Joshi94":1,"mukesh4804":1,"Aakash4396":1,"smmsit":1,"wilx":1,"PriyatamaB":1,"lathspell":1,"tusharkumawat":1}},"pull_request_authors":{"table":{"kwwall":29,"jeremiahjstacey":20,"noloader":8,"dependabot[bot]":7,"xeno6696":6,"DarioViva42":4,"reschke":4,"DebajitKumarPhukan":4,"davewichers":3,"picsouds":2,"JosephWitthuhnTR":2,"mpreziuso":2,"RodolfoAndre":2,"lumpkingod-boop":2,"sabbott1877":2,"mickeyz07":2,"stevebosman-oc":2,"jcputney":1,"gustavonj":1,"sreekesh93":1,"VinodAnandan":1,"robstoll":1,"duttonw":1,"rjunqueira":1,"ThrawnCA":1,"pintohen":1,"preetgami":1,"Jeff-Walker":1}},"host":{"table":{"name":"GitHub","url":"https://github.com","kind":"github","last_synced_at":"2026-06-18T00:00:09.580Z","repositories_count":14815661,"issues_count":33113431,"pull_requests_count":109318679,"authors_count":11310420,"icon_url":"https://github.com/github.png","host_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories","owners_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/owners","authors_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors"}},"past_year_issue_labels_count":{"table":{"bug":1,"Build-Maven":1,"Component-Docs":1,"Configuration":1,"enhancement":1,"help wanted":1,"Priority-High":1}},"past_year_pull_request_labels_count":{"table":{}},"past_year_issue_author_associations_count":{"table":{"NONE":3,"CONTRIBUTOR":2}},"past_year_pull_request_author_associations_count":{"table":{"NONE":7,"COLLABORATOR":4}},"past_year_issue_authors":{"table":{"kwwall":2,"paulpozicheun":1,"wilx":1,"Zokal84":1}},"past_year_pull_request_authors":{"table":{"jeremiahjstacey":2,"lumpkingod-boop":2,"sabbott1877":2,"xeno6696":2,"duttonw":1,"gustavonj":1,"ThrawnCA":1}},"maintainers":[{"table":{"login":"jeremiahjstacey","count":24,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jeremiahjstacey"}},{"table":{"login":"xeno6696","count":10,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xeno6696"}}],"active_maintainers":[{"table":{"login":"jeremiahjstacey","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/jeremiahjstacey"}},{"table":{"login":"xeno6696","count":2,"url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/authors/xeno6696"}}]}},"events":{"total":{"ReleaseEvent":3,"DeleteEvent":4,"PullRequestEvent":21,"ForkEvent":18,"IssuesEvent":30,"WatchEvent":32,"IssueCommentEvent":129,"PushEvent":25,"PullRequestReviewCommentEvent":36,"GollumEvent":1,"PullRequestReviewEvent":39,"CreateEvent":9},"last_year":{"ReleaseEvent":1,"PullRequestEvent":7,"ForkEvent":6,"IssuesEvent":11,"WatchEvent":9,"IssueCommentEvent":36,"PushEvent":7,"PullRequestReviewCommentEvent":18,"PullRequestReviewEvent":7,"CreateEvent":1}},"keywords":["java","security"],"dependencies":[{"ecosystem":"actions","filepath":".github/workflows/maven.yml","sha":null,"kind":"manifest","created_at":"2023-01-14T07:45:49.063Z","updated_at":"2023-01-14T07:45:49.063Z","repository_link":"https://github.com/ESAPI/esapi-java-legacy/blob/develop/.github/workflows/maven.yml","dependencies":[{"id":6893253152,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":6893253153,"package_name":"actions/setup-java","ecosystem":"actions","requirements":"v1","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"actions","filepath":".github/workflows/superlinter.yml","sha":null,"kind":"manifest","created_at":"2023-01-14T07:45:49.132Z","updated_at":"2023-01-14T07:45:49.132Z","repository_link":"https://github.com/ESAPI/esapi-java-legacy/blob/develop/.github/workflows/superlinter.yml","dependencies":[{"id":6893253207,"package_name":"actions/checkout","ecosystem":"actions","requirements":"v2","direct":true,"kind":"composite","optional":false},{"id":6893253208,"package_name":"github/super-linter","ecosystem":"actions","requirements":"v4","direct":true,"kind":"composite","optional":false}]},{"ecosystem":"maven","filepath":"pom.xml","sha":null,"kind":"manifest","created_at":"2023-01-14T07:45:49.169Z","updated_at":"2023-01-14T07:45:49.169Z","repository_link":"https://github.com/ESAPI/esapi-java-legacy/blob/develop/pom.xml","dependencies":