Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all):
- dependency-check version: 8.2.1
- Report Generated On: Sun, 16 Jul 2023 21:00:44 -0400
- Dependencies Scanned: 9 (9 unique)
- Vulnerable Dependencies: 0
- Vulnerabilities Found: 0
- Vulnerabilities Suppressed: 0
- ...
- NVD CVE Checked: 2023-07-16T21:00:31
- NVD CVE Modified: 2023-07-16T20:00:01
- VersionCheckOn: 2023-06-28T19:06:28
- kev.checked: 1689533958
Summary
Display:
Showing Vulnerable Dependencies (click to show all)Dependencies
checker-qual-3.34.0.jar
Description:
checker-qual contains annotations (type qualifiers) that a programmer
writes to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.34.0\checker-qual-3.34.0.jar
MD5: 8e9c6363624cffa5b6f3324d9155f05b
SHA1: fd620da2920cdb0bfcbcde20e309f75940198ccf
SHA256:5dd03e83e375bd7a16a5e7ed6aa6128d058639d314ed25daeb7ab74e596326dd
Referenced In Project/Scope: 7zip:provided
checker-qual-3.34.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | checker-qual | High |
| Vendor | jar | package name | checker | Highest |
| Vendor | jar | package name | checkerframework | Highest |
| Vendor | jar | package name | framework | Highest |
| Vendor | jar | package name | qual | Highest |
| Vendor | Manifest | automatic-module-name | org.checkerframework.checker.qual | Medium |
| Vendor | Manifest | bundle-symbolicname | checker-qual | Medium |
| Vendor | Manifest | implementation-url | https://checkerframework.org | Low |
| Vendor | pom | artifactid | checker-qual | Highest |
| Vendor | pom | artifactid | checker-qual | Low |
| Vendor | pom | developer email | mernst@cs.washington.edu | Low |
| Vendor | pom | developer email | smillst@cs.washington.edu | Low |
| Vendor | pom | developer id | mernst | Medium |
| Vendor | pom | developer id | smillst | Medium |
| Vendor | pom | developer name | Michael Ernst | Medium |
| Vendor | pom | developer name | Suzanne Millstein | Medium |
| Vendor | pom | developer org | University of Washington | Medium |
| Vendor | pom | developer org URL | https://www.cs.washington.edu/ | Medium |
| Vendor | pom | groupid | org.checkerframework | Highest |
| Vendor | pom | name | Checker Qual | High |
| Vendor | pom | url | https://checkerframework.org/ | Highest |
| Product | file | name | checker-qual | High |
| Product | jar | package name | checker | Highest |
| Product | jar | package name | checkerframework | Highest |
| Product | jar | package name | framework | Highest |
| Product | jar | package name | qual | Highest |
| Product | Manifest | automatic-module-name | org.checkerframework.checker.qual | Medium |
| Product | Manifest | Bundle-Name | checker-qual | Medium |
| Product | Manifest | bundle-symbolicname | checker-qual | Medium |
| Product | Manifest | implementation-url | https://checkerframework.org | Low |
| Product | pom | artifactid | checker-qual | Highest |
| Product | pom | developer email | mernst@cs.washington.edu | Low |
| Product | pom | developer email | smillst@cs.washington.edu | Low |
| Product | pom | developer id | mernst | Low |
| Product | pom | developer id | smillst | Low |
| Product | pom | developer name | Michael Ernst | Low |
| Product | pom | developer name | Suzanne Millstein | Low |
| Product | pom | developer org | University of Washington | Low |
| Product | pom | developer org URL | https://www.cs.washington.edu/ | Low |
| Product | pom | groupid | org.checkerframework | Highest |
| Product | pom | name | Checker Qual | High |
| Product | pom | url | https://checkerframework.org/ | Medium |
| Version | file | version | 3.34.0 | High |
| Version | Manifest | Bundle-Version | 3.34.0 | High |
| Version | Manifest | Implementation-Version | 3.34.0 | High |
| Version | pom | version | 3.34.0 | Highest |
error_prone_annotations-2.19.1.jar
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.19.1\error_prone_annotations-2.19.1.jar
MD5: fdf6aadc2aad53b682e206066853424e
SHA1: 94c9e3872d81c44fdd7bbe76f96430df763a02af
SHA256:add3990298501fdcb6ec58fff26608c1d298fb5dfe2f80d74867bf0f5c539668
Referenced In Project/Scope: 7zip:provided
error_prone_annotations-2.19.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | error_prone_annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | errorprone | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | Manifest | automatic-module-name | com.google.errorprone.annotations | Medium |
| Vendor | Manifest | build-jdk-spec | 17 | Low |
| Vendor | pom | artifactid | error_prone_annotations | Highest |
| Vendor | pom | artifactid | error_prone_annotations | Low |
| Vendor | pom | groupid | com.google.errorprone | Highest |
| Vendor | pom | name | error-prone annotations | High |
