Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all):
- dependency-check version: 12.2.0
- Report Generated On: Sat, 4 Apr 2026 15:14:40 -0400
- Dependencies Scanned: 10 (9 unique)
- Vulnerable Dependencies: 0
- Vulnerabilities Found: 0
- Vulnerabilities Suppressed: 0
- ...
- NVD API Last Checked: 2026-04-04T15:08:18-04
- NVD API Last Modified: 2026-04-04T17:16:50Z
Summary
Summary of Vulnerable Dependencies (click to show all)
ant-1.10.16.jar
File Path: C:\Users\Jeremy\.m2\repository\org\apache\ant\ant\1.10.16\ant-1.10.16.jar
MD5: b7b72a857d3da0f0f530e4c20b0ed567
SHA1: 16be4dd51358ac9f78c5e7d6c62b5fac3c11b4fe
SHA256:b2ae7b3f4c132dce0b205b5e17448c4bc72036316ac49b986e66514061cb781f
Referenced In Project/Scope: apache-ant:provided
ant-1.10.16.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | ant | High |
| Vendor | jar | package name | ant | Highest |
| Vendor | jar | package name | apache | Highest |
| Vendor | manifest: org/apache/tools/ant/ | Implementation-Vendor | Apache Software Foundation | Medium |
| Vendor | pom | artifactid | ant | Highest |
| Vendor | pom | artifactid | ant | Low |
| Vendor | pom | groupid | org.apache.ant | Highest |
| Vendor | pom | name | Apache Ant Core | High |
| Vendor | pom | parent-artifactid | ant-parent | Low |
| Vendor | pom | url | https://ant.apache.org/ | Highest |
| Product | file | name | ant | High |
| Product | jar | package name | ant | Highest |
| Product | jar | package name | apache | Highest |
| Product | jar | package name | tools | Highest |
| Product | manifest: org/apache/tools/ant/ | Implementation-Title | org.apache.tools.ant | Medium |
| Product | manifest: org/apache/tools/ant/ | Specification-Title | Apache Ant | Medium |
| Product | pom | artifactid | ant | Highest |
| Product | pom | groupid | org.apache.ant | Highest |
| Product | pom | name | Apache Ant Core | High |
| Product | pom | parent-artifactid | ant-parent | Medium |
| Product | pom | url | https://ant.apache.org/ | Medium |
| Version | file | version | 1.10.16 | High |
| Version | manifest: org/apache/tools/ant/ | Implementation-Version | 1.10.16 | Medium |
| Version | pom | version | 1.10.16 | Highest |
Related Dependencies
- ant-launcher-1.10.16.jar
- File Path: C:\Users\Jeremy\.m2\repository\org\apache\ant\ant-launcher\1.10.16\ant-launcher-1.10.16.jar
- MD5: 023221b94c46674912e673c7979e546f
- SHA1: 34e9d3528f0d683cc7488cbb3332c3818d6aac85
- SHA256: 14f979626b6484b9a5f1e14918370e65197df3876da181e1b7d14080ec3dc212
- pkg:maven/org.apache.ant/ant-launcher@1.10.16
checker-qual-3.54.0.jar
Description:
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: https://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.54.0\checker-qual-3.54.0.jar
MD5: 6c37e1dfa8c74da0e2284d4ab6760b44
SHA1: c3ce292a54faccba14e2a9f3077a4dc05e5770a8
SHA256:20b88b0fe12233933f3c88848c276758da1c14bafe5c686ad21e2eb6abc8c4cb
Referenced In Project/Scope: apache-ant:compile
checker-qual-3.54.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | checker-qual | High |
| Vendor | jar | package name | checker | Highest |
| Vendor | jar | package name | checkerframework | Highest |
| Vendor | jar | package name | framework | Highest |
| Vendor | jar | package name | qual | Highest |
| Vendor | Manifest | bundle-symbolicname | checker-qual | Medium |
| Vendor | Manifest | implementation-url | https://checkerframework.org | Low |
| Vendor | pom | artifactid | checker-qual | Highest |
| Vendor | pom | artifactid | checker-qual | Low |
| Vendor | pom | developer email | mernst@cs.washington.edu | Low |
| Vendor | pom | developer email | smillst@cs.washington.edu | Low |
| Vendor | pom | developer id | mernst | Medium |
| Vendor | pom | developer id | smillst | Medium |
| Vendor | pom | developer name | Michael Ernst | Medium |
| Vendor | pom | developer name | Suzanne Millstein | Medium |
| Vendor | pom | developer org | University of Washington | Medium |
| Vendor | pom | developer org URL | https://www.cs.washington.edu/ | Medium |