[{"id":6893253238,"package_name":"javax.servlet:javax.servlet-api","ecosystem":"maven","requirements":"3.1.0","direct":true,"kind":"provided","optional":false},{"id":6893253239,"package_name":"javax.servlet.jsp:javax.servlet.jsp-api","ecosystem":"maven","requirements":"2.3.3","direct":true,"kind":"provided","optional":false},{"id":6893253240,"package_name":"xom:xom","ecosystem":"maven","requirements":"1.3.8","direct":true,"kind":"runtime","optional":false},{"id":6893253246,"package_name":"commons-beanutils:commons-beanutils","ecosystem":"maven","requirements":"1.9.4","direct":true,"kind":"runtime","optional":false},{"id":6893253247,"package_name":"commons-configuration:commons-configuration","ecosystem":"maven","requirements":"1.10","direct":true,"kind":"runtime","optional":false},{"id":6893253248,"package_name":"commons-lang:commons-lang","ecosystem":"maven","requirements":"2.6","direct":true,"kind":"runtime","optional":false},{"id":6893253249,"package_name":"commons-fileupload:commons-fileupload","ecosystem":"maven","requirements":"1.4","direct":true,"kind":"runtime","optional":false},{"id":6893253250,"package_name":"org.apache.commons:commons-collections4","ecosystem":"maven","requirements":"4.4","direct":true,"kind":"runtime","optional":false},{"id":6893253251,"package_name":"org.apache-extras.beanshell:bsh","ecosystem":"maven","requirements":"2.0b6","direct":true,"kind":"runtime","optional":false},{"id":6893253252,"package_name":"org.owasp.antisamy:antisamy","ecosystem":"maven","requirements":"1.7.2","direct":true,"kind":"runtime","optional":false},{"id":6893253256,"package_name":"org.slf4j:slf4j-api","ecosystem":"maven","requirements":"2.0.4","direct":true,"kind":"runtime","optional":false},{"id":6893253257,"package_name":"xml-apis:xml-apis","ecosystem":"maven","requirements":"1.4.01","direct":true,"kind":"runtime","optional":false},{"id":6893253258,"package_name":"commons-io:commons-io","ecosystem":"maven","requirements":"2.11.0","direct":true,"kind":"runtime","optional":false},{"id":6893253259,"package_name":"com.github.spotbugs:spotbugs-annotations","ecosystem":"maven","requirements":"4.7.3","direct":true,"kind":"runtime","optional":false},{"id":6893253260,"package_name":"commons-codec:commons-codec","ecosystem":"maven","requirements":"1.15","direct":true,"kind":"test","optional":false},{"id":6893253261,"package_name":"junit:junit","ecosystem":"maven","requirements":"4.13.2","direct":true,"kind":"test","optional":false},{"id":6893253262,"package_name":"org.bouncycastle:bcprov-jdk15on","ecosystem":"maven","requirements":"1.70","direct":true,"kind":"test","optional":false},{"id":6893253263,"package_name":"org.hamcrest:hamcrest-core","ecosystem":"maven","requirements":"2.2","direct":true,"kind":"test","optional":false},{"id":6893253264,"package_name":"org.powermock:powermock-api-mockito2","ecosystem":"maven","requirements":"2.0.9","direct":true,"kind":"test","optional":false},{"id":6893253266,"package_name":"org.mockito:mockito-core","ecosystem":"maven","requirements":"3.12.4","direct":true,"kind":"test","optional":false},{"id":6893253268,"package_name":"org.powermock:powermock-core","ecosystem":"maven","requirements":"2.0.9","direct":true,"kind":"test","optional":false},{"id":6893253280,"package_name":"org.powermock:powermock-module-junit4","ecosystem":"maven","requirements":"2.0.9","direct":true,"kind":"test","optional":false},{"id":6893253281,"package_name":"org.powermock:powermock-reflect","ecosystem":"maven","requirements":"2.0.9","direct":true,"kind":"test","optional":false},{"id":6893253284,"package_name":"org.openjdk.jmh:jmh-core","ecosystem":"maven","requirements":"1.36","direct":true,"kind":"test","optional":false}]}],"score":29.345748743763796,"created_at":"2025-05-08T20:38:29.602Z","updated_at":"2026-06-21T13:30:24.198Z","avatar_url":"https://github.com/ESAPI.png","language":"Java","codemeta":null,"publiccode":null,"project_url":"https://summary.ecosyste.ms/api/v1/projects/361767","html_url":"https://summary.ecosyste.ms/projects/361767"}