| Vendor | pom | parent-artifactid | error_prone_parent | Low |
| Product | file | name | error_prone_annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | errorprone | Highest |
| Product | jar | package name | google | Highest |
| Product | Manifest | automatic-module-name | com.google.errorprone.annotations | Medium |
| Product | Manifest | build-jdk-spec | 17 | Low |
| Product | pom | artifactid | error_prone_annotations | Highest |
| Product | pom | groupid | com.google.errorprone | Highest |
| Product | pom | name | error-prone annotations | High |
| Product | pom | parent-artifactid | error_prone_parent | Medium |
| Version | file | version | 2.19.1 | High |
| Version | pom | version | 2.19.1 | Highest |
hibernate-validator-annotation-processor-6.2.5.Final.jar
File Path: C:\Users\Jeremy\.m2\repository\org\hibernate\validator\hibernate-validator-annotation-processor\6.2.5.Final\hibernate-validator-annotation-processor-6.2.5.Final.jar
MD5: 9f2a3168a0e9da5c6b0fc6fa5a29525a
SHA1: 845f834671380ef9c4c93e3f638bd88f6a4abba7
SHA256:6ad006443f769860af1886cc805d28c3d75c6253a2817f175c6bc7e2b359f55c
Referenced In Project/Scope: 7zip:provided
hibernate-validator-annotation-processor-6.2.5.Final.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | hibernate-validator-annotation-processor | High |
| Vendor | hint analyzer | vendor | redhat | Highest |
| Vendor | jar | package name | hibernate | Highest |
| Vendor | jar | package name | org | Highest |
| Vendor | jar | package name | validator | Highest |
| Vendor | Manifest | automatic-module-name | org.hibernate.validator.annotationprocessor | Medium |
| Vendor | Manifest | implementation-url | http://hibernate.org/validator/ | Low |
| Vendor | Manifest | Implementation-Vendor | org.hibernate.validator | High |
| Vendor | Manifest | Implementation-Vendor-Id | org.hibernate.validator | Medium |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | hibernate-validator-annotation-processor | Highest |
| Vendor | pom | artifactid | hibernate-validator-annotation-processor | Low |
| Vendor | pom | groupid | org.hibernate.validator | Highest |
| Vendor | pom | name | Hibernate Validator Annotation Processor | High |
| Vendor | pom | parent-artifactid | hibernate-validator-parent | Low |
| Product | file | name | hibernate-validator-annotation-processor | High |
| Product | jar | package name | hibernate | Highest |
| Product | jar | package name | org | Highest |
| Product | jar | package name | validator | Highest |
| Product | Manifest | automatic-module-name | org.hibernate.validator.annotationprocessor | Medium |
| Product | Manifest | Implementation-Title | hibernate-validator-annotation-processor | High |
| Product | Manifest | implementation-url | http://hibernate.org/validator/ | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | hibernate-validator-annotation-processor | Highest |
| Product | pom | groupid | org.hibernate.validator | Highest |
| Product | pom | name | Hibernate Validator Annotation Processor | High |
| Product | pom | parent-artifactid | hibernate-validator-parent | Medium |
| Version | Manifest | Implementation-Version | 6.2.5.Final | High |
| Version | pom | version | 6.2.5.Final | Highest |
j2objc-annotations-2.8.jar
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\2.8\j2objc-annotations-2.8.jar
MD5: c50af69b704dc91050efb98e0dff66d1
SHA1: c85270e307e7b822f1086b93689124b89768e273
SHA256:f02a95fa1a5e95edb3ed859fd0fb7df709d121a35290eff8b74dce2ab7f4d6ed
Referenced In Project/Scope: 7zip:provided
j2objc-annotations-2.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | j2objc-annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | annotations | Low |
| Vendor | jar | package name | google | Highest |
| Vendor | jar | package name | google | Low |
| Vendor | jar | package name | j2objc | Highest |
| Vendor | jar | package name | j2objc | Low |
| Vendor | pom | artifactid | j2objc-annotations | Highest |
| Vendor | pom | artifactid | j2objc-annotations | Low |
| Vendor | pom | groupid | com.google.j2objc | Highest |
| Vendor | pom | name | J2ObjC Annotations | High |
| Vendor | pom | url | google/j2objc/ | Highest |
| Product | file | name | j2objc-annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | annotations | Low |
| Product | jar | package name | google | Highest |
| Product | jar | package name | j2objc | Highest |
| Product | jar | package name | j2objc | Low |
| Product | pom | artifactid | j2objc-annotations | Highest |
| Product | pom | groupid | com.google.j2objc | Highest |
| Product | pom | name | J2ObjC Annotations | High |
| Product | pom | url | google/j2objc/ | High |
| Version | file | version | 2.8 | High |