| Vendor | pom | groupid | org.checkerframework | Highest |
| Vendor | pom | name | Checker Qual | High |
| Vendor | pom | url | https://checkerframework.org/ | Highest |
| Product | file | name | checker-qual | High |
| Product | jar | package name | checker | Highest |
| Product | jar | package name | checkerframework | Highest |
| Product | jar | package name | framework | Highest |
| Product | jar | package name | qual | Highest |
| Product | Manifest | Bundle-Name | checker-qual | Medium |
| Product | Manifest | bundle-symbolicname | checker-qual | Medium |
| Product | Manifest | implementation-url | https://checkerframework.org | Low |
| Product | pom | artifactid | checker-qual | Highest |
| Product | pom | developer email | mernst@cs.washington.edu | Low |
| Product | pom | developer email | smillst@cs.washington.edu | Low |
| Product | pom | developer id | mernst | Low |
| Product | pom | developer id | smillst | Low |
| Product | pom | developer name | Michael Ernst | Low |
| Product | pom | developer name | Suzanne Millstein | Low |
| Product | pom | developer org | University of Washington | Low |
| Product | pom | developer org URL | https://www.cs.washington.edu/ | Low |
| Product | pom | groupid | org.checkerframework | Highest |
| Product | pom | name | Checker Qual | High |
| Product | pom | url | https://checkerframework.org/ | Medium |
| Version | file | version | 3.54.0 | High |
| Version | Manifest | Bundle-Version | 3.54.0 | High |
| Version | Manifest | Implementation-Version | 3.54.0 | High |
| Version | pom | version | 3.54.0 | Highest |
- pkg:maven/org.checkerframework/checker-qual@3.54.0
(Confidence:High)
error_prone_annotations-2.48.0.jar
Description:
Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time.
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.48.0\error_prone_annotations-2.48.0.jar
MD5: 5eba47749e8c9d5335cbbc5963300607
SHA1: bbe30942a31d1778c74cb272321267eca82dc708
SHA256:b49c5c958316ed67a09c699dda9aa749caf434d51d863dea599ef36a49b9c855
Referenced In Project/Scope: apache-ant:provided
error_prone_annotations-2.48.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | error_prone_annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | errorprone | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | Manifest | build-jdk-spec | 21 | Low |
| Vendor | Manifest | bundle-docurl | https://errorprone.info/error_prone_annotations | Low |
| Vendor | Manifest | bundle-symbolicname | com.google.errorprone.annotations | Medium |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | error_prone_annotations | Highest |
| Vendor | pom | artifactid | error_prone_annotations | Low |
| Vendor | pom | groupid | com.google.errorprone | Highest |
| Vendor | pom | name | error-prone annotations | High |
| Vendor | pom | parent-artifactid | error_prone_parent | Low |
| Product | file | name | error_prone_annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | errorprone | Highest |
| Product | jar | package name | google | Highest |
| Product | Manifest | build-jdk-spec | 21 | Low |
| Product | Manifest | bundle-docurl | https://errorprone.info/error_prone_annotations | Low |
| Product | Manifest | Bundle-Name | error-prone annotations | Medium |
| Product | Manifest | bundle-symbolicname | com.google.errorprone.annotations | Medium |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | error_prone_annotations | Highest |
| Product | pom | groupid | com.google.errorprone | Highest |
| Product | pom | name | error-prone annotations | High |
| Product | pom | parent-artifactid | error_prone_parent | Medium |
| Version | file | version | 2.48.0 | High |
| Version | Manifest | Bundle-Version | 2.48.0 | High |
| Version | pom | version | 2.48.0 | Highest |
- pkg:maven/com.google.errorprone/error_prone_annotations@2.48.0
(Confidence:High)
j2objc-annotations-3.1.jar
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.1\j2objc-annotations-3.1.jar
MD5: abe8bd3abff622b9a8b15c3a737aa741
SHA1: a892ca9507839bbdb900d64310ac98256cab992f
SHA256:84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b
Referenced In Project/Scope: apache-ant:provided
j2objc-annotations-3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | j2objc-annotations | High |
| Vendor | jar | package name | annotations | Highest |
| Vendor | jar | package name | google | Highest |
| Vendor | jar | package name | j2objc | Highest |
| Vendor | Manifest | build-jdk-spec | 22 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | j2objc-annotations | Highest |
| Vendor | pom | artifactid | j2objc-annotations | Low |
| Vendor | pom | developer email | tball@google.com | Low |
| Vendor | pom | developer id | tomball | Medium |
| Vendor | pom | developer name | Tom Ball | Medium |
| Vendor | pom | developer org | Google | Medium |
| Vendor | pom | developer org URL | https://www.google.com | Medium |
| Vendor | pom | groupid | com.google.j2objc | Highest |
| Vendor | pom | name | J2ObjC Annotations | High |
| Vendor | pom | url | google/j2objc/ | Highest |
| Product | file | name | j2objc-annotations | High |
| Product | jar | package name | annotations | Highest |
| Product | jar | package name | google | Highest |
| Product | jar | package name | j2objc | Highest |
| Product | Manifest | build-jdk-spec | 22 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | j2objc-annotations | Highest |
| Product | pom | developer email | tball@google.com | Low |
| Product | pom | developer id | tomball | Low |
| Product | pom | developer name | Tom Ball | Low |
| Product | pom | developer org | Google | Low |
| Product | pom | developer org URL | https://www.google.com | Low |
| Product | pom | groupid | com.google.j2objc | Highest |
| Product | pom | name | J2ObjC Annotations | High |
| Product | pom | url | google/j2objc/ | High |
| Version | file | version | 3.1 | High |
| Version | pom | version | 3.1 | Highest |
- pkg:maven/com.google.j2objc/j2objc-annotations@3.1
(Confidence:High)
jsr305-3.0.2.jar
Description:
JSR305 Annotations for Findbugs
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: apache-ant:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | jsr305 | High |
| Vendor | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Vendor | pom | artifactid | jsr305 | Highest |
| Vendor | pom | artifactid | jsr305 | Low |
| Vendor | pom | groupid | com.google.code.findbugs | Highest |
| Vendor | pom | name | FindBugs-jsr305 | High |
| Vendor | pom | url | http://findbugs.sourceforge.net/ | Highest |
| Product | file | name | jsr305 | High |
| Product | Manifest | Bundle-Name | FindBugs-jsr305 | Medium |
| Product | Manifest | bundle-symbolicname | org.jsr-305 | Medium |
| Product | pom | artifactid | jsr305 | Highest |
| Product | pom | groupid | com.google.code.findbugs | Highest |
| Product | pom | name | FindBugs-jsr305 | High |
| Product | pom | url | http://findbugs.sourceforge.net/ | Medium |
| Version | file | version | 3.0.2 | High |
| Version | Manifest | Bundle-Version | 3.0.2 | High |
| Version | pom | version | 3.0.2 | Highest |
- pkg:maven/com.google.code.findbugs/jsr305@3.0.2
(Confidence:High)
lombok-1.18.44.jar: mavenEcjBootstrapAgent.jar
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.44\lombok-1.18.44.jar\lombok\launch\mavenEcjBootstrapAgent.jar
MD5: 99d4e19630a2936991d953330fc0b04f
SHA1: 359faffcbd93e4c825e3eee0e88854d900c2dd77
SHA256:b749ed13b7ee30619334206f84ade583df68183afb83374fbff075ee2ebe83e2
Referenced In Project/Scope: apache-ant:provided
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | mavenEcjBootstrapAgent | High |
| Vendor | jar | package name | launch | Low |
| Vendor | jar | package name | lombok | Low |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Product | file | name | mavenEcjBootstrapAgent | High |
| Product | jar | package name | launch | Low |
| Product | Manifest | can-redefine-classes | true | Low |
lombok-1.18.44.jar
Description:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!