| Version | pom | version | 2.8 | Highest |
jsr305-3.0.2.jar
Description:
JSR305 Annotations for Findbugs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: 7zip:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.7.3
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | jsr305 | High |
| Vendor | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Vendor | pom | artifactid | jsr305 | Highest |
| Vendor | pom | artifactid | jsr305 | Low |
| Vendor | pom | groupid | com.google.code.findbugs | Highest |
| Vendor | pom | name | FindBugs-jsr305 | High |
| Vendor | pom | url | http://findbugs.sourceforge.net/ | Highest |
| Product | file | name | jsr305 | High |
| Product | Manifest | Bundle-Name | FindBugs-jsr305 | Medium |
| Product | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Product | pom | artifactid | jsr305 | Highest |
| Product | pom | groupid | com.google.code.findbugs | Highest |
| Product | pom | name | FindBugs-jsr305 | High |
| Product | pom | url | http://findbugs.sourceforge.net/ | Medium |
| Version | file | version | 3.0.2 | High |
| Version | Manifest | Bundle-Version | 3.0.2 | High |
| Version | pom | version | 3.0.2 | Highest |
lombok-1.18.28.jar: mavenEcjBootstrapAgent.jar
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.28\lombok-1.18.28.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: a1d753fe8aaf60ad853aa91a66c2995f
SHA1: 322bba74fc2f92977a1cb37423a3ec278db13726
SHA256:347036133d49df4fd1d625fa4e7906ddd968291cef7590bb2f8398dd2413d4e4
Referenced In Project/Scope: 7zip:provided
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | mavenEcjBootstrapAgent | High |
| Vendor | jar | package name | launch | Low |
| Vendor | jar | package name | lombok | Low |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Product | file | name | mavenEcjBootstrapAgent | High |
| Product | jar | package name | launch | Low |
| Product | Manifest | can-redefine-classes | true | Low |
lombok-1.18.28.jar
Description:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!
License:
The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.28\lombok-1.18.28.jar
MD5: 99be6bf05b7244ab44af156500cc3f0e
SHA1: a2ff5da8bcd8b1b26f36b806ced63213362c6dcc
SHA256:b774dc4fca543225d8b5e8c1637eb413c4363b2e613e95222776f792a8cec0e0
Referenced In Project/Scope: 7zip:provided
lombok-1.18.28.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | lombok | High |
| Vendor | jar | package name | java | Highest |
| Vendor | jar | package name | lombok | Highest |
| Vendor | jar | package name | tostring | Highest |
| Vendor | Manifest | automatic-module-name | lombok | Medium |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Vendor | pom | artifactid | lombok | Highest |
| Vendor | pom | artifactid | lombok | Low |
| Vendor | pom | developer email | reinier@projectlombok.org | Low |
| Vendor | pom | developer email | roel@projectlombok.org | Low |
| Vendor | pom | developer id | rspilker | Medium |
| Vendor | pom | developer id | rzwitserloot | Medium |
| Vendor | pom | developer name | Reinier Zwitserloot | Medium |
| Vendor | pom | developer name | Roel Spilker | Medium |
| Vendor | pom | groupid | org.projectlombok | Highest |
| Vendor | pom | name | Project Lombok | High |
| Vendor | pom | url | https://projectlombok.org | Highest |
| Product | file | name | lombok | High |
| Product | jar | package name | java | Highest |
| Product | jar | package name | lombok | Highest |
| Product | jar | package name | tostring | Highest |
| Product | Manifest | automatic-module-name | lombok | Medium |
| Product | Manifest | can-redefine-classes | true | Low |
| Product | pom | artifactid | lombok | Highest |
| Product | pom | developer email | reinier@projectlombok.org | Low |
| Product | pom | developer email | roel@projectlombok.org | Low |
| Product | pom | developer id | rspilker | Low |
| Product | pom | developer id | rzwitserloot | Low |
| Product | pom | developer name | Reinier Zwitserloot | Low |
| Product | pom | developer name | Roel Spilker | Low |
| Product | pom | groupid | org.projectlombok | Highest |
| Product | pom | name | Project Lombok | High |
| Product | pom | url | https://projectlombok.org | Medium |
| Version | file | version | 1.18.28 | High |
| Version | Manifest | lombok-version | 1.18.28 | Medium |
| Version | pom | version | 1.18.28 | Highest |
modernizer-maven-annotations-2.6.0.jar
File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\2.6.0\modernizer-maven-annotations-2.6.0.jar
MD5: 9372bf637ff0f598b66303b971462fb2
SHA1: 11e554904ffbd0db0046320078f65c88b7b76cf4
SHA256:5c265d4f316babe5bb16bd68c10df139c9c7e1e542021bd99f906c3c2728450a
Referenced In Project/Scope: 7zip:provided