License:
The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.44\lombok-1.18.44.jar
MD5: 7682dbc64a602a58797a323f006be06f
SHA1: 503fd0b002dbb237fa4656cf4b8021666a8aebac
SHA256:c6e91bfdc358bb1efb25ee185e95aaf9b600043e5f81d03bd76aefc01035bf86
Referenced In Project/Scope: apache-ant:provided
lombok-1.18.44.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | lombok | High |
| Vendor | jar | package name | java | Highest |
| Vendor | jar | package name | lombok | Highest |
| Vendor | jar | package name | tostring | Highest |
| Vendor | Manifest | automatic-module-name | lombok | Medium |
| Vendor | Manifest | can-redefine-classes | true | Low |
| Vendor | pom | artifactid | lombok | Highest |
| Vendor | pom | artifactid | lombok | Low |
| Vendor | pom | developer email | reinier@projectlombok.org | Low |
| Vendor | pom | developer email | roel@projectlombok.org | Low |
| Vendor | pom | developer id | rspilker | Medium |
| Vendor | pom | developer id | rzwitserloot | Medium |
| Vendor | pom | developer name | Reinier Zwitserloot | Medium |
| Vendor | pom | developer name | Roel Spilker | Medium |
| Vendor | pom | groupid | org.projectlombok | Highest |
| Vendor | pom | name | Project Lombok | High |
| Vendor | pom | url | https://projectlombok.org | Highest |
| Product | file | name | lombok | High |
| Product | jar | package name | java | Highest |
| Product | jar | package name | lombok | Highest |
| Product | jar | package name | tostring | Highest |
| Product | Manifest | automatic-module-name | lombok | Medium |
| Product | Manifest | can-redefine-classes | true | Low |
| Product | pom | artifactid | lombok | Highest |
| Product | pom | developer email | reinier@projectlombok.org | Low |
| Product | pom | developer email | roel@projectlombok.org | Low |
| Product | pom | developer id | rspilker | Low |
| Product | pom | developer id | rzwitserloot | Low |
| Product | pom | developer name | Reinier Zwitserloot | Low |
| Product | pom | developer name | Roel Spilker | Low |
| Product | pom | groupid | org.projectlombok | Highest |
| Product | pom | name | Project Lombok | High |
| Product | pom | url | https://projectlombok.org | Medium |
| Version | file | version | 1.18.44 | High |
| Version | Manifest | lombok-version | 1.18.44 | Medium |
| Version | pom | version | 1.18.44 | Highest |
- pkg:maven/org.projectlombok/lombok@1.18.44
(Confidence:High)
modernizer-maven-annotations-3.3.0.jar
File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\3.3.0\modernizer-maven-annotations-3.3.0.jar
MD5: b145d6fcbfce8a5556c2d4859490be6b
SHA1: dbe5ac52c78408f6c86d2bc726f90ad6c4c5f09b
SHA256:a6a5b63dc2450922eb7c22e8cee674af0e847a4b2f06f0ff2de183dc8a27c138
Referenced In Project/Scope: apache-ant:provided
modernizer-maven-annotations-3.3.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | modernizer-maven-annotations | High |
| Vendor | jar | package name | gaul | Highest |
| Vendor | Manifest | build-jdk-spec | 25 | Low |
| Vendor | Manifest | multi-release | true | Low |
| Vendor | pom | artifactid | modernizer-maven-annotations | Highest |
| Vendor | pom | artifactid | modernizer-maven-annotations | Low |
| Vendor | pom | groupid | org.gaul | Highest |
| Vendor | pom | name | Modernizer Maven Plugin annotations | High |
| Vendor | pom | parent-artifactid | modernizer-maven-parent | Low |
| Product | file | name | modernizer-maven-annotations | High |
| Product | jar | package name | gaul | Highest |
| Product | Manifest | build-jdk-spec | 25 | Low |
| Product | Manifest | multi-release | true | Low |
| Product | pom | artifactid | modernizer-maven-annotations | Highest |
| Product | pom | groupid | org.gaul | Highest |
| Product | pom | name | Modernizer Maven Plugin annotations | High |
| Product | pom | parent-artifactid | modernizer-maven-parent | Medium |
| Version | file | version | 3.3.0 | High |
| Version | pom | version | 3.3.0 | Highest |
- pkg:maven/org.gaul/modernizer-maven-annotations@3.3.0
(Confidence:High)
spotbugs-annotations-4.9.8.jar
Description:
Annotations the SpotBugs tool supports
License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.9.8\spotbugs-annotations-4.9.8.jar
MD5: d4c2e7bd090be697ad409a4e75684a94
SHA1: ca4a2783a6123e67124fd7feb4caccd2e2ac9a73
SHA256:6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
Referenced In Project/Scope: apache-ant:provided
spotbugs-annotations-4.9.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.ant/apache-ant@1.10.16
Evidence
| Type | Source | Name | Value | Confidence |
|---|
| Vendor | file | name | spotbugs-annotations | High |
| Vendor | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Vendor | Manifest | bundle-requiredexecutionenvironment | JavaSE-1.8 | Low |
| Vendor | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Vendor | pom | artifactid | spotbugs-annotations | Highest |
| Vendor | pom | artifactid | spotbugs-annotations | Low |
| Vendor | pom | developer email | andreas.sewe@codetrails.com | Low |
| Vendor | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Vendor | pom | developer email | loskutov@gmx.de | Low |
| Vendor | pom | developer email | skypencil@gmail.com | Low |
| Vendor | pom | developer id | henrik242 | Medium |
| Vendor | pom | developer id | iloveeclipse | Medium |
| Vendor | pom | developer id | jsotuyod | Medium |
| Vendor | pom | developer id | KengoTODA | Medium |
| Vendor | pom | developer id | mebigfatguy | Medium |
| Vendor | pom | developer id | sewe | Medium |
| Vendor | pom | developer id | ThrawnCA | Medium |
| Vendor | pom | developer name | Andreas Sewe | Medium |
| Vendor | pom | developer name | Andrey Loskutov | Medium |
| Vendor | pom | developer name | Dave Brosius | Medium |
| Vendor | pom | developer name | Juan Martín Sotuyo Dodero | Medium |
| Vendor | pom | developer name | Kengo TODA | Medium |
| Vendor | pom | groupid | com.github.spotbugs | Highest |
| Vendor | pom | name | SpotBugs Annotations | High |
| Vendor | pom | url | https://spotbugs.github.io/ | Highest |
| Product | file | name | spotbugs-annotations | High |
| Product | Manifest | automatic-module-name | com.github.spotbugs.annotations | Medium |
| Product | Manifest | Bundle-Name | spotbugs-annotations | Medium |
| Product | Manifest | bundle-requiredexecutionenvironment | JavaSE-1.8 | Low |
| Product | Manifest | bundle-symbolicname | spotbugs-annotations | Medium |
| Product | pom | artifactid | spotbugs-annotations | Highest |
| Product | pom | developer email | andreas.sewe@codetrails.com | Low |
| Product | pom | developer email | dbrosius@mebigfatguy.com | Low |
| Product | pom | developer email | loskutov@gmx.de | Low |
| Product | pom | developer email | skypencil@gmail.com | Low |
| Product | pom | developer id | henrik242 | Low |
| Product | pom | developer id | iloveeclipse | Low |
| Product | pom | developer id | jsotuyod | Low |
| Product | pom | developer id | KengoTODA | Low |
| Product | pom | developer id | mebigfatguy | Low |
| Product | pom | developer id | sewe | Low |
| Product | pom | developer id | ThrawnCA | Low |
| Product | pom | developer name | Andreas Sewe | Low |
| Product | pom | developer name | Andrey Loskutov | Low |
| Product | pom | developer name | Dave Brosius | Low |
| Product | pom | developer name | Juan Martín Sotuyo Dodero | Low |
| Product | pom | developer name | Kengo TODA | Low |
| Product | pom | groupid | com.github.spotbugs | Highest |
| Product | pom | name | SpotBugs Annotations | High |
| Product | pom | url | https://spotbugs.github.io/ | Medium |
| Version | file | version | 4.9.8 | High |
| Version | Manifest | Bundle-Version | 4.9.8 | High |
| Version | pom | version | 4.9.8 | Highest |
- pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8
(Confidence:High)