modernizer-maven-annotations-2.6.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | modernizer-maven-annotations | High |
| Vendor | jar | package name | gaul | Highest |
| Vendor | Manifest | build-jdk-spec | 11 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | modernizer-maven-annotations | Highest |
| Vendor | pom | artifactid | modernizer-maven-annotations | Low |
| Vendor | pom | groupid | org.gaul | Highest |
| Vendor | pom | name | Modernizer Maven Plugin annotations | High |
| Vendor | pom | parent-artifactid | modernizer-maven-parent | Low |
| Product | file | name | modernizer-maven-annotations | High |
| Product | jar | package name | gaul | Highest |
| Product | Manifest | build-jdk-spec | 11 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | modernizer-maven-annotations | Highest |
| Product | pom | groupid | org.gaul | Highest |
| Product | pom | name | Modernizer Maven Plugin annotations | High |
| Product | pom | parent-artifactid | modernizer-maven-parent | Medium |
| Version | file | version | 2.6.0 | High |
| Version | pom | version | 2.6.0 | Highest |
spotbugs-annotations-4.7.3.jar
Description:
Annotations the SpotBugs tool supports
License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.7.3\spotbugs-annotations-4.7.3.jar
MD5: a70cfa500f3d66e6bd7ecb7cfe671ce2
SHA1: 46fb4f0ae2e69eafa963711cc5c3369ac81aa31f
SHA256:c0fd1ac2e22acdd46913a2ff74551b71f124457199688698204af4bf3d43165d
Referenced In Project/Scope: 7zip:provided
spotbugs-annotations-4.7.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.7zip/7zip@23.01
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | spotbugs-annotations | High |
| Vendor | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Vendor | Manifest | bundle-requiredexecutionenvironment | J2SE-1.5 | Low |
| Vendor | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Vendor | pom | artifactid | spotbugs-annotations | Highest |
| Vendor | pom | artifactid | spotbugs-annotations | Low |
| Vendor | pom | developer email | andreas.sewe@codetrails.com | Low |
| Vendor | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Vendor | pom | developer email | loskutov@gmx.de | Low |
| Vendor | pom | developer email | skypencil@gmail.com | Low |
| Vendor | pom | developer id | henrik242 | Medium |
| Vendor | pom | developer id | iloveeclipse | Medium |
| Vendor | pom | developer id | jsotuyod | Medium |
| Vendor | pom | developer id | KengoTODA | Medium |
| Vendor | pom | developer id | mebigfatguy | Medium |
| Vendor | pom | developer id | sewe | Medium |
| Vendor | pom | developer id | ThrawnCA | Medium |
| Vendor | pom | developer name | Andreas Sewe | Medium |
| Vendor | pom | developer name | Andrey Loskutov | Medium |
| Vendor | pom | developer name | Dave Brosius | Medium |
| Vendor | pom | developer name | Juan Martín Sotuyo Dodero | Medium |
| Vendor | pom | developer name | Kengo TODA | Medium |
| Vendor | pom | groupid | com.github.spotbugs | Highest |
| Vendor | pom | name | SpotBugs Annotations | High |
| Vendor | pom | url | https://spotbugs.github.io/ | Highest |
| Product | file | name | spotbugs-annotations | High |
| Product | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Product | Manifest | Bundle-Name | spotbugs-annotations | Medium |
| Product | Manifest | bundle-requiredexecutionenvironment | J2SE-1.5 | Low |
| Product | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Product | pom | artifactid | spotbugs-annotations | Highest |
| Product | pom | developer email | andreas.sewe@codetrails.com | Low |
| Product | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Product | pom | developer email | loskutov@gmx.de | Low |
| Product | pom | developer email | skypencil@gmail.com | Low |
| Product | pom | developer id | henrik242 | Low |
| Product | pom | developer id | iloveeclipse | Low |
| Product | pom | developer id | jsotuyod | Low |
| Product | pom | developer id | KengoTODA | Low |
| Product | pom | developer id | mebigfatguy | Low |
| Product | pom | developer id | sewe | Low |
| Product | pom | developer id | ThrawnCA | Low |
| Product | pom | developer name | Andreas Sewe | Low |
| Product | pom | developer name | Andrey Loskutov | Low |
| Product | pom | developer name | Dave Brosius | Low |
| Product | pom | developer name | Juan Martín Sotuyo Dodero | Low |
| Product | pom | developer name | Kengo TODA | Low |
| Product | pom | groupid | com.github.spotbugs | Highest |
| Product | pom | name | SpotBugs Annotations | High |
| Product | pom | url | https://spotbugs.github.io/ | Medium |
| Version | file | version | 4.7.3 | High |
| Version | Manifest | Bundle-Version | 4.7.3 | High |
| Version | pom | version | 4.7.3 | Highest |